s04.mydiv-downloads.net/download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip
51.75.52.14301 Moved Permanently 185 B URL HTTP/1.1 s04.mydiv-downloads.net/download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip
IP 51.75.52.14:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4c555068310076e85908835c721911f5
9ec990aabb4391e139034f68e5e657e0f1d0b74d
568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
Analyzer Verdict Alert fortinet Malware
GET /download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip HTTP/1.1
Host: s04.mydiv-downloads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.2
Date: Thu, 29 Sep 2022 15:28:42 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://s04.mydiv-downloads.net/download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 15:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f4QHgP_AgYbjTnUeKsIFMQq_Nk-CAHm1OLhcPZMidYOiCOuC7zerQA==
Age: 770
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9899
Expires: Thu, 29 Sep 2022 18:13:41 GMT
Date: Thu, 29 Sep 2022 15:28:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Necoi4lM2Qn7v_JL1vFnIbdDlML2Pr1MCYc81-He_F3KEpIzaKh_PA==
age: 36015
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0a6954528d90cbbc8dfc4b9179780e8c
b8daf5bba066d05c537bd28548a97e1709ee256b
4f5653cb52cdd2bbcf582b9b296cd07d319397fc72d32c34ab1bf53ed5eb4bb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F5653CB52CDD2BBCF582B9B296CD07D319397FC72D32C34AB1BF53ED5EB4BB8"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13352
Expires: Thu, 29 Sep 2022 19:11:14 GMT
Date: Thu, 29 Sep 2022 15:28:42 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 15:28:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 14:29:33 GMT
Expires: Thu, 29 Sep 2022 14:43:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6RTeyU0CfPRUJwTjPKeyIF_iWNuT_BnX46j58e3dC3nSlt2dbAgv1g==
Age: 3550
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6015
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:43 GMT
Last-Modified: Thu, 29 Sep 2022 13:48:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.40.161.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.161.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EQPB6g/CwjpKS5umJS08Jg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vXLBtmMbNdWDwy1tMr28i9nnZdQ=
mydiv.net/build/public/images/c141857003053201a2b0239f9c2571a4.svg
54.36.106.111200 OK 3.3 kB URL HTTP/2 mydiv.net/build/public/images/c141857003053201a2b0239f9c2571a4.svg
IP 54.36.106.111:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3315), with no line terminators
Hash c141857003053201a2b0239f9c2571a4
ed829bb667018790d2256bdb84cbc40e910b890d
f4a8a85124370b95447eb9818a3feb3c646f126cf7abd4f80c80605e38b80a10
GET /build/public/images/c141857003053201a2b0239f9c2571a4.svg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/svg+xml
content-length: 3315
last-modified: Wed, 04 May 2022 16:07:08 GMT
etag: "6272a4ac-cf3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Discord.gif
54.36.106.111200 OK 946 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Discord.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 31\012- data
Hash 863bd8be9dbe3fc6ea1c2ebe5e17b0f2
0b8090fa9037490c85fa5bc389e9f89a83540862
0d329bc9801611acea8cda68e2f16de4b07635bf6de752188106e32cc09cb1b1
GET /images/ru/win/icons/Discord.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 946
last-modified: Tue, 30 Aug 2022 10:47:27 GMT
etag: "630deabf-3b2"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/uTorrent.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/uTorrent.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash d8b3a7cb134c0c01d8b730eb52efa445
e5f8e04f40a7149aa1be7256634f86cf370ab7af
8fc5ba6a1a76621176948efd20d396430b35edcbf317d3810750959978d56133
GET /images/ru/win/icons/uTorrent.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1477
last-modified: Mon, 19 Sep 2022 16:18:59 GMT
etag: "63289673-5c5"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/BlueStacks.gif
54.36.106.111200 OK 1.4 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/BlueStacks.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash de4422d577c482189dfe5966c7362737
473e997d0ded39d3ccb1c54f874576c71cc1405f
ad97d0191d465353cb1567a6bd615bc00b95057dfcca9d395feff0b223aba739
GET /images/ru/win/icons/BlueStacks.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1438
last-modified: Thu, 29 Sep 2022 00:11:52 GMT
etag: "6334e2c8-59e"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Zoom.gif
54.36.106.111200 OK 1.7 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Zoom.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash f016ef461c4b5d433f2b75874a3fa9f0
84ca32cbbbdc8e3a4ad052bd9e4ed243ec0f0ceb
ada6433e29568a6e2f031cfda2ff1ecac2a620bdfd9bba799fe463790cc1f83c
GET /images/ru/win/icons/Zoom.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1713
last-modified: Mon, 26 Sep 2022 21:18:42 GMT
etag: "63321732-6b1"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/MediaGet.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/MediaGet.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash b69d7ccb1c036103aaf41086187b37fa
3cec81950db96a58ac7da7a216777c18f960ce0a
2c6ad5f94a93e5a49e305505f95e65e356d1f5e669a101e5a34d31715369ac2d
GET /images/ru/win/icons/MediaGet.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1589
last-modified: Mon, 13 Jun 2022 09:32:04 GMT
etag: "62a70414-635"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Zona.gif
54.36.106.111200 OK 485 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Zona.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash af31d9cab2614849c9f71f67744d5fe3
51ce21cafb25e407da959bfee9c4a1fbdc1fc0ec
885f59f4d86f36d1387042f418bc9dab60afa57f30c91b62b1492f96bc0dea72
GET /images/ru/win/icons/Zona.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 485
last-modified: Wed, 17 Feb 2021 17:54:03 GMT
etag: "602d583b-1e5"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/WinRAR.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/WinRAR.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 31\012- data
Hash de072b93dbf65068ccfc9a91e722ae90
51e63f9279c737c782e9fce4d1991a2286eb1b65
5c45b14e029d2c8e7aff98121b8a5866706cda5dc40336b6b20654d177db8060
GET /images/ru/win/icons/WinRAR.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1484
last-modified: Sat, 14 May 2022 06:43:23 GMT
etag: "627f4f8b-5cc"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/CCleaner.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/CCleaner.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 28ecdadc6ce55c1c52937fe69634148f
53a1e07d37c4f4e940dcf928f071e1e9698cef5c
56d76d2683ce1d3285094a26ba0150346ff128fb922e3d3a7ec74c22017f563b
GET /images/ru/win/icons/CCleaner.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1626
last-modified: Tue, 20 Sep 2022 12:59:01 GMT
etag: "6329b915-65a"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Steam.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Steam.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 86c651e4629614e6c3d484025d31ec96
83f4de4ac00b8ef3d089d7c62eb7ef477bb1a033
e5fea4599e64d0132ca47ae960c3d792c3a1ab958544e69e8a36db71dc4b13f0
GET /images/ru/win/icons/Steam.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1464
last-modified: Sat, 24 Sep 2022 15:42:14 GMT
etag: "632f2556-5b8"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Rufus.gif
54.36.106.111200 OK 860 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Rufus.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 8c927578b093422fe11e609f10c18aca
1a31f0fa6b91abbf0c7e64aa6e492992dec8fd8a
13c092b93de3bea603c7c63360af929d4f4afd3440c0a96fe24bce927e0dc62b
GET /images/ru/win/icons/Rufus.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 860
last-modified: Thu, 04 Aug 2022 08:36:46 GMT
etag: "62eb851e-35c"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/UltraISO-PE.gif
54.36.106.111200 OK 1.7 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/UltraISO-PE.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash f31881c998b0af01243f70cb5a1aedfc
56fdc0caa5991515922c15e3dcc4ac00cb8ca6b7
ff4e38c415472a6ecfae02ae03de9e293afe24fc84569298ffb0565fa773ea65
GET /images/ru/win/icons/UltraISO-PE.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1689
last-modified: Thu, 14 Jul 2022 18:06:37 GMT
etag: "62d05b2d-699"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/7-Zip.gif
54.36.106.111200 OK 401 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/7-Zip.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 769824aa176b2636b1640c3d60afb524
655c4f97e6b7fa6fe12a8ed27da7e4bcdb0a6de9
f191b1e3ef1e66445d0dc5e296ef0009d67a49f4a13cc146a692bd8d48c43721
GET /images/ru/win/icons/7-Zip.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 401
last-modified: Sat, 16 Jul 2022 17:26:25 GMT
etag: "62d2f4c1-191"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Yandex-Browser.gif
54.36.106.111200 OK 929 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Yandex-Browser.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 31\012- data
Hash 9833effb5dd42a027e756f796ddf4cfe
9e99332744c5484e396a029a9d34bf957dff3f73
2ebe442f30652b6c67329d1db561f07da3f941f78e687ecedd11c12c6accd16a
GET /images/ru/win/icons/Yandex-Browser.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 929
last-modified: Wed, 28 Sep 2022 03:58:35 GMT
etag: "6333c66b-3a1"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Adobe-Animate.gif
54.36.106.111200 OK 964 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Adobe-Animate.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 11c35a7e206514cf071c7ad75efee9a6
946062bc95112ae2b7e73a5e33d0a2884d983e34
bc9b9bd0ac35ac4b52ffa722f3d649901b7ce7aa6b08b58e6c1eb5c8865fd075
GET /images/ru/win/icons/Adobe-Animate.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 964
last-modified: Wed, 24 Aug 2022 14:25:20 GMT
etag: "630634d0-3c4"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Adobe-Audition.gif
54.36.106.111200 OK 1.0 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Adobe-Audition.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 84cfb69793f19552fdda4e7ff93ff571
b74176c770ae2a5e7591cf0c220c2031394e343a
c24f8c26889b7da66bd9992ca444eff598d2480c066559b6a9883a285f095b8b
GET /images/ru/win/icons/Adobe-Audition.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1014
last-modified: Wed, 24 Aug 2022 16:09:40 GMT
etag: "63064d44-3f6"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/OBS-Studio.gif
54.36.106.111200 OK 1.0 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/OBS-Studio.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 475687f8d9f500bd84aff0051af75dc0
747eb724c7cd54c9cc583ec2eb034a04accb7cef
4a3f1eb3b4744aff569d957dc76c416a56e1c0ee1529ee487b5af81bf5e60570
GET /images/ru/win/icons/OBS-Studio.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1023
last-modified: Fri, 23 Sep 2022 12:43:07 GMT
etag: "632da9db-3ff"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Adobe-Premiere-Elements.gif
54.36.106.111200 OK 951 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Adobe-Premiere-Elements.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash c669a14a9454b8a8643b13fb8f74b640
5c6382c7e0f4e9c05bfd0cecadc2f840d74e5c75
9221552df3151ee26a9a32772074e8ed4b304e67bc84cbcacaccce82306d8320
GET /images/ru/win/icons/Adobe-Premiere-Elements.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 951
last-modified: Thu, 29 Sep 2022 04:15:07 GMT
etag: "63351bcb-3b7"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Zotero.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Zotero.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 46c53f1015b9b514b6c42b8821a2dfec
656e5439c0fc49b4e23dafc9343a93a2c8e7be36
eab9e220b24d6d736a4dc67e452578c51d14c826601b7c524029d8079dda93a4
GET /images/ru/win/icons/Zotero.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1548
last-modified: Thu, 29 Sep 2022 04:06:25 GMT
etag: "633519c1-60c"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Nox-App-Player.gif
54.36.106.111200 OK 1.4 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Nox-App-Player.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 31\012- data
Hash de28e88d27fecce1a6bcb4f931247a38
7f01810501db369d4a259f7207364458f3bc4dae
83c51e73d962dd7545e6c09555927159d18fec64fed721121a54736037fe2485
GET /images/ru/win/icons/Nox-App-Player.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1392
last-modified: Thu, 29 Sep 2022 03:55:47 GMT
etag: "63351743-570"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Ant-Download-Manager.gif
54.36.106.111200 OK 1.4 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Ant-Download-Manager.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash cb46014803fbea88b17ee1fa7cb2c093
cd3fc0d8983e727a8b419895ab67dfaa159d3c91
a022ce9b8840f0af0d73c775ed645668bdf5f5249f71d415670eb39a64caa634
GET /images/ru/win/icons/Ant-Download-Manager.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1433
last-modified: Thu, 29 Sep 2022 03:48:31 GMT
etag: "6335158f-599"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Highlight.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Highlight.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 75a98c53a249b22d4708366a83874f58
027e3933c56e82d59274ba821027143100b1edbf
f68f36a6388e97a0d1b8ef42bae5afcfbe3f9650f74e0ac9ddfcdeabfce10497
GET /images/ru/win/icons/Highlight.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1601
last-modified: Thu, 29 Sep 2022 03:45:10 GMT
etag: "633514c6-641"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/NVDA.gif
54.36.106.111200 OK 478 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/NVDA.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 1bcbbea3c46aca1b2ba49ecb468ab114
280623de88104bf2834811c47efd70322ce71462
0099ca9fef81d2866603f032c1ccf60b8180ce9caf0a58e55874697438663b3b
GET /images/ru/win/icons/NVDA.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 478
last-modified: Thu, 29 Sep 2022 03:44:06 GMT
etag: "63351486-1de"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Fotor.gif
54.36.106.111200 OK 1.4 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Fotor.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 1562f609772689551be57e277869670c
8c9666620d9a4eba964b1c725dfd9a3b12c2dc85
2eb947f4b06524d24e02cd52f8882d356522ba36c87b137843a15731542835ba
GET /images/ru/win/icons/Fotor.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1419
last-modified: Thu, 29 Sep 2022 03:33:21 GMT
etag: "63351201-58b"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Notepad-plus-plus.gif
54.36.106.111200 OK 1.4 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Notepad-plus-plus.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 238b61c77e8c37a437f5f01ff182c75c
76e693bbdf690bdecf6b6394a72f9db3baf2c2ba
c53825dde894e324d025f74ed1f0e50c23faa08953721da58c55fd7b9334707d
GET /images/ru/win/icons/Notepad-plus-plus.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1373
last-modified: Thu, 29 Sep 2022 03:30:13 GMT
etag: "63351145-55d"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Awesome-Screenshot.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Awesome-Screenshot.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 81b4e81122fda5117f01b919f217d931
1b18947ba17054a60169317a6350c812f36298ff
47d62ead00a91dde76b0881c4b02f67aa914cd34af0270e044badfb0fb5d5f7c
GET /images/ru/win/icons/Awesome-Screenshot.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1603
last-modified: Thu, 29 Sep 2022 03:13:22 GMT
etag: "63350d52-643"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Cisco-Webex-Meetings.gif
54.36.106.111200 OK 1.7 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Cisco-Webex-Meetings.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 15d2f324d448cc4f35be328a51333e86
a062d7cce366b2fc052776435267f09d87134fbb
fa5665bf8439e3016c9842d2e8464452d6762d1d67e9856378386498c1770539
GET /images/ru/win/icons/Cisco-Webex-Meetings.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1656
last-modified: Thu, 29 Sep 2022 03:09:38 GMT
etag: "63350c72-678"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Manycam.gif
54.36.106.111200 OK 1.7 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Manycam.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 2ba7eaf175be2eb1388a7aa1dc954bf4
bceb63df90078300f9d4f213f123857ff3155ba5
fd0484cae81536adbabe647a7031ab5be5ee80c69e851857a4206193e37c69bd
GET /images/ru/win/icons/Manycam.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1705
last-modified: Thu, 29 Sep 2022 03:03:37 GMT
etag: "63350b09-6a9"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/SEO-SpyGlass.gif
54.36.106.111200 OK 1.4 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/SEO-SpyGlass.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 2a11d0fab61249dfb6e4ca0f730b2edf
f781874c0c3c71db9bb65ed41f7345e6225e13ba
8e0a28a330c2bbc6713b6eb9ce4be11f3e92e6a4c6ba26a3cc0cda289323124b
GET /images/ru/win/icons/SEO-SpyGlass.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1404
last-modified: Thu, 29 Sep 2022 02:58:19 GMT
etag: "633509cb-57c"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/PRO32-Total-Security.gif
54.36.106.111200 OK 848 B URL HTTP/2 soft.mydiv.net/images/ru/win/icons/PRO32-Total-Security.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash f9f9b152e278ee39af072c7c2e859c3d
5dd5b28438b2fc167d2b6bf4b1ec793b4acdf187
c5d4f6140c445842db62d99db31866ac02b944e818f238573068acd765bc9188
GET /images/ru/win/icons/PRO32-Total-Security.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 848
last-modified: Wed, 14 Sep 2022 17:33:56 GMT
etag: "63221084-350"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Microsoft-Excel.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Microsoft-Excel.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 30\012- data
Hash a63dd04869627f71db400d73a27b5ca0
dac47496dcf93653fdd2ae8d79ca63d084f6ae66
bb2072bf390060645aeabe023cf3b3dc5c30a85d4be46accaa4874a4186cfd41
GET /images/ru/win/icons/Microsoft-Excel.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1619
last-modified: Thu, 05 May 2022 21:51:54 GMT
etag: "627446fa-653"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Microsoft-Word.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Microsoft-Word.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 6c8bbb19f01d93c146b12b544eb16262
2819fd34886e161fde3f7b3015c08304cf213798
b5c6cf5d91ab028b95a9007a84317bfbf9699806351edf3ccbdc92ccb0a58bc5
GET /images/ru/win/icons/Microsoft-Word.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1640
last-modified: Thu, 05 May 2022 20:00:12 GMT
etag: "62742ccc-668"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/AdGuard-VPN.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/AdGuard-VPN.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 940d8a94d991a9e988a36281e5952035
419b12a90557636f6e9f2114fc86a0368d5a55e4
8b040e4d326df30674cc378b526329bd2a12f1da1fc50e8c962a2a7929bceceb
GET /images/ru/win/icons/AdGuard-VPN.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1484
last-modified: Fri, 16 Sep 2022 11:13:15 GMT
etag: "63245a4b-5cc"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/R7-Office.gif
54.36.106.111200 OK 1.7 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/R7-Office.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 1499cbae0c5daf1847cb5c434bfa7566
132fbdcac2baf80287d427fe49ece5dd4720baab
32c75cce2d6ec258c4c1448621cb4b6f1eaa0b771bfca72075069af4cae2de01
GET /images/ru/win/icons/R7-Office.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1694
last-modified: Thu, 17 Mar 2022 13:37:40 GMT
etag: "623339a4-69e"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/MyOffice.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/MyOffice.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 3d2b9a92a2e317fe7a7686045416148a
9425c7683f8a355faca109b40b17190a9c86c294
118eb30dc6afaff9364a4ff71a3a5bd598d390b8d469fc43c304cac39a18560f
GET /images/ru/win/icons/MyOffice.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1490
last-modified: Tue, 15 Mar 2022 11:26:53 GMT
etag: "623077fd-5d2"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Telamon-Cleaner.gif
54.36.106.111200 OK 1.6 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Telamon-Cleaner.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash f9bf9be5e6b7befa2aa9a9ccf47e87d9
62ca7e70e430a625a9526541df18db4219dd8ea5
04eae19badca734312ed80cb0fcc2faf01baff045d6a6a5e6905daf13e9f00f6
GET /images/ru/win/icons/Telamon-Cleaner.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1626
last-modified: Sun, 06 Mar 2022 02:40:04 GMT
etag: "62241f04-65a"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Armoury-Crate.gif
54.36.106.111200 OK 1.8 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Armoury-Crate.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 88fe56a42c5999a0142b18179303f9a7
de0d7811d886843fc98d2c97047d725e972947ee
4ea7b4443569a3ceab9d4e4b359f4a01d924846e00e617bd0045f3cbc65afc04
GET /images/ru/win/icons/Armoury-Crate.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1766
last-modified: Wed, 19 Jan 2022 00:31:37 GMT
etag: "61e75be9-6e6"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/HyperX-NGENUITY.gif
54.36.106.111200 OK 1.8 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/HyperX-NGENUITY.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash e8cf700f2ff4a4b559134d26b3fa849c
70dc81bfb5652933be51348263ea0ff258fd3998
e1d4a698910912f734df70d9aa9fe5e210c0a8cd6b62f5e740de8a20ff97ccdf
GET /images/ru/win/icons/HyperX-NGENUITY.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1768
last-modified: Tue, 23 Aug 2022 08:39:22 GMT
etag: "6304923a-6e8"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/NVIDIA-GeForce-Now.gif
54.36.106.111200 OK 1.8 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/NVIDIA-GeForce-Now.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash b50affa05a63f1ea8339f1f69533ad72
d80325990b6742c14f67044dacb3f581a67f9e3b
c197af37f8be5741c380b74550ad3635a655772a6e369f2791cec30d8270db99
GET /images/ru/win/icons/NVIDIA-GeForce-Now.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1812
last-modified: Wed, 14 Sep 2022 19:39:49 GMT
etag: "63222e05-714"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Microsoft-Office-2021.gif
54.36.106.111200 OK 1.5 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Microsoft-Office-2021.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash 8c836563ea095a56c60cc1db682ba1a6
9a10d5fc1962be84941e283e178a41251c31a491
9581d845d05fa8ec32b01da9732f7ee7da556fbe271677d3e9c2947b6e74172b
GET /images/ru/win/icons/Microsoft-Office-2021.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1539
last-modified: Sun, 26 Dec 2021 15:18:26 GMT
etag: "61c887c2-603"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
soft.mydiv.net/images/ru/win/icons/Figma.gif
54.36.106.111200 OK 1.8 kB URL HTTP/2 soft.mydiv.net/images/ru/win/icons/Figma.gif
IP 54.36.106.111:0
File type GIF image data, version 87a, 32 x 32\012- data
Hash bc0180a815e6d63d70b2262def7bb0f0
399eab7ec86e08b41691e57bc21e1049b76db3a6
ecd0a19ce6d26ba03550870b6f42f40e4d289c6d5e842ed4ac0819e0ad2de0e4
GET /images/ru/win/icons/Figma.gif HTTP/1.1
Host: soft.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/gif
content-length: 1809
last-modified: Tue, 05 Apr 2022 21:47:49 GMT
etag: "624cb905-711"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28443_small.jpg
54.36.106.111200 OK 11 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28443_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 190x190, components 3\012- data
Hash f4ec2e491cb08ddfd682c6cd84016776
770bf22857645bdd9b2f2a1734918e61b631ca88
32e8fd76c4526bf9dd630f9583a639d5811fa58c766c04da2695a9094def1324
GET /images/arts/ru/screens/28443_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 11279
last-modified: Sun, 18 Sep 2022 15:01:21 GMT
etag: "632732c1-2c0f"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28442_small.jpg
54.36.106.111200 OK 17 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28442_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 190x190, components 3\012- data
Hash 15828d360118366377b1419104814af3
8390a95680252e9d4672ec9bd26a9c7ca202d573
b7c45767f2d7c5c9af1b2b0704b7315c4e62dd0fcf6d22b7590730b084e0e03f
GET /images/arts/ru/screens/28442_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 17075
last-modified: Wed, 07 Sep 2022 00:36:28 GMT
etag: "6317e78c-42b3"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28441_small.jpg
54.36.106.111200 OK 158 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28441_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Macintosh), datetime=2022:07:28 14:01:21], baseline, precision 8, 190x190, components 3\012- data
Size 158 kB (158511 bytes)
Hash 5a4c909ce1a53b3780a8ae729ba2c585
326540caaedad3bd2c782e849b3db910af033783
2c8cfe2cb61febb869cdd0b2afbe6a2df57b3783629dbc18fc61e2de76de9e10
GET /images/arts/ru/screens/28441_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 158511
last-modified: Wed, 31 Aug 2022 14:02:00 GMT
etag: "630f69d8-26b2f"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28440_small.jpg
54.36.106.111200 OK 20 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28440_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 34e6b9f5686d42f769d65da3c703afb3
be3eb1eb6a659519f7d97ded63d51853519454cd
499a3a807b45a524e1d1d9ace22de433c7b91ce04db2d24a411b0e45fc034245
GET /images/arts/ru/screens/28440_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 20282
last-modified: Sun, 14 Aug 2022 14:14:16 GMT
etag: "62f90338-4f3a"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28439_small.jpg
54.36.106.111200 OK 15 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28439_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 190x190, components 3\012- data
Hash 70a04d63129725567c2182f64f0d1af1
bd3ac462016f4eaa9d40a45842bca46b37bf1e9b
f85c61c2615cfa6524e9956c840a2a424940fac22d252c711ee639b01c785535
GET /images/arts/ru/screens/28439_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 14905
last-modified: Sat, 30 Jul 2022 22:51:54 GMT
etag: "62e5b60a-3a39"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28438_small.jpg
54.36.106.111200 OK 7.0 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28438_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 3009c49202998ab4cd1216520a8cc819
2fb13ed4c45430c3b4c9ccaeeb55da24c2caf748
5faeae1034449278fe2ef1e5965b3406d7225272a3d0b192ca04c47b0f0418d2
GET /images/arts/ru/screens/28438_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 6953
last-modified: Tue, 12 Jul 2022 21:13:06 GMT
etag: "62cde3e2-1b29"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28436_small.jpg
54.36.106.111200 OK 11 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28436_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 190x190, components 3\012- data
Hash e9a1e586d89757c51c435f35fb623c99
191e70d270b703136a23a0b700332cf701038887
023b908efcb5a0d08961b40e16d0b8c06e0d3a69e08fe369d1b2f8f062da03d5
GET /images/arts/ru/screens/28436_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 11359
last-modified: Fri, 01 Jul 2022 02:45:56 GMT
etag: "62be5fe4-2c5f"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28435_small.jpg
54.36.106.111200 OK 12 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28435_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 8cdac03ec87f15dd49806715294e3f73
ff0b7b256ef5fa2a5df52fad7bac3fbdeaa97e62
086eae1521a24aca3be7bb07a27d76520cc09081c8d8e3708cb34e382c5cb26e
GET /images/arts/ru/screens/28435_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 11529
last-modified: Wed, 01 Jun 2022 02:36:31 GMT
etag: "6296d0af-2d09"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28433_small.jpg
54.36.106.111200 OK 15 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28433_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 43707607b0b610e3b0e8978627b6745e
64c80a94ca4173efbce299440f3dd294f198dc9b
193f60af8fa128a5853a3aeb7f2391a44335f7dbdc06ec29a82c858e0569035e
GET /images/arts/ru/screens/28433_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 14838
last-modified: Fri, 27 May 2022 19:21:56 GMT
etag: "629124d4-39f6"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/images/arts/ru/screens/28431_small.jpg
54.36.106.111200 OK 5.9 kB URL HTTP/2 mydiv.net/images/arts/ru/screens/28431_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 1f139366218171a59963f89b6a1c69c6
eed18bcf840e13bc9b8cfc305aed57a5863c2641
a548f0fce9e66acee3b869e94cf6d00d714aac57a8eb68ed8628f5bdde5982a6
GET /images/arts/ru/screens/28431_small.jpg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 5932
last-modified: Tue, 03 May 2022 03:45:37 GMT
etag: "6270a561-172c"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/build/public/images/c539cc4109c4ed80ec05cb5812112d1c.png
54.36.106.111200 OK 1.8 kB URL HTTP/2 mydiv.net/build/public/images/c539cc4109c4ed80ec05cb5812112d1c.png
IP 54.36.106.111:0
File type PNG image data, 117 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash c539cc4109c4ed80ec05cb5812112d1c
e54ad527d32113957d3c6fbc42f5dee7cf2a15f5
3abcf0a2a296461fb1cf4584d08a2a9afdbd0c0861a7211ab6f53fc64f8fe83a
GET /build/public/images/c539cc4109c4ed80ec05cb5812112d1c.png HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/png
content-length: 1770
last-modified: Mon, 18 Apr 2022 09:56:46 GMT
etag: "625d35de-6ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72461_small.jpg
54.36.106.111200 OK 8.1 kB URL HTTP/2 games.mydiv.net/images/screens/72461_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash ebd753b3d4ce1a16fe861fab2ede51f4
69f60ca1a2a070541cb44b6bfac89961a6dd5a75
080242fe4bf45120f9ec74c7a1e2516a31069c918f6f926fbff2d69a1692e980
GET /images/screens/72461_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 8056
last-modified: Wed, 21 Sep 2022 02:10:51 GMT
etag: "632a72ab-1f78"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72456_small.jpg
54.36.106.111200 OK 4.8 kB URL HTTP/2 games.mydiv.net/images/screens/72456_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 1315c02c0e96c35ca2e051dc9d95664c
bb864308628da9bc136d0dbaf3e9b121087ec2d9
9c4e096b7afe94c3dc4e31102e6a480cf42243260fcd2fc598762fc866d5618d
GET /images/screens/72456_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 4790
last-modified: Sun, 18 Sep 2022 15:26:53 GMT
etag: "632738bd-12b6"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72451_small.jpg
54.36.106.111200 OK 15 kB URL HTTP/2 games.mydiv.net/images/screens/72451_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash e08b5350ba747049494dedeb4ab7c409
133fe8624e0fbea168dc2187cdb0f2bf879be302
56f98fc1eaca77842715b4ecdd5d9c459d4f2462ba7b264fcf5635cbe2089b69
GET /images/screens/72451_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 15208
last-modified: Wed, 07 Sep 2022 10:25:01 GMT
etag: "6318717d-3b68"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72446_small.jpg
54.36.106.111200 OK 19 kB URL HTTP/2 games.mydiv.net/images/screens/72446_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash becf70ae12a63a8b4f7305914437817b
4d3bafa9331869fbfdcd18a14ce1add3846c51e2
9344865484ed02dc880b48b8c7bb4fed21f7ddfb567435a18d106ace42d2f3ac
GET /images/screens/72446_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 18858
last-modified: Wed, 31 Aug 2022 21:09:08 GMT
etag: "630fcdf4-49aa"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72441_small.jpg
54.36.106.111200 OK 16 kB URL HTTP/2 games.mydiv.net/images/screens/72441_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 981fb09b10326cf19860686cba20d62b
3272ac38c136d7fde4c092e290c0d57c9c98898f
6081e6cc87c64b11e834b68253ec47d8fc9f0244b400239c309f7b38128b70cd
GET /images/screens/72441_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 16506
last-modified: Wed, 31 Aug 2022 19:53:33 GMT
etag: "630fbc3d-407a"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/69355_small.jpg
54.36.106.111200 OK 8.7 kB URL HTTP/2 games.mydiv.net/images/screens/69355_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash da504253ef75615ad9551c23b3224ab3
bcf2ff423726b8fc20e47ba37e279d1caf394298
c9f6c74d478b6789721f4f48f6f5172f5c12bbf1c625f208ad0956e8261b4874
GET /images/screens/69355_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 8695
last-modified: Wed, 29 Jan 2014 07:26:01 GMT
etag: "52e8ad09-21f7"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72436_small.jpg
54.36.106.111200 OK 42 kB URL HTTP/2 games.mydiv.net/images/screens/72436_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2018:05:24 13:23:29], baseline, precision 8, 190x190, components 3\012- data
Hash da4f1a1a276a3cba9f2e4c6ced162bed
39747794e91bb5c28bc0c142b9a8b4a41b9c1145
5ff179cb0e8850322ed07d57557b90f06f89cc8bf5c136a39fd55dcd0ae77367
GET /images/screens/72436_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 41580
last-modified: Mon, 01 Aug 2022 22:55:02 GMT
etag: "62e859c6-a26c"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72431_small.jpg
54.36.106.111200 OK 13 kB URL HTTP/2 games.mydiv.net/images/screens/72431_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 190x190, components 3\012- data
Hash 9262693359ca010d9869324983093a9e
f2a56b167c5fb02f345c61b6ddcb0867903cafd2
185302a190084fdf60ccc34ba5ac4c6d957959742f449d4d00768770e5d69a9c
GET /images/screens/72431_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 12705
last-modified: Mon, 01 Aug 2022 20:24:12 GMT
etag: "62e8366c-31a1"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
games.mydiv.net/images/screens/72426_small.jpg
54.36.106.111200 OK 16 kB URL HTTP/2 games.mydiv.net/images/screens/72426_small.jpg
IP 54.36.106.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 190x190, components 3\012- data
Hash 89a6c99ddbd2dcb73f9bccd2a941034b
3fe94e06e942581157b04547c603472105b40c42
db0966d704032843c63c1cfbb8b658b77d9eec829c4e25f2da2c0d94e0411fca
GET /images/screens/72426_small.jpg HTTP/1.1
Host: games.mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/jpeg
content-length: 16260
last-modified: Sun, 31 Jul 2022 11:48:00 GMT
etag: "62e66bf0-3f84"
expires: Sat, 29 Oct 2022 15:28:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/build/public/images/e7812d5843d1bdde5f676ec192619596.png
54.36.106.111200 OK 4.9 kB URL HTTP/2 mydiv.net/build/public/images/e7812d5843d1bdde5f676ec192619596.png
IP 54.36.106.111:0
File type PNG image data, 450 x 45, 8-bit colormap, non-interlaced\012- data
Hash e7812d5843d1bdde5f676ec192619596
33f68a6af0085917a61ec1a04ab007dbc0036afe
ddfe30fde5e1c5bb5b65fc54e21b59ed54c2df16c3a907909a0fba08c027acad
GET /build/public/images/e7812d5843d1bdde5f676ec192619596.png HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/build/public/styles/site.mydiv.css?ver=a95eb927769ae313b1a4
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: image/png
content-length: 4885
last-modified: Mon, 18 Apr 2022 09:56:46 GMT
etag: "625d35de-1315"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 033e9c00dfd7c059f1bdef095e090c95
3d2ae4c5be8d2278ccbc3ad918960b88579a3abd
8217c2c21cb0961523c529faf6582a341617e83e4cd01bd64c8715765551299b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 033e9c00dfd7c059f1bdef095e090c95
3d2ae4c5be8d2278ccbc3ad918960b88579a3abd
8217c2c21cb0961523c529faf6582a341617e83e4cd01bd64c8715765551299b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 84 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 5df383641efa0a3ba4302c7fec8d6394
f0cec22d20f41110ab644ee246201cb8787379b0
10fb3cdc6d2cbc33aa86bd81a8325449c04d227555a8a9f504deb8cfb0f16e91
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.245.0
x-jsd-version-type: version
etag: W/"33a2f-8LAWo/m1uPKVR6/desBN4giRHHM"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 15:28:43 GMT
age: 22668
x-served-by: cache-fra19130-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83822
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2
142.250.74.163200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 10412, version 1.0\012- data
Hash f9f3b19c02acf071e57b965bed8f3b02
3dbfd06b63517d349a70537269e6d4dbe6fcaec5
56e65b34594acd80db8f7c4eed23b846cc39e2207d2a8166208bd81c020b9fdd
GET /s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 05:49:37 GMT
expires: Wed, 27 Sep 2023 05:49:37 GMT
cache-control: public, max-age=31536000
age: 207546
last-modified: Thu, 01 Apr 2021 22:06:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22920, version 1.0\012- data
Hash 70487f355d22aef7eee8f36bca4d03b8
9ffd6785eeaad33637a9c1be6a0c208f346e134e
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
GET /s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 05:39:45 GMT
expires: Wed, 27 Sep 2023 05:39:45 GMT
cache-control: public, max-age=31536000
age: 208139
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 5ff187552ec8679d7b50b73678c5329c
d69faffbaefa967085648468f56a63f2b7dbb32a
62d86eab8bc3ee7d4f5cfddcb4c77e884fc6e9eed7369e55746384d914d71f90
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 15:28:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FD1C7AF61467BAD3ADD24032BE0557873D1BDED1"
Expires: Fri, 30 Sep 2022 02:00:00 GMT
Last-Modified: Thu, 29 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2531
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7525c0130dd80b45-OSL
mydiv.net/tim/design/favicon/favicon-192x192.png
54.36.106.111200 OK 19 kB URL HTTP/2 mydiv.net/tim/design/favicon/favicon-192x192.png
IP 54.36.106.111:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 70289d57de1e3d2dffeb3c3a85418a9c
673136d7d97ebfea4e16a65b2c356b2f4e4f6067
b4c347b138911ec83090f2af209ae4173a7fce7a5d9b301cf6a90166d5a97f96
GET /tim/design/favicon/favicon-192x192.png HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: image/png
content-length: 18575
last-modified: Tue, 03 May 2022 14:16:08 GMT
etag: "62713928-488f"
expires: Sat, 29 Oct 2022 15:28:44 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
mydiv.net/tim/design/favicon/favicon.min.svg
54.36.106.111200 OK 4.5 kB URL HTTP/2 mydiv.net/tim/design/favicon/favicon.min.svg
IP 54.36.106.111:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4463), with no line terminators
Hash de51b957170a46e23a1a3eaf49df0554
e53b7df07f1b62f7d5b76e8053cd8708ba2d71c2
ca1f1d02dbbb12b24625d69a3a1ee4d61e600fbbde602877b48102b819647220
GET /tim/design/favicon/favicon.min.svg HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: image/svg+xml
content-length: 4463
last-modified: Tue, 03 May 2022 14:16:08 GMT
etag: "62713928-116f"
expires: Sat, 29 Oct 2022 15:28:44 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 033e9c00dfd7c059f1bdef095e090c95
3d2ae4c5be8d2278ccbc3ad918960b88579a3abd
8217c2c21cb0961523c529faf6582a341617e83e4cd01bd64c8715765551299b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9614f0953e42ee2929d2286318d5bf83
50b65951ebd7ca71a864c3dabafecce4cf2bc390
c7da19596f28cfe57d8db43d21297cc201d5a5f74ec894f3919ba0ee59c1242c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
google-analytics.com/analytics.js
216.58.211.4200 OK 20 kB URL HTTP/2 google-analytics.com/analytics.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 15:19:26 GMT
expires: Thu, 29 Sep 2022 17:19:26 GMT
cache-control: public, max-age=7200
age: 558
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2910)
Hash 9e7bcda158cc18c0ab16f3d3367acdaa
276ead16f55e322478cd72d764194f1cd71fd8a6
3382ead1fffb4f59b3a1c2afadd91ed90d3b96a5b63b899790fd3d7e71958e8e
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 29 Sep 2022 15:28:44 GMT
expires: Thu, 29 Sep 2022 15:28:44 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17455970340088497981
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57622
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 845b4fce2e6fbe6d708abbd9e8aad5d5
e876faad62eb15faadf6d7b65c41fba69044a418
8cfd3d9dd33ae431e6be5719ccfa92cecc616eca53c73fd95f5c1c22cefe85f8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 15:28:44 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 03 Oct 2022 13:03:48 GMT
ETag: "e876faad62eb15faadf6d7b65c41fba69044a418"
Last-Modified: Thu, 29 Sep 2022 13:03:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1692
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7525c013ae800b45-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 27257322890ef3cf319be29585e04776
7280fac4e65917dfe6a258ba6db8ba5bbca5723b
33aef056f7f4dd3c8584a7d957e6d322b50e60f3b05ac14bed82d1b2d8a6dee7
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 15:28:44 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 03 Oct 2022 13:06:16 GMT
ETag: "7280fac4e65917dfe6a258ba6db8ba5bbca5723b"
Last-Modified: Thu, 29 Sep 2022 13:06:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2873
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7525c014ffd60b45-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220927/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 29 Sep 2022 01:01:50 GMT
expires: Thu, 13 Oct 2022 01:01:50 GMT
cache-control: public, max-age=1209600
age: 52014
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/52589233?wmode=7&page-url=https%3A%2F%2Fmydiv.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1570%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A977693199539%3Ahid%3A536990009%3Az%3A0%3Ai%3A20220929152841%3Aet%3A1664465321%3Ac%3A1%3Arn%3A827752105%3Arqn%3A1%3Au%3A1664465321360130144%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A37%2C90%2C605%2C1%2C549%2C0%2C%2C202%2C1%2C1%2C1%2C0%2C1563%3Ans%3A1664465319492%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664465321%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/52589233?wmode=7&page-url=https%3A%2F%2Fmydiv.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1570%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A977693199539%3Ahid%3A536990009%3Az%3A0%3Ai%3A20220929152841%3Aet%3A1664465321%3Ac%3A1%3Arn%3A827752105%3Arqn%3A1%3Au%3A1664465321360130144%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A37%2C90%2C605%2C1%2C549%2C0%2C%2C202%2C1%2C1%2C1%2C0%2C1563%3Ans%3A1664465319492%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664465321%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash dd3fd51b7236de3e22c1653367556663
fdf052eb7438899a8d5dd029de0c3b96876a7b07
765b09b3ccdb93ddbf1994d45b268b735a1f2b83c3dc8a366084a72ebd1009be
GET /watch/52589233?wmode=7&page-url=https%3A%2F%2Fmydiv.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1570%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A977693199539%3Ahid%3A536990009%3Az%3A0%3Ai%3A20220929152841%3Aet%3A1664465321%3Ac%3A1%3Arn%3A827752105%3Arqn%3A1%3Au%3A1664465321360130144%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A37%2C90%2C605%2C1%2C549%2C0%2C%2C202%2C1%2C1%2C1%2C0%2C1563%3Ans%3A1664465319492%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664465321%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/52589233/1?wmode=7&page-url=https%3A%2F%2Fmydiv.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1570%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A977693199539%3Ahid%3A536990009%3Az%3A0%3Ai%3A20220929152841%3Aet%3A1664465321%3Ac%3A1%3Arn%3A827752105%3Arqn%3A1%3Au%3A1664465321360130144%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A37%2C90%2C605%2C1%2C549%2C0%2C%2C202%2C1%2C1%2C1%2C0%2C1563%3Ans%3A1664465319492%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664465321%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 29 Sep 2022 15:28:44 GMT
access-control-allow-origin: https://mydiv.net
set-cookie: yandexuid=4359296351664465324; Expires=Fri, 29-Sep-2023 15:28:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4359296351664465324; Expires=Fri, 29-Sep-2023 15:28:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=447617971664465324; Path=/; SameSite=None; Secure
i=tyFOqkt7nGArBA6bMPB74D7a/9yH7gOLCp9OfNB2ngVMF/Yl/EHrPyJI6mlZk6jSwZlJHhfclom1PrB9Ealgt1ggwok=; Expires=Sun, 26-Sep-2032 15:28:42 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696001324.yrts.1664465324#1696001324.yrtsi.1664465324; Expires=Fri, 29-Sep-2023 15:28:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:44 GMT
last-modified: Thu, 29-Sep-2022 15:28:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash be1aedde797777636d9d9b808c42b990
5e2e1e33c0174cdf95e5228921cd6c2e20750204
144f22e7b4dab92d427dff65a078bc384ab26583f25cdf3faf5d1a1a06246050
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 15:28:44 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 13:01:26 GMT
ETag: "5e2e1e33c0174cdf95e5228921cd6c2e20750204"
Last-Modified: Thu, 29 Sep 2022 13:01:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3354
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7525c015887b0b45-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash be1aedde797777636d9d9b808c42b990
5e2e1e33c0174cdf95e5228921cd6c2e20750204
144f22e7b4dab92d427dff65a078bc384ab26583f25cdf3faf5d1a1a06246050
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 15:28:44 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 13:01:26 GMT
ETag: "5e2e1e33c0174cdf95e5228921cd6c2e20750204"
Last-Modified: Thu, 29 Sep 2022 13:01:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3354
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7525c01598820b45-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash be1aedde797777636d9d9b808c42b990
5e2e1e33c0174cdf95e5228921cd6c2e20750204
144f22e7b4dab92d427dff65a078bc384ab26583f25cdf3faf5d1a1a06246050
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 15:28:44 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 13:01:26 GMT
ETag: "5e2e1e33c0174cdf95e5228921cd6c2e20750204"
Last-Modified: Thu, 29 Sep 2022 13:01:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3354
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7525c0159a32b4ed-OSL
yastatic.net/partner-code-bundles/658838/a8d9f307b0a12f62ab18.js
178.154.131.217200 OK 4.5 kB URL HTTP/2 yastatic.net/partner-code-bundles/658838/a8d9f307b0a12f62ab18.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (13535)
Hash 150187bec3fe2ab89d96197ebf6ab69f
598719fcbf3bab2ef461e820e490cd4441fc39b3
ecee0bc1b71e21934c183f54d96c25d3912a058431c4ad9f39a61a6da5d491e2
GET /partner-code-bundles/658838/a8d9f307b0a12f62ab18.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: text/javascript; charset=utf-8
content-length: 4463
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "150187bec3fe2ab89d96197ebf6ab69f"
expires: Sat, 28 Sep 2052 22:02:08 GMT
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yastatic.net/partner-code-bundles/658838/a4074028f8b0cc4c3bb2.js
178.154.131.217200 OK 94 kB URL HTTP/2 yastatic.net/partner-code-bundles/658838/a4074028f8b0cc4c3bb2.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65497)
Hash a6b95a2a9652befb6640c44b22da1f30
1c4ca31a991134b09c9e1c3e48c451a0877973cb
caaf8e9916a1a97814f6abc3a240bec006c4f1ce785d7001dfc91d3679b0fdd6
GET /partner-code-bundles/658838/a4074028f8b0cc4c3bb2.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: text/javascript; charset=utf-8
content-length: 94239
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "a6b95a2a9652befb6640c44b22da1f30"
expires: Sat, 28 Sep 2052 22:02:04 GMT
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
178.154.131.217200 OK 8.9 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (33703), with no line terminators
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Sat, 28 Sep 2052 22:00:51 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/658838/aaf863f179e3b7ad382c.js
178.154.131.217200 OK 19 kB URL HTTP/2 yastatic.net/partner-code-bundles/658838/aaf863f179e3b7ad382c.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65494)
Hash 52c7131368b8c72bfc0ebee85a8dfa64
04c265c99a6ac79f3205c3c5ca1915182e4432e3
323cef0f8d1d3ba3860c93581a3970e6c43e11e9091ef416786942ec0383149d
GET /partner-code-bundles/658838/aaf863f179e3b7ad382c.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: text/javascript; charset=utf-8
content-length: 18574
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "52c7131368b8c72bfc0ebee85a8dfa64"
expires: Sat, 28 Sep 2052 22:02:04 GMT
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 15cc1791864e78e4f2d1219e1bc4e4af
4be1a8496350a8144ae81e10bfe413930628c41e
4fe223392c71727585b3e429b7042d076263242036179a1d5fcc812a3c6cee10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j97&a=2012309639&t=pageview&_s=1&dl=https%3A%2F%2Fmydiv.net%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=238833434&gjid=1512281104&cid=1395117637.1664465321&tid=UA-4459188-1&_gid=783271783.1664465321&_r=1&_slc=1&z=172266005
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=2012309639&t=pageview&_s=1&dl=https%3A%2F%2Fmydiv.net%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=238833434&gjid=1512281104&cid=1395117637.1664465321&tid=UA-4459188-1&_gid=783271783.1664465321&_r=1&_slc=1&z=172266005
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j97&a=2012309639&t=pageview&_s=1&dl=https%3A%2F%2Fmydiv.net%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%20%D0%B8%20iOS.%20%D0%94%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B3%D0%B0%D0%B4%D0%B6%D0%B5%D1%82%D0%BE%D0%B2.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=238833434&gjid=1512281104&cid=1395117637.1664465321&tid=UA-4459188-1&_gid=783271783.1664465321&_r=1&_slc=1&z=172266005 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mydiv.net
date: Thu, 29 Sep 2022 15:28:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 15cc1791864e78e4f2d1219e1bc4e4af
4be1a8496350a8144ae81e10bfe413930628c41e
4fe223392c71727585b3e429b7042d076263242036179a1d5fcc812a3c6cee10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68fb44f00b2b752787769b390b2149a6
b4a97e35d5821f4e160101e1f2dc04298f723427
b6b8a9f8c00edc2d884fb801a638ef2c04d4e82c1c6ca5cbcfc25bf1f122ea67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1bc4a8c44dea5eb20bd88b45c2f0fb30
3cd3d78fd0961d5c226cf7d39b3ac8d69c38eed2
ad6b9d5d9d39b0ca6c5abf0eb77786e81619e630c1735baa2a4800ce0096dedb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=mydiv.net&callback=_gfp_s_&client=ca-pub-1842037506098481
172.217.21.162200 OK 199 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=mydiv.net&callback=_gfp_s_&client=ca-pub-1842037506098481
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 45c68659f51bbb3b6bb2a1634736e6ad
9a8b63b2bfbb6e97b6cf89138b7a55f6e6aa9bf2
79f98cc56c16aead9b21c2de129b40210014af1888b38877815b7839b9210c94
GET /gampad/cookie.js?domain=mydiv.net&callback=_gfp_s_&client=ca-pub-1842037506098481 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 29 Sep 2022 15:28:44 GMT
server: cafe
cache-control: private
content-length: 199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=mydiv.net
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=mydiv.net
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=mydiv.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 29 Sep 2022 15:28:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=mydiv.net
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=mydiv.net
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=mydiv.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 29 Sep 2022 15:28:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14097
Expires: Thu, 29 Sep 2022 19:23:41 GMT
Date: Thu, 29 Sep 2022 15:28:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14097
Expires: Thu, 29 Sep 2022 19:23:41 GMT
Date: Thu, 29 Sep 2022 15:28:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14097
Expires: Thu, 29 Sep 2022 19:23:41 GMT
Date: Thu, 29 Sep 2022 15:28:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14097
Expires: Thu, 29 Sep 2022 19:23:41 GMT
Date: Thu, 29 Sep 2022 15:28:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 73464
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 40084
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 206ea7aa64e57846d979b536a18647c1
a28a4f2f78207656be5b7dc36f7d02b020e71004
63537d84ee2aafee3691134661910479f563bd159a266ef5260b0a09d2facd6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e45ed0e014d302b7e4d21520228f1ef
86e935f08f4217126f75d13a516ac049f23637a8
22366c353b6dbdd94f0efdf1163318b4e12476c8d7360c70e56b58650004a84c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: ff9cdb43-e7f3-4fb3-a2c9-28059f7749e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtFlRoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-2b426b8e379fb9da122731e6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v_9XHswnO6iHo9-XgqSOIDYxa_RSEzQTDqJ5Uoi5pB9sJ3kl3H-XSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 23:45:29 GMT
age: 56595
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 63542
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 62626
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 63498
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b94688c212f2a86c8b819eee8806fcc3
74aa03597b037e6d8a1dd0460ba302c95fb18c79
c7909d32a831e7fee6bf798be6093b3a21ffc459669928bc48fbd50cd480d5e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b94688c212f2a86c8b819eee8806fcc3
74aa03597b037e6d8a1dd0460ba302c95fb18c79
c7909d32a831e7fee6bf798be6093b3a21ffc459669928bc48fbd50cd480d5e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1624)
Hash f46cc3169ffbd99218f62616e2dc44ea
f44964026d2af9900a059c88967c9e8d067def45
9c82ae03291d76510460e1468338fd9303e25ccbf65e94c66e7a3e2173d7b29c
GET /pagead/js/r20220927/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9559
x-xss-protection: 0
date: Thu, 29 Sep 2022 14:38:30 GMT
expires: Thu, 13 Oct 2022 14:38:30 GMT
cache-control: public, max-age=1209600
etag: 12142024561622733046
content-type: text/javascript; charset=UTF-8
age: 3015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash d4c271459de87911060fd730756373be
9100e62d0d61513c1b489e47a6a35b84e8be4a25
b14fbcdbed0b02e9656b4d5ff183d84c25b076ac0b1087d2feb9254ee9ce8c24
GET /pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7553
x-xss-protection: 0
date: Thu, 29 Sep 2022 15:20:53 GMT
expires: Thu, 13 Oct 2022 15:20:53 GMT
cache-control: public, max-age=1209600
etag: 15375136450269253166
content-type: text/javascript; charset=UTF-8
age: 472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed8d6ec40376562f5bb4fae1652cc110
6910ffb0c6a68c3a33faa6151e3f1951a7ec389b
d66a2981e24e1a88da3f0beadd60cd744826719b4e39cfa3b2194993969534a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/measurement/l?ebcid=ALh7CaQ5zwdP7htHkHX0GF0jV2cLhexK1GN5U-8P5oClIQctV0-llMYUHEcwsNpIZLyQWB3IEKhy6Eef66jrrZc0Vro2tBVHWg
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaQ5zwdP7htHkHX0GF0jV2cLhexK1GN5U-8P5oClIQctV0-llMYUHEcwsNpIZLyQWB3IEKhy6Eef66jrrZc0Vro2tBVHWg
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQ5zwdP7htHkHX0GF0jV2cLhexK1GN5U-8P5oClIQctV0-llMYUHEcwsNpIZLyQWB3IEKhy6Eef66jrrZc0Vro2tBVHWg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 15:28:45 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/drt/ui
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 15:28:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3826037172731ac33e566808c9618388
226e9205194fb0446af7fef47c68749add90d966
692f1898c2850d619cb42a23932602bc680abe6634e2b04906304311d2eccf27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3826037172731ac33e566808c9618388
226e9205194fb0446af7fef47c68749add90d966
692f1898c2850d619cb42a23932602bc680abe6634e2b04906304311d2eccf27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.ytimg.com/vi/rHdFcG8JNec/hq1.jpg
216.58.207.206200 OK 4.9 kB URL HTTP/2 i1.ytimg.com/vi/rHdFcG8JNec/hq1.jpg
IP 216.58.207.206:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 6399924ca9c942f34ec984b152023a7a
5d910c0ce0e3413fcf14ba9f532d4969b64c4b8c
830a265c389c27ec340c94b44923b5ec54814662505950ee780e2d5c509053f4
GET /vi/rHdFcG8JNec/hq1.jpg HTTP/1.1
Host: i1.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 4875
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 15:28:45 GMT
expires: Thu, 29 Sep 2022 17:28:45 GMT
cache-control: public, max-age=7200
etag: "1594715804"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5153c90b3f6c15af57b69f8b1276221d
9a2f772a77b159e96dfe756a99d768579d66215a
1ee53becc8c84d1c912500fa653d13173a65aa02423704662120ce0774bba264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400
142.250.74.10200 OK 891 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400
IP 142.250.74.10:0
Hash 9c339e58ca92e01dce6e8f554cb7052b
049bf283edaca8bed8b1738687fd7c491cb7b276
208bb49b7c74439bf0c7835438bbedae122084ef916bc0240c4342b0f90ccc8e
GET /css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 15:28:45 GMT
date: Thu, 29 Sep 2022 15:28:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRHUERwrZA05MnpV8nV043cY9dHbeAp616vq9x0mtH3wTfZSYs&usqp=CAI
142.250.74.78200 OK 12 kB URL HTTP/2 encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRHUERwrZA05MnpV8nV043cY9dHbeAp616vq9x0mtH3wTfZSYs&usqp=CAI
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 574x800, components 3\012- data
Hash 426b73e30805fd7472ff546caf94f0d8
d3c2961d62923595458de4a61ae1f323075ba72a
c25c26f9cd1012a8bf4aea8171d923643a62c4ffe3cb66cd7798be000dc180ae
GET /shopping?q=tbn:ANd9GcRHUERwrZA05MnpV8nV043cY9dHbeAp616vq9x0mtH3wTfZSYs&usqp=CAI HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 12286
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 08:12:10 GMT
expires: Sun, 24 Sep 2023 08:12:10 GMT
cache-control: public, max-age=31536000
age: 458195
last-modified: Mon, 06 Jun 2022 02:42:05 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSfxfzbdeeOrcmMBkUDRE2-WErVkX_QVZdkbEAI1QLixr2sfCSD&usqp=CAI
142.250.74.78200 OK 11 kB URL HTTP/2 encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSfxfzbdeeOrcmMBkUDRE2-WErVkX_QVZdkbEAI1QLixr2sfCSD&usqp=CAI
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 583x800, components 3\012- data
Hash 5b27e648991d5101f4bd4d19a9bc526e
857c5a4c2fdd4a0bd6afa422d69045ffe99bbf6e
c331ec297f036311712ace139a5c0357b225994dd124700ded4f1101b88dd872
GET /shopping?q=tbn:ANd9GcSfxfzbdeeOrcmMBkUDRE2-WErVkX_QVZdkbEAI1QLixr2sfCSD&usqp=CAI HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 11205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 03:52:51 GMT
expires: Wed, 27 Sep 2023 03:52:51 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 19 Jun 2022 01:33:03 GMT
content-type: image/jpeg
age: 214554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRYmBJk3KZojMYprekeiig8rFHuCjXLJjL1EMzAy90pHHVFNTAOrCyWmSkemQ&usqp=CAI
216.58.207.238200 OK 15 kB URL HTTP/2 encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRYmBJk3KZojMYprekeiig8rFHuCjXLJjL1EMzAy90pHHVFNTAOrCyWmSkemQ&usqp=CAI
IP 216.58.207.238:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x920, components 3\012- data
Hash a0e8c89e702375049e3d08e73a084e8e
626b3182144f42fd5860509e1b7491569a578358
63f29804db43a9bfe103ecc141bc89ebfdc24dd36c572efbb60a5e55f6d6757b
GET /shopping?q=tbn:ANd9GcRYmBJk3KZojMYprekeiig8rFHuCjXLJjL1EMzAy90pHHVFNTAOrCyWmSkemQ&usqp=CAI HTTP/1.1
Host: encrypted-tbn2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 14652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:02:12 GMT
expires: Mon, 25 Sep 2023 22:02:12 GMT
cache-control: public, max-age=31536000
age: 321993
last-modified: Thu, 19 May 2022 20:34:36 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQYRun_cmH6io-3nyfj-l7iL5SiIsgtJ2LXzLZ2bM0ySg5cjw_i-wl5YQPXuUs&usqp=CAI
142.250.74.78200 OK 15 kB URL HTTP/2 encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQYRun_cmH6io-3nyfj-l7iL5SiIsgtJ2LXzLZ2bM0ySg5cjw_i-wl5YQPXuUs&usqp=CAI
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x951, components 3\012- data
Hash 4a5f2ea39dea2a73e94813d634e4b42b
4b638f437f19838331f783b16e133a5a9a585fd9
86ee5edd53feb23b97ab3e027e03fed4782408debfbd185f357186277a7d4d5f
GET /shopping?q=tbn:ANd9GcQYRun_cmH6io-3nyfj-l7iL5SiIsgtJ2LXzLZ2bM0ySg5cjw_i-wl5YQPXuUs&usqp=CAI HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 14739
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 08:12:10 GMT
expires: Sun, 24 Sep 2023 08:12:10 GMT
cache-control: public, max-age=31536000
age: 458195
last-modified: Mon, 30 May 2022 06:46:14 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTBCjN2twVaWTQASTHsZ8NExuKybDLO55NQy8QR34oHVg4VWZLc&usqp=CAI
142.250.74.78200 OK 20 kB URL HTTP/2 encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTBCjN2twVaWTQASTHsZ8NExuKybDLO55NQy8QR34oHVg4VWZLc&usqp=CAI
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 644x800, components 3\012- data
Hash 320d69a31df953a7aa272227adfdb88e
782ad568fdba26dbd9db535a3b1d3bcb1a2c52a6
dd3a25deac7cb57d0ae17bd5302b4f96275fefb1372cf9bba3faf17dfdbb4f4a
GET /shopping?q=tbn:ANd9GcTBCjN2twVaWTQASTHsZ8NExuKybDLO55NQy8QR34oHVg4VWZLc&usqp=CAI HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 19766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 23:05:31 GMT
expires: Wed, 27 Sep 2023 23:05:31 GMT
cache-control: public, max-age=31536000
age: 145394
last-modified: Sat, 18 Jun 2022 22:02:02 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVpg0AxbkPc1J-rsm_jfOrCAEIBEPCeO4mr1eH0kSk0rsvm74&usqp=CAI
142.250.74.46200 OK 18 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVpg0AxbkPc1J-rsm_jfOrCAEIBEPCeO4mr1eH0kSk0rsvm74&usqp=CAI
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x550, components 3\012- data
Hash 98fc2279b458385d57228f2a2e3dda3d
84eb2bdcc28893b7e10d24b9ce58abdd26077524
235a99b5b810981a52c6943c31165ee9869b404b8b8322d8edc5a3d396b43747
GET /shopping?q=tbn:ANd9GcQVpg0AxbkPc1J-rsm_jfOrCAEIBEPCeO4mr1eH0kSk0rsvm74&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 18322
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 21:16:50 GMT
expires: Wed, 27 Sep 2023 21:16:50 GMT
cache-control: public, max-age=31536000
age: 151915
last-modified: Thu, 10 Sep 2020 13:56:28 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSa6uug8C3ru--YjcKhpE6OEkIWFX1ava-mYhoFAJtfkoTtDPNh5AaOBC8A-yI&usqp=CAI
142.250.74.46200 OK 13 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSa6uug8C3ru--YjcKhpE6OEkIWFX1ava-mYhoFAJtfkoTtDPNh5AaOBC8A-yI&usqp=CAI
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 737x699, components 3\012- data
Hash d0ec0e45aadb953449ab710891e1dcac
64eae0e4ce4ea69907f164b89972b2e68f2e2158
67e527473f0f0b36414a6221450cf9bb6b6b9c97de334ecb755978da3fbc31f1
GET /shopping?q=tbn:ANd9GcSa6uug8C3ru--YjcKhpE6OEkIWFX1ava-mYhoFAJtfkoTtDPNh5AaOBC8A-yI&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 12576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 05:55:36 GMT
expires: Fri, 29 Sep 2023 05:55:36 GMT
cache-control: public, max-age=31536000
age: 34389
last-modified: Wed, 24 Aug 2022 02:05:01 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=mydiv.net
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=mydiv.net
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=mydiv.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 29 Sep 2022 15:28:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5153c90b3f6c15af57b69f8b1276221d
9a2f772a77b159e96dfe756a99d768579d66215a
1ee53becc8c84d1c912500fa653d13173a65aa02423704662120ce0774bba264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 15:28:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664494125&ei=rbk1Y8KFFoe87ASBvpLwDA&ip=91.90.42.154&id=ac7745706f0935e7&itag=18&source=youtube&requiressl=yes&mh=ss&mm=31&mn=sn-capm-vnae&ms=au&mv=u&mvi=1&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=45.929&lmt=1655721704938151&mt=1664464359&txp=2210224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhANe82eFflFDiz1S_ONYVqUuBqt1T9Y2uZe2zYDXRDa53AiBr9k-bEaetucYaAfCZiXS54EKjG92FGj90vgxhdGdQuQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgXd5tlxGx1BhLE1srtJntLLMV0iP-b8nSgEUatdBEsRMCIFHqQsMtIGLwkckiyAvBWj8DNp_0zo0xBaFPsoXp_sZu&cpn=GBAEapUpoU0h0WjQ
91.90.45.172206 Partial Content 1.9 MB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664494125&ei=rbk1Y8KFFoe87ASBvpLwDA&ip=91.90.42.154&id=ac7745706f0935e7&itag=18&source=youtube&requiressl=yes&mh=ss&mm=31&mn=sn-capm-vnae&ms=au&mv=u&mvi=1&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=45.929&lmt=1655721704938151&mt=1664464359&txp=2210224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhANe82eFflFDiz1S_ONYVqUuBqt1T9Y2uZe2zYDXRDa53AiBr9k-bEaetucYaAfCZiXS54EKjG92FGj90vgxhdGdQuQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgXd5tlxGx1BhLE1srtJntLLMV0iP-b8nSgEUatdBEsRMCIFHqQsMtIGLwkckiyAvBWj8DNp_0zo0xBaFPsoXp_sZu&cpn=GBAEapUpoU0h0WjQ
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 1.9 MB (1853412 bytes)
Hash ba5964008b6cdeafd35b88f95d559d69
16fffb2b13fcc8f5e696e6a75cf957edeb9d922b
c87147e65eb98b4ea1971763ad83b2f837dd7bc6db95d6f665ef3e3906aa105b
GET /videoplayback?expire=1664494125&ei=rbk1Y8KFFoe87ASBvpLwDA&ip=91.90.42.154&id=ac7745706f0935e7&itag=18&source=youtube&requiressl=yes&mh=ss&mm=31&mn=sn-capm-vnae&ms=au&mv=u&mvi=1&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=45.929&lmt=1655721704938151&mt=1664464359&txp=2210224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhANe82eFflFDiz1S_ONYVqUuBqt1T9Y2uZe2zYDXRDa53AiBr9k-bEaetucYaAfCZiXS54EKjG92FGj90vgxhdGdQuQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgXd5tlxGx1BhLE1srtJntLLMV0iP-b8nSgEUatdBEsRMCIFHqQsMtIGLwkckiyAvBWj8DNp_0zo0xBaFPsoXp_sZu&cpn=GBAEapUpoU0h0WjQ HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Last-Modified: Mon, 20 Jun 2022 10:41:44 GMT
Content-Type: video/mp4
Date: Thu, 29 Sep 2022 15:28:46 GMT
Expires: Thu, 29 Sep 2022 15:28:46 GMT
Cache-Control: private, max-age=28499
Content-Range: bytes 0-3022628/3022629
Accept-Ranges: bytes
Content-Length: 3022629
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
csi.gstatic.com/csi?v=2&s=ima&puid=1~l8n7oelh&c=2011543455895&slotId=1005771727947.5&qqid=CJCss8OouvoCFROLsgodTmAFcA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
142.251.37.67204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~l8n7oelh&c=2011543455895&slotId=1005771727947.5&qqid=CJCss8OouvoCFROLsgodTmAFcA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
IP 142.251.37.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~l8n7oelh&c=2011543455895&slotId=1005771727947.5&qqid=CJCss8OouvoCFROLsgodTmAFcA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 29 Sep 2022 15:28:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=226204861&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465325%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152844%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465325&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=226204861&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465325%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152844%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465325&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=226204861&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465325%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152844%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465325&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 137755
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:47 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:47 GMT
last-modified: Thu, 29-Sep-2022 15:28:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=297053651&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465325%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152845%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465325&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=297053651&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465325%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152845%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465325&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=297053651&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465325%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152845%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465325&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:47 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:47 GMT
last-modified: Thu, 29-Sep-2022 15:28:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=2&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=471463582&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465326%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152846%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465326&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=2&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=471463582&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465326%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152846%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465326&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wmode=0&wv-part=2&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=471463582&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465326%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152846%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465326&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 539
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:48 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:48 GMT
last-modified: Thu, 29-Sep-2022 15:28:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=2&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=834932955&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465326%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152846%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465326&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=2&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=834932955&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465326%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152846%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465326&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wmode=0&wv-part=2&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=834932955&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465326%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152846%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465326&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 168
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:49 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:49 GMT
last-modified: Thu, 29-Sep-2022 15:28:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28799c10f9ea39af55c7003f4254cc60
523da6aeec4cc23897fe01b0bc8b5da254edb3a8
2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:56 GMT
age: 62635
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wv-check=43600&wv-type=0&wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=867051926&browser-info=gdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wv-check=43600&wv-type=0&wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=867051926&browser-info=gdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wv-check=43600&wv-type=0&wmode=0&wv-part=1&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=867051926&browser-info=gdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:51 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:51 GMT
last-modified: Thu, 29-Sep-2022 15:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=3&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=767803595&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=3&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=767803595&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wmode=0&wv-part=3&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=767803595&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:51 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:51 GMT
last-modified: Thu, 29-Sep-2022 15:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=3&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=117560947&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/52589233?wmode=0&wv-part=3&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=117560947&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/52589233?wmode=0&wv-part=3&wv-hit=536990009&page-url=https%3A%2F%2Fmydiv.net%2F&rn=117560947&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664465329%3Aw%3A1268x898%3Av%3A904%3Az%3A0%3Ai%3A20220929152848%3Au%3A1664465321360130144%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1664465329&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://mydiv.net
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 29 Sep 2022 15:28:51 GMT
access-control-allow-origin: https://mydiv.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 15:28:51 GMT
last-modified: Thu, 29-Sep-2022 15:28:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mydiv.net/
54.36.106.111200 OK 0 B IP 54.36.106.111:0
GET / HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.5
set-cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; domain=.mydiv.net; path=/; expires=Sun, 02-Oct-2022 15:28:43 UTC
ifh=10551036906335b9ab1948a9.35175724; domain=.mydiv.net; path=/; expires=Sun, 02-Oct-2022 15:28:43 UTC; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
yandex.ru/ads/system/context.js
77.88.55.60200 OK 0 B URL HTTP/2 yandex.ru/ads/system/context.js
IP 77.88.55.60:0
GET /ads/system/context.js HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
access-control-allow-origin: *
set-cookie: i=ewvkFOUN9XSbDytK4FiGTg1dUY2gqWBgEfnIfdAsSjEnzErN7Bi5sXJ7/+oj1N+WLP/PwZVfQ9MnETfK6mkE17V8R7w=; Path=/; Domain=.yandex.ru; Expires=Sat, 28-Sep-2024 15:28:44 GMT; SameSite=None; Secure; HttpOnly
expires: Thu, 29 Sep 2022 16:28:44 GMT
x-yandex-req-id: 1664465324148299-6335398267457370290-sas2-0820-842-sas-l7-balancer-8080-BAL-465
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
X-Firefox-Spdy: h2
mydiv.net/build/public/langchunks/lang.ru_RU.chunk.js?ver=be523bf50222071760d4
54.36.106.111200 OK 0 B URL HTTP/2 mydiv.net/build/public/langchunks/lang.ru_RU.chunk.js?ver=be523bf50222071760d4
IP 54.36.106.111:0
GET /build/public/langchunks/lang.ru_RU.chunk.js?ver=be523bf50222071760d4 HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 May 2022 21:13:43 GMT
vary: Accept-Encoding
etag: W/"628e9c07-121a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
s04.mydiv-downloads.net/download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip
51.75.52.14302 Found 0 B URL HTTP/2 s04.mydiv-downloads.net/download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip
IP 51.75.52.14:0
Analyzer Verdict Alert fortinet Malware
GET /download/ahr0chm6ly9zb2z0lm15zgl2lm5ldc93aw4vzg93bmxvywqtuhjvdgvjdc1feguuahrtba==/b73e4/633485587534f/soft/dfiles/ru/win/protect-exe/209708/proex07.zip HTTP/1.1
Host: s04.mydiv-downloads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx/1.14.2
date: Thu, 29 Sep 2022 15:28:42 GMT
content-type: text/html; charset=UTF-8
location: https://mydiv.net/
X-Firefox-Spdy: h2
mydiv.net/build/public/styles/site.mydiv.css?ver=a95eb927769ae313b1a4
54.36.106.111200 OK 0 B URL HTTP/2 mydiv.net/build/public/styles/site.mydiv.css?ver=a95eb927769ae313b1a4
IP 54.36.106.111:0
GET /build/public/styles/site.mydiv.css?ver=a95eb927769ae313b1a4 HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 08:09:26 GMT
vary: Accept-Encoding
etag: W/"628c92b6-29bae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
mydiv.net/build/public/site.mydiv.bundle.js?ver=a95eb927769ae313b1a4
54.36.106.111200 OK 0 B URL HTTP/2 mydiv.net/build/public/site.mydiv.bundle.js?ver=a95eb927769ae313b1a4
IP 54.36.106.111:0
GET /build/public/site.mydiv.bundle.js?ver=a95eb927769ae313b1a4 HTTP/1.1
Host: mydiv.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydiv.net/
Cookie: suid=26313c8401add9d4d621af1a4e878567823b33d6b2b9f92b9ed622a018af2628; ifh=10551036906335b9ab1948a9.35175724
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.7
date: Thu, 29 Sep 2022 15:28:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 May 2022 21:13:43 GMT
vary: Accept-Encoding
etag: W/"628e9c07-46126"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2