r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4779
Expires: Mon, 30 Jan 2023 01:55:16 GMT
Date: Mon, 30 Jan 2023 00:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Mon, 30 Jan 2023 01:59:05 GMT
Date: Mon, 30 Jan 2023 00:35:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 23:43:10 GMT
content-type: application/json
age: 3147
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3633
Expires: Mon, 30 Jan 2023 01:36:10 GMT
Date: Mon, 30 Jan 2023 00:35:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RXKIzradqMRpPAdHhgO5dcPEW74baxg4kFzSG/f/5y+y0RowCVjXdOb37PtllXCtgPcgOIBC35s=
x-amz-request-id: RCQGME9CPSBBPGJS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 23:50:31 GMT
age: 2706
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:35:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
s9.crazyfarm.de/
200 OK 5.0 kB IP
ASN #61157 PlusServer GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (443)
Hash 491d8d3127bbbb1f4500837c5fabba4a
2350cd2921b2b16af3c24bac30b09c705bd3bed0
d6ec2e181e6fa8da800c068d3fe9280e631208aaa51bbe3c81f91b24a1aeb922
GET / HTTP/1.1
Host: s9.crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5040
Connection: keep-alive
Set-Cookie: PHPSESSID=v3p7blkmjd62lt8ost9p88ji54; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 23:41:41 GMT
age: 3237
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
crazyfarm.de/css/scripts/global.js
200 OK 3.7 kB URL HTTP/1.1 crazyfarm.de/css/scripts/global.js
IP
ASN #61157 PlusServer GmbH
Hash 90047419d9b48891fd7059fb55984904
da97b92e5294ee8651b9d21765fe570032ac51c3
cd2a36f57b0308b7733eb1f37e17835a82cbb55272ffbbdd801e48162cbd1d9c
GET /css/scripts/global.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 3663
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-e4f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/css/scripts/map.js
200 OK 6.0 kB URL HTTP/1.1 crazyfarm.de/css/scripts/map.js
IP
ASN #61157 PlusServer GmbH
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash 70b6cf228b8130ef0cf928b4db26f56b
6ade0b868f6a459ceac42df51d4d01347a3feb9d
2a4ef97540e5a6a52b24421e7468374c5b2b63292edff7ea87c222792a910e83
GET /css/scripts/map.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 5992
Last-Modified: Sun, 04 Jan 2015 14:58:00 GMT
Connection: keep-alive
ETag: "54a954f8-1768"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshot/js/scriptaculous.js?load=effects,builder
200 OK 2.9 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/scriptaculous.js?load=effects,builder
IP
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text
Hash cbf6fe19f675dbe1242350b2f8240bf0
4af831176416155b4fd086732c249755e0865459
6845f707fc3579647bbe9b48f10a86c8edc7a7f564af9a7465832a2577ec1fdd
GET /images/screenshot/js/scriptaculous.js?load=effects,builder HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 2932
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-b74"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3321
Expires: Mon, 30 Jan 2023 01:30:59 GMT
Date: Mon, 30 Jan 2023 00:35:38 GMT
Connection: keep-alive
crazyfarm.de/images/screenshot/js/lightbox.js
200 OK 18 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/lightbox.js
IP
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text
Hash 150e8a17b7f7a15043eae64b5b8c2777
a4af8ffc7497e0f029076911a0d60098d87e7955
38968a09e6ed6eab31531e3421e202f220a8e7d44dfc8d45e4769a3403422ceb
GET /images/screenshot/js/lightbox.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 18513
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-4851"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/js/jnice.js
200 OK 8.3 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/js/jnice.js
IP
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 742d324d6ed048b6ba8798c0ef1e66ed
589754845601d3eb5b4e8186e5f3a3e736e785b7
672bc29fe3758739ac4989d408ea2319fa9e753cd526cb78804d40828cc77964
GET /templates/anmeldung/js/jnice.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 8260
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-2044"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/css/scripts/wz_tooltip.js
200 OK 33 kB URL HTTP/1.1 crazyfarm.de/css/scripts/wz_tooltip.js
IP
ASN #61157 PlusServer GmbH
Hash 4a740b5f94688a6b6152dd4bd54df3d3
00a8caf2aaa174008ec33a041481b88b19636537
4cbbd810c510c0d17f79f8150b2c9a53ac0d3fd8fc8a40b1263cfcf52e5e3d54
GET /css/scripts/wz_tooltip.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 32899
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-8083"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tycoon.adspirit.net/adscript.php?pid=33&ord=1675038938
200 OK 2.7 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=33&ord=1675038938
IP
ASN #12337 noris network AG
File type ASCII text, with very long lines (2746), with no line terminators
Hash b17768adffa692e6deee6c8154812dd2
7f2777b40aceb327d56680746ecc35a4e72e301d
ea92ea448e753753a8c0d5e2fdaba7182097755b5c0c619b04e2592f7ecb98eb
GET /adscript.php?pid=33&ord=1675038938 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:38 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Mon, 30 Jan 2023 00:35:38 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
tycoon.adspirit.net/adscript.php?pid=93&ord=[timestamp]
200 OK 2.7 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=93&ord=[timestamp]
IP
ASN #12337 noris network AG
File type ASCII text, with very long lines (2747), with no line terminators
Hash b8b7e552c43388f95e2c444f23cf5975
4b3c708c017a4e2520a744f83f9c8667590ca1c3
a158f55f2981b2b9c51ca467e344aa82b562bf2b0567177b9310cfba15e4f403
GET /adscript.php?pid=93&ord=[timestamp] HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:38 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Mon, 30 Jan 2023 00:35:38 GMT
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.town-tycoon.de/gamebox.js
200 OK 4.1 kB URL HTTP/1.1 www.town-tycoon.de/gamebox.js
IP
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 9fa10d999b834eb0aa2cdd7836b9b8c8
37eaf4966f007077a4399daf39aae6909cd6323e
25b270c7ce7cf57d4231bd916efc3a24a901469943d8e83167fd6cd4ec825b3f
GET /gamebox.js HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 4077
Connection: keep-alive
Last-Modified: Tue, 11 Jun 2013 21:09:00 GMT
ETag: "fed-4dee74e575300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/images/screenshot/js/prototype.js
200 OK 163 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/prototype.js
IP
ASN #61157 PlusServer GmbH
Size 163 kB (163312 bytes)
Hash 007ae2fe795811f80cedf92fdb591c1b
1d81bf892a42afc1d03c96862aa5aeac87a0b29a
8af6866c41f7bf18358a7044659f09b3031474c5d27040f37ccf2de4337b2b17
GET /images/screenshot/js/prototype.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 163312
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-27df0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/js/jquery.js
200 OK 84 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/js/jquery.js
IP
ASN #61157 PlusServer GmbH
File type ASCII text, with very long lines (65171)
Hash 4128deb8fe065c61bf33c808cda54f96
08516cd8b09d40c6250aca6caf2d8fe1e0f0be93
2db3d4cd038ad3c4dc4228bc8af0b72747cede2cd10fd9d6fc09d622166901c6
GET /templates/anmeldung/js/jquery.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 84376
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-14998"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshot/css/lightbox.css
200 OK 1.6 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/css/lightbox.css
IP
ASN #61157 PlusServer GmbH
Hash de501f42d328deb2d67cf8ecdb1c8fe2
2cf7b8babfdfbdc6f3bf1f27f1c28ec2d546b4f0
5c42ba8f44c3368954124f3a1f19623d4c43ddc1831c97d2e0a0084535591db3
GET /images/screenshot/css/lightbox.css HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: text/css
Content-Length: 1648
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-670"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/css/style.css
200 OK 8.3 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/style.css
IP
ASN #61157 PlusServer GmbH
File type ASCII text, with very long lines (1106)
Hash ca7cdf5185c1435d4440ab310da39290
21f2bbab7d40e7ffb7f5deb0970b748843a85fce
be3b83b31516dce28b4dd457795b8dfefddc64de9f46ce875f3a09e025799416
GET /templates/anmeldung/css/style.css HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: text/css
Content-Length: 8313
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-2079"
X-Powered-By: PleskLin
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PJX0P0O+7xNoudJoNUXUUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: puEA2bZSSHf/h2YIbvD3sp1qIgg=
crazyfarm.de/images/screenshot/js/builder.js
200 OK 4.7 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/builder.js
IP
ASN #61157 PlusServer GmbH
Hash a80b3b917ded9b0d0e1bba21ee7cef61
082a70e55e4ea2e1a43bb8c232058392637d6d83
5f9742b13427e9a76cebe37094f94bdcb0721552da31ae03087a84ad2c9e1060
GET /images/screenshot/js/builder.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 4745
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-1289"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshot/js/effects.js
200 OK 38 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/effects.js
IP
ASN #61157 PlusServer GmbH
Hash fdadbe178927aef6460fb725cee7dde7
8505a521fe136d0181b7f220522f2ceef1409697
cd4d228017c9e74d494e81a9ae96da0b906b1e9ecc04b81a3fe7906399f7dcdd
GET /images/screenshot/js/effects.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: application/javascript
Content-Length: 38472
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-9648"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-uebersicht-preview.jpg
200 OK 7.7 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-uebersicht-preview.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash a79640eda18c010d5f5cf586547d358e
ce4af3a0399c685f62a87bedbe22d0501ae540d5
5912b5ee9fd5a180f710258b49da4340da274f73cb69762da27b78fc62735a30
GET /images/screenshots/screen-uebersicht-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: image/jpeg
Content-Length: 7686
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1e06"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-bauhof-preview.jpg
200 OK 7.3 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-bauhof-preview.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash fbe21d6523b18e2cd7d15c4724578cfe
2a9286257c71cbd95be0ffeccf6eede724276452
dd0e836f47ddef6114744a6170b2211c54d7b5d241ac6622805063eeb88aa9b8
GET /images/screenshots/screen-bauhof-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: image/jpeg
Content-Length: 7252
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1c54"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-haustier-preview.jpg
200 OK 6.5 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-haustier-preview.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash bc444ae09e4cd077b25a06c7874c9869
4c85c4bda94b2608f13513c2fb6c18ea2aaad8d9
2a9f34cc659badc0350308b126b3cacaeb8606e4d81fa92678675e4702038141
GET /images/screenshots/screen-haustier-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: image/jpeg
Content-Length: 6456
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1938"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tycoon.adspirit.net/adscript.php?pid=93&ord=%5Btimestamp%5D&wpcn=asmpvx3967971675038938&&vis=-1
200 OK 293 B URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=93&ord=%5Btimestamp%5D&wpcn=asmpvx3967971675038938&&vis=-1
IP
ASN #12337 noris network AG
File type ASCII text, with no line terminators
Hash c24912d34defc622805f9fd82795d956
6da03131003086cabc82a293e7dac0bf47b81af0
292dcb534ddcd7ecf1a6234be71aeefe72fe323c08c057a819da23baad5ad02d
GET /adscript.php?pid=93&ord=%5Btimestamp%5D&wpcn=asmpvx3967971675038938&&vis=-1 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:38 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Mon, 30 Jan 2023 00:35:38 GMT
Keep-Alive: timeout=3, max=999
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
crazyfarm.de/images/spacer.gif
200 OK 807 B URL HTTP/1.1 crazyfarm.de/images/spacer.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash a0db3b8301c015a2de23b6aab08a48c9
5fcac40d47cd7bf5e58efbe0c9e9c56582867585
6bf788214f0920f04146aa23bc2d8588b55a3e81b5c7f25acc4377b895030979
GET /images/spacer.gif HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: image/gif
Content-Length: 807
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:34:00 GMT
ETag: "327-4e9c0946ce600"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/images/screenshots/screen-production-preview.jpg
200 OK 6.7 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-production-preview.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x118, components 3\012- data
Hash d8e318e53d153a9b228641d4a3c08072
a36512756751b5e21555f00df944352bf7b604a4
cc4492a6f80b4c159802f134cce643d355d3c937849affd5c33e1e293d773af5
GET /images/screenshots/screen-production-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: image/jpeg
Content-Length: 6679
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1a17"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-farm-preview.jpg
200 OK 7.3 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-farm-preview.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash 9fc818e0327e489e9005500c6ed5a84c
611dbcfe678d615c46968c71a99f7f796cd6fdf0
0f4d202077e8b0bda57e8401b972dfbd400422c52e63407b7e1dc1fd41d40201
GET /images/screenshots/screen-farm-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:38 GMT
Content-Type: image/jpeg
Content-Length: 7321
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1c99"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/promo/ds.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/ds.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash a3abe3bce70de0d0eff6a0a7b016f4b0
75e9b9adbfa7b840100b2a81ca194444e210db4e
ec49462c6da910f562669d03919ebe0bc7a6d80ca4f6d5b852b39517f814781a
GET /img/promo/ds.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1083
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:21:00 GMT
ETag: "43b-4edf8d353cf00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/dp.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/dp.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash f17de2c5ac02185dddd5b17fc1c29c67
6229eab9ab58b1188262bf681b726ece32674c99
643c8882bbd2ea1c9d3e51a73370decdfe985ec83c0117db79f4fc4571937efc
GET /img/promo/dp.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:22:00 GMT
ETag: "43f-4edf8d6e75600"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/koe.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/koe.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash f3a03af33b146c1314ff4ae7282521ab
1925d646453ae47e456c4dbe69957d26c975725b
8aaf783289612c5133caed85beb77c7e626e7c618a943ca4945e438c90fdc376
GET /img/promo/koe.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:21:00 GMT
ETag: "43f-4edf8d353cf00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/templates/anmeldung/css/img/bg3.jpg
200 OK 495 B URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/bg3.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3x490, components 3\012- data
Hash 59b287d8bffc460016e766c546bf4b34
d7403d5ba1748240fcb365bed04c6b9acdb3db0c
e672140ec43564124b6086711dcc19189b8cccef92f5a620c77d328a2ad06357
GET /templates/anmeldung/css/img/bg3.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/jpeg
Content-Length: 495
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
ETag: "1ef-4e9c05ec7fd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/cf.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/cf.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 5a0b361846fc356a756fd002674e9fa2
883e32e8a681b8a6c4742f9994428036ddb5ed9c
995e7bab96489073cf9ef5acce20da15e0c1ec8d74ac817909ad5e9f2149f77e
GET /img/promo/cf.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:17:00 GMT
ETag: "43f-4edf8c505b300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/tt.gif
200 OK 427 B URL HTTP/1.1 www.town-tycoon.de/img/promo/tt.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 6954a514c699d504a6da640fc862d9f5
366e9c2a50cf041ef10ec517c906088d64f1b436
7a88ea7f37d540c6b48e6acb3d237aef92128af27b070229fc3014e4955d4f1e
GET /img/promo/tt.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 427
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:17:00 GMT
ETag: "1ab-4edf8c505b300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/pk.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/pk.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 72180b331085ab3124732ea36bf75c76
5285c25b3bbbc28b510bdedfef5fc67044aa3b87
26c2285e5784f808ca8da29345b219ad21c9aed1af2ef25357c96482438b592b
GET /img/promo/pk.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1086
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:24:00 GMT
ETag: "43e-4edf8de0e6400"
Accept-Ranges: bytes
X-Powered-By: PleskLin
cdn.adspirit.de/banner/asm_pageview.min.js
200 OK 770 B URL HTTP/1.1 cdn.adspirit.de/banner/asm_pageview.min.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1958), with no line terminators
Hash 38719be41633c2bd705462c74876a4c5
c87c65ab7373a749f42ece37d19a91ce8ae7e5b6
e1688294d53ac14391b3b271de612b6d03c91e76b420b4657fbfd3f86db75b3b
GET /banner/asm_pageview.min.js HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Jun 2019 08:31:43 GMT
ETag: W/"d6e34d9-7a6-58b08206459c0"
X-Accel-Expires: @1675085616
Server: CDN77-Turbo
X-77-NZT: AcO1rgWUHPD/q+wBAA
X-77-NZT-Ray: 25b021315a611017db10d763913c4904
X-Cache: HIT
X-Age: 126123
X-77-POP: frankfurtDE
X-77-Cache: HIT
Content-Encoding: gzip
crazyfarm.de/images/screenshots/screen-acker-preview.jpg
200 OK 11 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-acker-preview.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash d001916e12bd3ec86d33bbc861a08148
b7d8bf25eb5e1f2fbf012812a5d9378338bec309
d367ee87b6afb7a83a960f15ac81be71def978c769c158ae6cc2a5ba8f13741e
GET /images/screenshots/screen-acker-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/jpeg
Content-Length: 10843
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-2a5b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/promo/ic.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/ic.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash b115c5bb4bb4b8dc2280ff42f8cbd2a0
59a766e8924d376550d414b6c8e04ac374032bdf
b6dfd5e50e54dbd46e008469db025788af2e80ab1662dc5a4c5344ebe7579347
GET /img/promo/ic.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1084
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:18:00 GMT
ETag: "43c-4edf8c8993a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/sg.gif
200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/sg.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 56f079a70acb27d71011803b1e6bf960
98db02960b9717bdfb36abbfb0dbb0a9632f9050
9995dfe375b411cd85c1cad418582f3f9112eb937fdab401a994ddfb59c9133f
GET /img/promo/sg.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 1080
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:19:00 GMT
ETag: "438-4edf8cc2cc100"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/templates/anmeldung/css/img/bg.jpg
200 OK 154 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/bg.jpg
IP
ASN #61157 PlusServer GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 983x1152, components 3\012- data
Size 154 kB (153518 bytes)
Hash a5ddc3d2a0bd2a66bcb9bbede2b8eba3
c93525f53aca8556a03c017d833e6e8fb7f2024e
c99e57cb21920d86db7843dc96278fb49dbe940894dda5797342bf9bd725bb8e
GET /templates/anmeldung/css/img/bg.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/jpeg
Content-Length: 153518
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-257ae"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/css/img/hund.gif
200 OK 8.9 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/hund.gif
IP
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 74 x 83\012- data
Hash fcfefff1801e28d1f2f90648f0360a26
50f45a641b6cbf75117f515de07cfbd99b2547c3
ddf73b00d2ecffec271685a2681335645ff9a64681c1c36051e80050a4ef76b6
GET /templates/anmeldung/css/img/hund.gif HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/gif
Content-Length: 8868
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-22a4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/css/img/buttons.png
200 OK 5.5 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/buttons.png
IP
ASN #61157 PlusServer GmbH
File type PNG image data, 254 x 132, 8-bit colormap, non-interlaced\012- data
Hash 81e5260b3f7d27687ab0b04585a5074b
632364b9ff6c01fb34c6d597058bf0debc4c8530
f0e3763f2cfdb7feb12ad45973f87663b88073e8827a9a5d03001087a443e9c7
GET /templates/anmeldung/css/img/buttons.png HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/png
Content-Length: 5508
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-1584"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/1x1gray2.png
200 OK 5.6 kB URL HTTP/1.1 www.town-tycoon.de/img/1x1gray2.png
IP
ASN #61157 PlusServer GmbH
File type PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Hash fe6dc10b4d2173024e825951d8f90d39
ca181a586423fbdcd4546c56c492f7da4805f055
5381fc7a38a7cee064ab4ad3d42e60b60452d73d79c745eac8e7d62721f26945
GET /img/1x1gray2.png HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/png
Content-Length: 5607
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2012 16:22:00 GMT
ETag: "15e7-4c9bff0a31a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
tycoon.adspirit.net/adscript.php?pid=33&ord=1675038938&wpcn=asmpvx7044481675038938&&vis=4
200 OK 4.4 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=33&ord=1675038938&wpcn=asmpvx7044481675038938&&vis=4
IP
ASN #12337 noris network AG
File type ASCII text, with very long lines (3677)
Hash 169947f492fb9abb2a742bb49dfe889a
34684283e15021582ab604c8931e4bddcc92eff0
db1ab5bf9253ab69b8f440fb474b55897335558de66ed25d2686bdd9ca7f9899
GET /adscript.php?pid=33&ord=1675038938&wpcn=asmpvx7044481675038938&&vis=4 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:39 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Mon, 30 Jan 2023 00:35:39 GMT
Keep-Alive: timeout=3, max=998
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=17472
expires: Mon, 30 Jan 2023 05:26:51 GMT
date: Mon, 30 Jan 2023 00:35:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=17472
expires: Mon, 30 Jan 2023 05:26:51 GMT
date: Mon, 30 Jan 2023 00:35:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=17472
expires: Mon, 30 Jan 2023 05:26:51 GMT
date: Mon, 30 Jan 2023 00:35:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=17472
expires: Mon, 30 Jan 2023 05:26:51 GMT
date: Mon, 30 Jan 2023 00:35:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
crazyfarm.de/templates/anmeldung/css/img/controls.png
200 OK 2.2 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/controls.png
IP
ASN #61157 PlusServer GmbH
File type PNG image data, 48 x 122, 8-bit colormap, non-interlaced\012- data
Hash a9181776ffa0c37e656712bf4f09fe87
7c4efb8dea21aa421530699cdf60f706a0ff914a
cabf56227cf506b2a38601e5b4cf8b82652d9dc897c087d395d396204803afde
GET /templates/anmeldung/css/img/controls.png HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/png
Content-Length: 2155
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-86b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/css/img/haken.png
200 OK 409 B URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/haken.png
IP
ASN #61157 PlusServer GmbH
File type PNG image data, 14 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash cd63e2a2ceb1e605e4eb112c081331fb
8cf4df1ee9d3fc04e93ea48ed2e8dfc0b259947f
f7170792c02bad5e99462c949d58feea570ee511e437e963d4c7453d43cf25b5
GET /templates/anmeldung/css/img/haken.png HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:39 GMT
Content-Type: image/png
Content-Length: 409
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
ETag: "199-4e9c05ec7fd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
ssp.adspirit.de/rtb/getusermatch.php?umid=-1&output=1&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437
200 OK 1.1 kB URL HTTP/1.1 ssp.adspirit.de/rtb/getusermatch.php?umid=-1&output=1&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 944044e4fa88647b8b10affe686c7104
91917d207b2dd656c3632f5a059fa5515cd93dd6
b0b1825cf1260549bdea1cc00d2d539cc3d4932450263960877d64436019399e
GET /rtb/getusermatch.php?umid=-1&output=1&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437 HTTP/1.1
Host: ssp.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 00:35:39 GMT
server: Apache
access-control-allow-origin: *
content-length: 1100
content-type: text/html; charset=UTF-8
ads.pubmatic.com/AdServer/js/userSync.js
200 OK 2.3 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/userSync.js
IP
File type ASCII text, with very long lines (6899), with no line terminators
Hash a4c2f0a7daeda6ee5645a39c5421a0b6
a51a4d193e533f27cfeb2b3b02dc90e8b82b0d05
1bcf542a8d631d12c8114f2431cb2aacf33881a0d878e11ac0bcfd440d18a6e5
GET /AdServer/js/userSync.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
etag: "1300709-1af3-5c4c7cca9e573"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2267
content-type: text/javascript
cache-control: max-age=19937
expires: Mon, 30 Jan 2023 06:07:56 GMT
date: Mon, 30 Jan 2023 00:35:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.adtiger.de/rtb/usermatch.php?umid=2&dataid=1&userid=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect
302 Found 0 B URL HTTP/1.1 ads.adtiger.de/rtb/usermatch.php?umid=2&dataid=1&userid=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect
IP
ASN #12337 noris network AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/usermatch.php?umid=2&dataid=1&userid=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 30 Jan 2023 00:35:39 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Location: http://tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409048fe686f3c3d635b52f9940c0d36&ord=1675038939
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409048fe686f3c3d635b52f9940c0d36&ord=1675038939
200 OK 56 B URL HTTP/1.1 tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409048fe686f3c3d635b52f9940c0d36&ord=1675038939
IP
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=29f5e1e120cc4bfb9a306459fe3cc409662025c2dcdbf9a2bea333968c437&external_user_id=29f5e1e120cc4bfb9a306459fe3cc409048fe686f3c3d635b52f9940c0d36&ord=1675038939 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://s9.crazyfarm.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:39 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=997
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash 5ee05fe823fce57908ccd7fba4dadb17
ef10cdd25c0f26abb95bcc0547296400bab4dbca
4adb07719ce3db8f218d9ae47b426b8d5244146e7a0e79451592cc5cb61de069
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6128
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:39 GMT
Last-Modified: Sun, 29 Jan 2023 22:53:31 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 5ee05fe823fce57908ccd7fba4dadb17
ef10cdd25c0f26abb95bcc0547296400bab4dbca
4adb07719ce3db8f218d9ae47b426b8d5244146e7a0e79451592cc5cb61de069
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6128
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:39 GMT
Last-Modified: Sun, 29 Jan 2023 22:53:31 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 5ee05fe823fce57908ccd7fba4dadb17
ef10cdd25c0f26abb95bcc0547296400bab4dbca
4adb07719ce3db8f218d9ae47b426b8d5244146e7a0e79451592cc5cb61de069
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6094
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:39 GMT
Last-Modified: Sun, 29 Jan 2023 22:54:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP
File type ASCII text, with no line terminators
Hash 80a2768536e4d49280078d8fc1332533
f8392c15008b426bee3307e3859fbc49d63d2a21
864bd32e0826b3400019e918a463196797525bc98d7edcfb454b4c6b5d8a7582
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Sat, 29 Apr 2023 17:13:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 30 Jan 2023 00:35:39 GMT
content-length: 60
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash efb4169177a74924e499d444ba151fbf
13543c77c41c997caab4314e39a3c5bdb30cb974
38e57dd50d837b352b9df3c47863369ba093bf57efefa14e5ec19f1ea2dfbae4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91885
Date: Mon, 30 Jan 2023 00:35:39 GMT
Etag: "63d5bfba-1d7"
Expires: Tue, 31 Jan 2023 02:07:04 GMT
Last-Modified: Sun, 29 Jan 2023 00:37:14 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UgtHmYDtVcTxx7PrERv2k-zY2UA_39yDWEmryRn-j9Q91W-FXiP1qw==
Age: 5390
ice.360yield.com/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 00:35:39 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=04ebe75e-3aa3-4a9c-958e-31c0b0fc2a36; Expires=Sun, 30 Apr 2023 00:35:39 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675038939; Expires=Sun, 30 Apr 2023 00:35:39 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
200 OK 43 B URL HTTP/2 ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ssp.adspirit.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:35:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 02c5cf1b5566cfdbb355f6c2ef10a478
27e8b9579289637cf0bb7d43691befd002eb44c0
132b407377a0d37e6a5c2f298a42b19a02dee687997eac2e11926810fead1bed
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122858
Date: Mon, 30 Jan 2023 00:35:39 GMT
Etag: "63d64dc5-1d7"
Expires: Tue, 31 Jan 2023 10:43:17 GMT
Last-Modified: Sun, 29 Jan 2023 10:43:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hHAzatWsqRGWnr1T7ClVw74TOGB_xHuGg0x9itiWySyEnfDFnXCT3Q==
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=162303
expires: Tue, 31 Jan 2023 21:40:42 GMT
date: Mon, 30 Jan 2023 00:35:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
pad.360polaris.biz/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
302 Found 0 B URL HTTP/2 pad.360polaris.biz/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 00:35:39 GMT
content-type: text/plain
content-length: 0
location: https://pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=26e0ec6d-15be-4992-993b-195bc7b6d688; Expires=Sun, 30 Apr 2023 00:35:39 GMT; Domain=.360polaris.biz; Path=/; SameSite=None; Secure
tuuid_lu=1675038939; Expires=Sun, 30 Apr 2023 00:35:39 GMT; Domain=.360polaris.biz; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
302 Found 0 B URL HTTP/2 pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s9.crazyfarm.de/
Connection: keep-alive
Cookie: tuuid=26e0ec6d-15be-4992-993b-195bc7b6d688; tuuid_lu=1675038939
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 00:35:39 GMT
content-type: text/plain
content-length: 0
location: https://tycoon.adspirit.net/rtb/getusermatch.php?umid=11&output=1&external_user_id=26e0ec6d-15be-4992-993b-195bc7b6d688
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 76ffe92d0a5fe678417021e63ad6dc79
f2cf5be83f838f5b0cd1d22413616a55b419ecce
6dd962968bc61909b0257c53ae91ae6d1a3bd4e0e2613c2af5b837af8159b952
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4615
Cache-Control: max-age=134979
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:40 GMT
Etag: "63d66b18-1d7"
Expires: Tue, 31 Jan 2023 14:05:19 GMT
Last-Modified: Sun, 29 Jan 2023 12:48:24 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 76ffe92d0a5fe678417021e63ad6dc79
f2cf5be83f838f5b0cd1d22413616a55b419ecce
6dd962968bc61909b0257c53ae91ae6d1a3bd4e0e2613c2af5b837af8159b952
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4615
Cache-Control: max-age=134979
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:40 GMT
Etag: "63d66b18-1d7"
Expires: Tue, 31 Jan 2023 14:05:19 GMT
Last-Modified: Sun, 29 Jan 2023 12:48:24 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 76ffe92d0a5fe678417021e63ad6dc79
f2cf5be83f838f5b0cd1d22413616a55b419ecce
6dd962968bc61909b0257c53ae91ae6d1a3bd4e0e2613c2af5b837af8159b952
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4615
Cache-Control: max-age=134979
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:40 GMT
Etag: "63d66b18-1d7"
Expires: Tue, 31 Jan 2023 14:05:19 GMT
Last-Modified: Sun, 29 Jan 2023 12:48:24 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 76ffe92d0a5fe678417021e63ad6dc79
f2cf5be83f838f5b0cd1d22413616a55b419ecce
6dd962968bc61909b0257c53ae91ae6d1a3bd4e0e2613c2af5b837af8159b952
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4615
Cache-Control: max-age=134979
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:40 GMT
Etag: "63d66b18-1d7"
Expires: Tue, 31 Jan 2023 14:05:19 GMT
Last-Modified: Sun, 29 Jan 2023 12:48:24 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF
200 OK 56 B URL HTTP/2 ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF
IP
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=25&tpuid=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:35:40 GMT
server: Apache
x-powered-by: PHP/7.3.29
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
content-length: 56
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1e194416ce21e75d648ff50692fd7349
4da3d9858f1f6dd58bd638c2e89d045854c52a5f
6ac4fb0d889fef1760fbf0c59a50dbc9c81363503b17d8ac7de80cc82270d143
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 13:22:24 GMT
Expires: Fri, 03 Feb 2023 13:22:23 GMT
Etag: "4da3d9858f1f6dd58bd638c2e89d045854c52a5f"
Cache-Control: max-age=391002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791620ff59a2b4f3-OSL
ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF
200 OK 56 B URL HTTP/2 ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF
IP
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=25&tpuid=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:35:40 GMT
server: Apache
x-powered-by: PHP/7.3.31
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
content-length: 56
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 448 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash 01c9e384c4338f71f12a15ea2456763e
ebb8ab4152d211495f5f63c279377b6c651eedd2
5223d74181e8977fa9d4c18b3674c34689410fc0bf8016dc8a1aa342a2fdfacf
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:35:37 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 448 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash 01c9e384c4338f71f12a15ea2456763e
ebb8ab4152d211495f5f63c279377b6c651eedd2
5223d74181e8977fa9d4c18b3674c34689410fc0bf8016dc8a1aa342a2fdfacf
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:35:37 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:35:40 GMT
Connection: keep-alive
tycoon.adspirit.net/rtb/getusermatch.php?umid=11&output=1&external_user_id=26e0ec6d-15be-4992-993b-195bc7b6d688
200 OK 56 B URL HTTP/2 tycoon.adspirit.net/rtb/getusermatch.php?umid=11&output=1&external_user_id=26e0ec6d-15be-4992-993b-195bc7b6d688
IP
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?umid=11&output=1&external_user_id=26e0ec6d-15be-4992-993b-195bc7b6d688 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s9.crazyfarm.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:35:40 GMT
server: Apache
x-powered-by: PHP/7.3.31
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
content-length: 56
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:35:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8fce79ef35b4c943c2b60d5092d17b6f
d29ce982633d0cc50b2a968ea22893d92b9663e3
297e951e4ab09c3465deb222cbe8f66579f9154d4e8806eec3a52350e577fded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5934
x-amzn-requestid: 75aeb64a-1ba1-4349-84f3-b94aabeccc9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFUMIAMF3nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-56d6fb7b337769986c5c567b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RKiUEsflAz1PfeT8AvkmfNGxTkGO_0Ajo5hgnRIvo0qdiVUA0wD46Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:18 GMT
age: 7282
etag: "d29ce982633d0cc50b2a968ea22893d92b9663e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:27 GMT
age: 8653
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 9752
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: t1IqXPqG23nYmxAPOJFaZhKDD49KD8fREs8L59AGjx-1AzoQOeSO0A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 9752
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 13763
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PXMbaFBZrgdsIRduRmCb8ALPII3zv7dTT4Ikn2B_Waxz3wLcp2giKQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:49:27 GMT
age: 74773
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=17471
expires: Mon, 30 Jan 2023 05:26:51 GMT
date: Mon, 30 Jan 2023 00:35:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.adspirit.de/banner/adviewability.js
200 OK 1.9 kB URL HTTP/1.1 cdn.adspirit.de/banner/adviewability.js
IP
ASN #60068 Datacamp Limited
Hash a4cec1ecc8880ad56e0a00aa795e5fc9
ecd46ff19ac3b262d8218f5adabe9871e36eb38b
9db4da4f2b367afe0cfe2352133c8321e225793e86c4ca6577829b96165af866
GET /banner/adviewability.js HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:40 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 09:23:18 GMT
ETag: W/"d6e34c4-192d-5e3983805ed80"
X-Accel-Expires: @1675072036
Server: CDN77-Turbo
X-77-NZT: AcO1rgXjuZz/uCECAA
X-77-NZT-Ray: 25b021315a611017dc10d7637f7eca26
X-Cache: HIT
X-Age: 139704
X-77-POP: frankfurtDE
X-77-Cache: HIT
Content-Encoding: gzip
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 29 Jan 2023 23:07:48 GMT
Expires: Mon, 30 Jan 2023 01:07:48 GMT
Cache-Control: public, max-age=7200
Age: 5272
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
connect.facebook.net/de_DE/all.js
301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/de_DE/all.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de_DE/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/de_DE/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 30 Jan 2023 00:35:40 GMT
Connection: keep-alive
Content-Length: 0
tycoon.adspirit.net/adpageview.php?&wsid=4&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675038948871
200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adpageview.php?&wsid=4&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675038948871
IP
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adpageview.php?&wsid=4&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675038948871 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:40 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Mon, 30 Jan 2023 00:35:40 GMT
Content-Length: 43
Content-Type: image/gif
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 53 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3649)
Hash 562b0ec9c1faed215508c3a63612f73e
fd7a49a4cd86412c2bd198f7090664949e9a1d9d
bf0db7020e7fa7ef9a9fc013d6a309e849707074fc6f37827da9b6c0d720a299
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 30 Jan 2023 00:35:40 GMT
Expires: Mon, 30 Jan 2023 00:35:40 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 9269656964125619963
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52704
X-XSS-Protection: 0
tycoon.adspirit.net/adview.php?tz=1675038939678762533tzmacro&&pid=33&kid=217&wmid=1291&gdpr_consent=&nvc=1&tgt=000000128&target1=-
200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adview.php?tz=1675038939678762533tzmacro&&pid=33&kid=217&wmid=1291&gdpr_consent=&nvc=1&tgt=000000128&target1=-
IP
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adview.php?tz=1675038939678762533tzmacro&&pid=33&kid=217&wmid=1291&gdpr_consent=&nvc=1&tgt=000000128&target1=- HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:40 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Mon, 30 Jan 2023 00:35:40 GMT
Content-Length: 43
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230124/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 29 Jan 2023 09:23:45 GMT
expires: Sun, 12 Feb 2023 09:23:45 GMT
cache-control: public, max-age=1209600
age: 54715
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash ff7a210d8a4acb07fed466dc8d532581
3bc169dd7a39167b2cd50a42088e676ff9fe6028
72d9983a40d614de181f478ba562b12c6f01a8e5a0c333f2bae1257807166eac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 20:43:31 GMT
Expires: Sat, 04 Feb 2023 20:43:30 GMT
Etag: "3bc169dd7a39167b2cd50a42088e676ff9fe6028"
Cache-Control: max-age=503869,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79162103dc33b4f3-OSL
simage4.pubmatic.com/AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 466 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash cd46da324a025fe955e524c079136abb
5fa8cbf0212a4a8007867e23def540df753f3e28
df072aaf1cfa3814bbf501c3ae2c9aa341c064d3b435dd0845f180e5f0f86873
GET /AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:35:40 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=813916813&utmhn=s9.crazyfarm.de&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crazy%20Farm%20Spiel%20-%20Online%20Bauernhof%20Browsergame%20kostenlos%20spielen!&utmhid=1015948740&utmr=-&utmp=%2F&utmht=1675038950358&utmac=UA-25000444-5&utmcc=__utma%3D168103027.1265526775.1675038950.1675038950.1675038950.1%3B%2B__utmz%3D168103027.1675038950.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1340166590&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
302 Found 370 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=813916813&utmhn=s9.crazyfarm.de&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crazy%20Farm%20Spiel%20-%20Online%20Bauernhof%20Browsergame%20kostenlos%20spielen!&utmhid=1015948740&utmr=-&utmp=%2F&utmht=1675038950358&utmac=UA-25000444-5&utmcc=__utma%3D168103027.1265526775.1675038950.1675038950.1675038950.1%3B%2B__utmz%3D168103027.1675038950.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1340166590&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c3e2cd9c9b6fcac88ac705061ce4b697
1ae76025a137c4ba1310a8eb34195115b1d1f870
b9872f2d16e0ae54674008e222164faeb141c9191ea722ebef2661ca09d020ef
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=813916813&utmhn=s9.crazyfarm.de&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crazy%20Farm%20Spiel%20-%20Online%20Bauernhof%20Browsergame%20kostenlos%20spielen!&utmhid=1015948740&utmr=-&utmp=%2F&utmht=1675038950358&utmac=UA-25000444-5&utmcc=__utma%3D168103027.1265526775.1675038950.1675038950.1675038950.1%3B%2B__utmz%3D168103027.1675038950.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1340166590&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25000444-5&cid=1265526775.1675038950&jid=1340166590&_v=5.7.2&z=813916813
Access-Control-Allow-Origin: *
Date: Mon, 30 Jan 2023 00:35:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 370
crazyfarm.de/favicon.ico
200 OK 471 B IP
ASN #61157 PlusServer GmbH
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
GET /favicon.ico HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 00:35:40 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Last-Modified: Sun, 27 Oct 2013 22:53:00 GMT
Connection: keep-alive
ETag: "526d994c-47e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
connect.facebook.net/de_DE/all.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/de_DE/all.js
IP
File type ASCII text, with very long lines (1957)
Hash 8bdf11b3481c717417d6c72a84c02d78
7fc0e7a53167320193f3a2ee390128079c6d17c3
f02202e85257ae62f408731b45e3fa45af78badd4ad1d33caae60bb0659b7f78
GET /de_DE/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s9.crazyfarm.de/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4487b330c9827b1ddd84c1641799a71d
etag: "9acd387012815515f2173858106111d5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 00:44:58 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: i98Rs0gccXQX1scqhMAteA==
x-fb-debug: peQRSWs8/DyE+4xuVmdzgbcnfiUEyDotXXMhL7gar4fkykn1kEq8tgOUKQ71V8OehU1tP944ePbCY/S/Sm8B1Q==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 00:35:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25000444-5&cid=1265526775.1675038950&jid=1340166590&_v=5.7.2&z=813916813
200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25000444-5&cid=1265526775.1675038950&jid=1340166590&_v=5.7.2&z=813916813
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25000444-5&cid=1265526775.1675038950&jid=1340166590&_v=5.7.2&z=813916813 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s9.crazyfarm.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 00:35:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2019
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Last-Modified: Mon, 30 Jan 2023 00:02:04 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
tycoon.adspirit.net/adviewability.php?pid=33&wmid=1291&sid=0&sid2=0&sid3=0&gdpr_consent=&s=2&t=1675038951377
200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adviewability.php?pid=33&wmid=1291&sid=0&sid2=0&sid3=0&gdpr_consent=&s=2&t=1675038951377
IP
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adviewability.php?pid=33&wmid=1291&sid=0&sid2=0&sid3=0&gdpr_consent=&s=2&t=1675038951377 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Mon, 30 Jan 2023 00:35:43 GMT
Content-Length: 43
Content-Type: image/gif
tycoon.adspirit.net/adviewability.php?pid=33&wmid=1291&sid=0&sid2=0&sid3=0&gdpr_consent=&s=1&t=1675038950342
200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adviewability.php?pid=33&wmid=1291&sid=0&sid2=0&sid3=0&gdpr_consent=&s=1&t=1675038950342
IP
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adviewability.php?pid=33&wmid=1291&sid=0&sid2=0&sid3=0&gdpr_consent=&s=1&t=1675038950342 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:35:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Mon, 30 Jan 2023 00:35:43 GMT
Content-Length: 43
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=s9.crazyfarm.de
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=s9.crazyfarm.de
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=s9.crazyfarm.de HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 00:35:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=s9.crazyfarm.de
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=s9.crazyfarm.de
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=s9.crazyfarm.de HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 00:35:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6790797b1383d154dd96b9c7d96431d0
c10a4246e678333b636a3e7f8db4ddc4a9ad0efe
41d0d96842fc087c2f14bafc019b489a4ae9b6a05b2d626dcc12304f929978c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6790797b1383d154dd96b9c7d96431d0
c10a4246e678333b636a3e7f8db4ddc4a9ad0efe
41d0d96842fc087c2f14bafc019b489a4ae9b6a05b2d626dcc12304f929978c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1506)
Hash c8e19ab58d75eb01fd735f016f55201f
e3d257ad917d19ae463c29907f36e31e856cad37
52207b7bc66270e84d6bb6c05c6d5a2d2b0d511138073a3d3fe15d7c08119932
GET /pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7523
x-xss-protection: 0
date: Sun, 29 Jan 2023 20:39:56 GMT
expires: Sun, 12 Feb 2023 20:39:56 GMT
cache-control: public, max-age=1209600
age: 14147
etag: 641023367890010850
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP
File type ASCII text, with very long lines (3504)
Hash eaf26b8f5900d361a5d447ea72df4752
26b0a44ca382082dde8648abd0a4d949bdf0c664
1334af0b91c26ce21cb75ab69d0c7e9c8ec1f00c0ce946a3689bb9d6fdcc4d37
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49065
date: Mon, 30 Jan 2023 00:35:43 GMT
expires: Mon, 30 Jan 2023 00:35:43 GMT
cache-control: private, max-age=3000
etag: "1674650782302584"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
IP
File type ASCII text, with very long lines (1569)
Hash f2def32331d05ead62d41a3b7d8a5aa6
886a89d32487bf14c4b6ca1455541859bfd9ab93
7d8b5162d6dc445509916c04871b423469ac015154fe015fe38f6529be4bbf77
GET /pagead/js/r20230124/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8871
x-xss-protection: 0
date: Sun, 29 Jan 2023 20:40:41 GMT
expires: Sun, 12 Feb 2023 20:40:41 GMT
cache-control: public, max-age=1209600
age: 14102
etag: 9510037503091481574
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
IP
File type C++ source, ASCII text, with very long lines (1688)
Hash 3582c692298538eabf17eebd7434e582
587a6222383df174947008131dcccc13efbd3dba
ac83b4d1ea4abd201377d450290a7cc306499837a4b6ff1cd2b0f8d275baaa82
GET /mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:43:21 GMT
expires: Thu, 27 Apr 2023 18:43:21 GMT
cache-control: public, max-age=7776000
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
content-type: text/javascript
age: 193942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 137334
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 473197
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 9224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3cdf7a37df5fd660125c11f6c7f44064
929c5ec370ad00ff0508f86174d450407ac680bd
22ffbbc922da324c956478cfd8cb5bcc269831ac5c85e22ef6ecdd69e3512a7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/de_DE/all.js?hash=65da3f6507d02a8829ced6a9ab173319
200 OK 87 kB URL HTTP/2 connect.facebook.net/de_DE/all.js?hash=65da3f6507d02a8829ced6a9ab173319
IP
File type ASCII text, with very long lines (18734)
Hash 241cb6d26b31112e0d680d4d23247fb4
a3888702e158125e7e9bd9c5a65ed2c8e1c7fbfc
763f846449ff6f70073fab3755558ac4acfeaaa9820823356a1ac0b6e6f612eb
GET /de_DE/all.js?hash=65da3f6507d02a8829ced6a9ab173319 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://s9.crazyfarm.de
Connection: keep-alive
Referer: http://s9.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8d1e37a815d378faa0778108376da9e2
etag: "640b544bb4597e5d47ddbc3989094a4b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Jan 2024 23:10:14 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JBy20msxES4NaA1NIyR/tA==
x-fb-debug: pu//lOg5+6F2+tPgYJiceZkRNMo3L1BuR7xvKYRtKX7HsabUJNJ0iwlBhqHePAaEX7uqXR7+rc2WGowXuUv9CQ==
priority: u=3,i
content-length: 86839
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 00:35:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3cdf7a37df5fd660125c11f6c7f44064
929c5ec370ad00ff0508f86174d450407ac680bd
22ffbbc922da324c956478cfd8cb5bcc269831ac5c85e22ef6ecdd69e3512a7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/x/oauth/status?client_id=355001011300974&input_token&origin=1&redirect_uri=http%3A%2F%2Fs9.crazyfarm.de%2F&sdk=joey&wants_cookie_data=false
200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=355001011300974&input_token&origin=1&redirect_uri=http%3A%2F%2Fs9.crazyfarm.de%2F&sdk=joey&wants_cookie_data=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=355001011300974&input_token&origin=1&redirect_uri=http%3A%2F%2Fs9.crazyfarm.de%2F&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s9.crazyfarm.de/
Origin: http://s9.crazyfarm.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: http://s9.crazyfarm.de
fb-s: unknown
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: vwXlPY2soWPQFLyvGd3hwUZTqPxLiXLcrOsUsMxAYwsWQW8J3iFPFDTP4SoSXcWaIRUcYtNa4cIkGMsbSHfIHg==
content-length: 0
date: Mon, 30 Jan 2023 00:35:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:35:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=677E775D-A5F6-4DF4-9B1A-06D1D5ABCDCF&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:35:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
62.138.218.36
157.240.205.11
31.13.72.36
104.18.32.68
142.250.74.163
176.34.76.249
93.184.220.29
23.36.76.226