no.answersexpress.com/specular-spectacular-88781
104.21.3.123301 Moved Permanently 0 B URL HTTP/1.1 no.answersexpress.com/specular-spectacular-88781
IP 104.21.3.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /specular-spectacular-88781 HTTP/1.1
Host: no.answersexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 18:49:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 19:49:09 GMT
Location: https://no.answersexpress.com/specular-spectacular-88781
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQXoiyD%2Br4yprX7cYOrADXwHgGv6qyWwaX7Do7GYgN%2BCd4PEOdP4PDmn%2B6TAFrNz%2FLs24jjFBkBZkKKf%2FAn%2F7TlESedyCo6XkqkD9xIBUKO%2FQQPPdK3fI9%2B35M%2FNRcmcZjMBejpyxZc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 74719f685e110b06-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 18:04:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PQKA5unh79Ao5r8q7J_Y3MN_Yidy5K8x3P9hpMbqiE_3mNCNz62kkQ==
Age: 2665
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3010
Expires: Wed, 07 Sep 2022 19:39:19 GMT
Date: Wed, 07 Sep 2022 18:49:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dzUD01iDBsAQR_oe86z0X6W19Wrz7JiVWJOcQxDPSzOYbBb7LmUaoA==
age: 54155
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:49:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b3177d03e4fd86676fdfa858f458be7
ce70b37145abb8ec5b264ae45155eb44f5412082
1d3f90b00800eec63ac8b1e1494bbb4d5ebb63447a286956d6845416acb369bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D3F90B00800EEC63AC8B1E1494BBB4D5EBB63447A286956D6845416ACB369BD"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11443
Expires: Wed, 07 Sep 2022 21:59:52 GMT
Date: Wed, 07 Sep 2022 18:49:09 GMT
Connection: keep-alive
cst.wpu.sh/static/adManager.js
188.166.100.156301 Moved Permanently 169 B URL HTTP/2 cst.wpu.sh/static/adManager.js
IP 188.166.100.156:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
GET /static/adManager.js HTTP/1.1
Host: cst.wpu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx/1.18.0
date: Wed, 07 Sep 2022 18:49:09 GMT
content-type: text/html
content-length: 169
location: https://cst.cstwpush.com/static/adManager.js
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f791e6440ce515569bb0194eda4d603b
8d8fa952205d85133136ac352d2732bc4c838c42
c32a6a6c9669d371e94d43f6e765a8e438096c6eb8b69d719ad365255d669417
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.zx-adnet.com/adx/optr21_19091901.js
151.101.1.195200 OK 20 kB URL HTTP/2 cdn.zx-adnet.com/adx/optr21_19091901.js
IP 151.101.1.195:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64489), with CRLF line terminators
Hash b37347ad00f57eb2d934c4d43346f783
225af7142062d3d37ed529328c9fae858854f603
440b08b2dbf4d45046fdcc060e5e5e2891d78f2669c5707bd3d522355f724d66
GET /adx/optr21_19091901.js HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600,public
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "8d667337f4b47f19e2bec17c6b3da3ea299231ef64ae69dbf0b8eacded0e31a3-br"
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:49:09 GMT
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662576550.806827,VS0,VE85
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length: 20001
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/T6LjQP97zaE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/T6LjQP97zaE
IP 142.250.74.3:0
Hash 9c2579025cfc123ee543285827465132
8f3d4e440cc635f1361322bca5549a36db6f06ce
db3d499ad02b4fef9250464527358053516ad46f813d32c628731b885bf53a9f
POST /s/gts1d4/T6LjQP97zaE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 83 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 5e95fd71c0607321599b2ed694f30adc
15e75c6e8fd13c12afb93e659206ec28893f7d17
eb5c363392c61c58e2ab8088a17da732d4c552a8a063e8276082192d5aa81a77
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.242.0
x-jsd-version-type: version
etag: W/"3364d-8zUodyTu6b7iC+HzYMc9hdc5tyQ"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:49:09 GMT
age: 34715
x-served-by: cache-fra19144-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 83361
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 51847b4b14059be4def552c85837e12f
ea001a97def52dd72ee29b3bb6d27dacc3a9a56e
c0e821a9c144d584d874629108ca605420d62f2f64769db73eeec7eadd1d0f46
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8024784C24C14195FB929C6D4BEEA5460C488FCA"
Expires: Thu, 08 Sep 2022 05:00:00 GMT
Last-Modified: Wed, 07 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1925
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74719f6d8fa80b55-OSL
www.youtube.com/s/player/f96f6702/www-player.css
142.250.74.142200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/www-player.css
IP 142.250.74.142:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/f96f6702/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/RrRQpEmVcVw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:34:22 GMT
expires: Thu, 07 Sep 2023 02:34:22 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/css
age: 58488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eefbc3e92429d8e2beb6d1d913cd7442
ed50f0d6bf3aaa67945627d401d70f357940c786
693b3bff56a8f267f7831903e497dcfde37b16b188824fa63fd310698ab13388
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js
142.250.74.142200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (592)
Hash b53c09c40c493fdce3c7226bfbdea0c8
f47351c375bc4a585d6f7d4a9c95dea1321fffe3
a2968e101eb040349ba6a7f897fbad9f20f4a04cb35c3e1b575090edae6edf3d
GET /s/player/f96f6702/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/RrRQpEmVcVw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97690
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:40:49 GMT
expires: Thu, 07 Sep 2023 02:40:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/javascript
age: 58101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/f96f6702/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.142200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.142:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/f96f6702/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/RrRQpEmVcVw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:40:49 GMT
expires: Thu, 07 Sep 2023 02:40:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/javascript
age: 58101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/f96f6702/player_ias.vflset/en_US/base.js
142.250.74.142200 OK 587 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/player_ias.vflset/en_US/base.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (596)
Size 587 kB (587364 bytes)
Hash ef214da071f4f29abd5c5093b622e8d4
8a812c88900794fcec5bdfb8e28b908df5e0f7dd
b47eea7c8155bc41a43f9b81052b4ef695c8334ff19ad3e63482b992570de388
GET /s/player/f96f6702/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/RrRQpEmVcVw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 587364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:34:22 GMT
expires: Thu, 07 Sep 2023 02:34:22 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/javascript
age: 58488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/RrRQpEmVcVw
142.250.74.142200 OK 27 kB URL HTTP/2 www.youtube.com/embed/RrRQpEmVcVw
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59016)
Hash 42fc6d88e7831191367effc2c453d585
8a2740eb564e16420a090defda3c86adf3710735
b27f3b8d59ddb967dff17c09e0e61b6134b2850b80a0156cbcb00b30a5c568fe
GET /embed/RrRQpEmVcVw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Sep 2022 18:49:09 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=eTddFbmdU_0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=kAkuGqIN-rc; Domain=.youtube.com; Expires=Mon, 06-Mar-2023 18:49:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+797; expires=Fri, 06-Sep-2024 18:49:09 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 368232
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
site2text-2021.web.app/tic?startqa=1&r=0.6150316289044906
199.36.158.100200 OK 0 B URL HTTP/2 site2text-2021.web.app/tic?startqa=1&r=0.6150316289044906
IP 199.36.158.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tic?startqa=1&r=0.6150316289044906 HTTP/1.1
Host: site2text-2021.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: private
content-type: text/html
function-execution-id: faqjrzonb2tp
server: Google Frontend
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cloud-trace-context: 1392c9d223b37c8ee16ffffc30a31422
x-country-code: NO
x-orig-accept-language: en-US,en;q=0.5
x-robots-tag: noindex
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:49:10 GMT
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662576550.025152,VS0,VE188
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c5e24d716f196f3d827e0f84a0d53
a712adcad30297b720affdc1537ffd26b26b6f26
886e56df9f75414a37db25f6163537b7f0be55dcf1134bf8887fcedf19038847
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "886E56DF9F75414A37DB25F6163537B7F0BE55DCF1134BF8887FCEDF19038847"
Last-Modified: Wed, 07 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2913
Expires: Wed, 07 Sep 2022 19:37:43 GMT
Date: Wed, 07 Sep 2022 18:49:10 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A
IP 142.250.74.3:0
Hash 068ef5c0ebd8463170d0a0026318d5ab
849871b207d6ddcf39a321a9f40ba5d472ad4315
2ee6fa3d2ca0fd1deb64665fa35770b43a4cb47f95ed8c25d4f5d7fec5fcd6f0
POST /s/gts1d4int/7ZBQLSBvJ5A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 18:38:18 GMT
Expires: Wed, 07 Sep 2022 19:07:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ucm5Hdxfo3G_DfIU5vv_uNQG0WD2dgYaTPh3vAWQsANsFkAryQeBpg==
Age: 652
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash cda2818f121646cc9fe27e751160aa27
0d755088dae10b6416fefdb8317a35250d540616
0c5ec24ee8300e7d37f55eec60309314e061dc7fc48012b2c8aa82490c01bff8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:10 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Sep 2022 15:10:43 GMT
ETag: "0d755088dae10b6416fefdb8317a35250d540616"
Last-Modified: Wed, 07 Sep 2022 15:10:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3185
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74719f700b320b55-OSL
ocsp.pki.goog/s/gts1d4/CQTuB44W4b0
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CQTuB44W4b0
IP 142.250.74.3:0
Hash 30a13f75ce92e2796b917ce69a666d47
06ee6ca4e8bc566de46da2d17b732086ec6a2752
867d7c8812843cf9ec15b6b97e1796ff2ca173f08ea3c5a8136dfa2c6371aab6
POST /s/gts1d4/CQTuB44W4b0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 206f5f93b4af3e50cf9becec0f5b04e5
97651ae885002fd04084720ca11c531425eb887d
7b6d536648f0cefcdd828d5bd7ccd68402854a8ca6b9a66530015d002b6dd9d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B6D536648F0CEFCDD828D5BD7CCD68402854A8CA6B9A66530015D002B6DD9D5"
Last-Modified: Mon, 05 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7507
Expires: Wed, 07 Sep 2022 20:54:17 GMT
Date: Wed, 07 Sep 2022 18:49:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5570
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 17:16:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
get.optad360.io/sf/prebid5.14.0.js
143.204.55.65200 OK 471 kB URL HTTP/2 get.optad360.io/sf/prebid5.14.0.js
IP 143.204.55.65:0
File type ASCII text, with very long lines (47069)
Size 471 kB (471445 bytes)
Hash 6dd0a13bde35d2daa452bba998871016
67c1a126236fe4d9fefd628dc4040a2991417f2a
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
GET /sf/prebid5.14.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 471445
date: Thu, 28 Jul 2022 03:43:18 GMT
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
etag: "6dd0a13bde35d2daa452bba998871016"
cache-control: public, max-age=360000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OLAQ20PwPCfGljnuqmPnBUKrZ2xI2zYKSTaV5YPFR9qwa1cK4cKcJQ==
age: 3596753
X-Firefox-Spdy: h2
mc.yandex.ru/watch/52112104?wmode=7&page-url=https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A750%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1560782042236%3Ahid%3A892336020%3Az%3A0%3Ai%3A20220907184903%3Aet%3A1662576543%3Ac%3A1%3Arn%3A1029993874%3Arqn%3A1%3Au%3A1662576543917028576%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576542267%3Ads%3A1%2C15%2C64%2C1%2C307%2C0%2C%2C334%2C25%2C%2C%2C%2C772%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576543%3At%3ASpektakul%C3%A6r%20spektakul%C3%A6r%20-%20Nyheter%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/52112104?wmode=7&page-url=https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A750%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1560782042236%3Ahid%3A892336020%3Az%3A0%3Ai%3A20220907184903%3Aet%3A1662576543%3Ac%3A1%3Arn%3A1029993874%3Arqn%3A1%3Au%3A1662576543917028576%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576542267%3Ads%3A1%2C15%2C64%2C1%2C307%2C0%2C%2C334%2C25%2C%2C%2C%2C772%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576543%3At%3ASpektakul%C3%A6r%20spektakul%C3%A6r%20-%20Nyheter%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash f656be5cb531974581a7c6c469ad8a90
89564a14ce8ba38abe20e4ef7b018672f881be2d
949b1bcbe838d011665ca8561e3a20063308f356ba901ab4bad9b339df72cd5b
GET /watch/52112104?wmode=7&page-url=https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A750%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1560782042236%3Ahid%3A892336020%3Az%3A0%3Ai%3A20220907184903%3Aet%3A1662576543%3Ac%3A1%3Arn%3A1029993874%3Arqn%3A1%3Au%3A1662576543917028576%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576542267%3Ads%3A1%2C15%2C64%2C1%2C307%2C0%2C%2C334%2C25%2C%2C%2C%2C772%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576543%3At%3ASpektakul%C3%A6r%20spektakul%C3%A6r%20-%20Nyheter%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/52112104/1?wmode=7&page-url=https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbet5rlk%3Afp%3A750%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1560782042236%3Ahid%3A892336020%3Az%3A0%3Ai%3A20220907184903%3Aet%3A1662576543%3Ac%3A1%3Arn%3A1029993874%3Arqn%3A1%3Au%3A1662576543917028576%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576542267%3Ads%3A1%2C15%2C64%2C1%2C307%2C0%2C%2C334%2C25%2C%2C%2C%2C772%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576543%3At%3ASpektakul%C3%A6r%20spektakul%C3%A6r%20-%20Nyheter%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-origin: https://no.answersexpress.com
set-cookie: yandexuid=9184012341662576550; Expires=Thu, 07-Sep-2023 18:49:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9184012341662576550; Expires=Thu, 07-Sep-2023 18:49:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2287306321662576550; Path=/; SameSite=None; Secure
i=7o1LbqsivkBSdXkxcI3SscfjXl62lrsElwA2JXO7H5qS7anSoBw/B4OnYp1MsxN9z89D+ULiSc7LODDTPw4kJ9aQ/y8=; Expires=Sat, 04-Sep-2032 18:49:01 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694112550.yrts.1662576550#1694112550.yrtsi.1662576550; Expires=Thu, 07-Sep-2023 18:49:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:49:10 GMT
last-modified: Wed, 07-Sep-2022 18:49:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
quickly-answers.com/en/Q%26A/page=1f425df5e0bcf5ce02cdae2512130b74
199.36.158.100200 OK 20 kB URL HTTP/2 quickly-answers.com/en/Q%26A/page=1f425df5e0bcf5ce02cdae2512130b74
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62123), with no line terminators
Hash ad4df26c025490282fe0b56a7e497ea0
b79b8bd842ec3850fd8bb01be78097211e261d46
4cd31f91cf5c6bc3bb645f79276ade1cb5af817381546faab25e7771f8c09ef0
GET /en/Q%26A/page=1f425df5e0bcf5ce02cdae2512130b74 HTTP/1.1
Host: quickly-answers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: public,max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"f2b1-t3c/DMLnU2kUIqu5de7KuAbXTfk"
function-execution-id: atvs1yhputcj
last-modified: Thu, 20 Jan 2022 14:41:47 GMT
server: Google Frontend
strict-transport-security: max-age=31556926
x-cloud-trace-context: b4533b793334c9934f6fd2fd9a6700f8
x-country-code: LT
x-orig-accept-language: en-US,en;q=0.9,lt;q=0.8
x-robots-tag: index,folow
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:49:10 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662576551.674236,VS0,VE4
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-length: 20033
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/HyS5bheT_nM
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HyS5bheT_nM
IP 142.250.74.3:0
Hash 429522faea13530e97de3bbd4c4ed544
d5986a63bfbcffb52efea5c92a60543ad044c2d0
615e793125714d152b544124edb199f933540130e1fc4a89c868ae8562a390f9
POST /s/gts1d4/HyS5bheT_nM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 099fb190eab547a500a729555439f215
1273cf8944e19d6aceed1b1618c503b67350bdbe
52a97c463bb447f8528d16ff36633f98686f7cfeaa081c3efd03aaca399e7f2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.wpadmngr.com/static/adManager.m.js
45.133.44.24200 OK 32 kB URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 012f0ca6d3ab70bb55fb5e00d9107073
1923f472dae9101a3e4e316a9a6cd524a208eda3
cb05fbb45788934e3c7dc937b8574167ac4b4c8b5d0defa637f1377abac98c42
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 06 Sep 2022 11:04:40 GMT
etag: W/"63172948-15a9b"
content-encoding: gzip
expires: Wed, 07 Sep 2022 18:54:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.66200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (44969)
Hash cb1193d95b7f2dfd81b0aa87f53b1b0d
8f72f07142c0b5b7e291c1a13ec1a89c3b05ec5e
f7f448cb9ed905201e27660ba7e5f33fd6b251a26e9fdca1aae871dd4a617b3b
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 28533
date: Wed, 07 Sep 2022 18:49:10 GMT
expires: Wed, 07 Sep 2022 18:49:10 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1327 / 818 of 1000 / last-modified: 1662548676"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//no.answersexpress.com/specular-spectacular-88781;0.05416779118756754
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//no.answersexpress.com/specular-spectacular-88781;0.05416779118756754
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?r;s1280*1024*24;uhttps%3A//no.answersexpress.com/specular-spectacular-88781;0.05416779118756754 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Sep 2022 18:49:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 06 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 07 Sep 2022 18:54:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d8692069c44864ed9e9aeb52ac7e8dd
572794e1f6dc7d6111bb993d05a18571998ff568
517f404a99108de88a505c4154eebdf84ab8bdb03200dd0ba258b365a7aee33b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "517F404A99108DE88A505C4154EEBDF84AB8BDB03200DD0BA258B365A7AEE33B"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7040
Expires: Wed, 07 Sep 2022 20:46:30 GMT
Date: Wed, 07 Sep 2022 18:49:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a17946fe3c2f2d726292605709e00d6b
e760304880a43478de1a8e30dc398498547d87a3
58074a713dd2563368b44e390e6b590d9c8afde60f24c1c242597f3f47d41a48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 17:30:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c35a376c0e9620e600bbab87a4b93b86
d25ae8da4874fbe7d074f9e00a63ba4c0c637ef0
e214919ef42b09adfc38db575c0b2682ce0ed83b63763863884f1c369fadf14a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a17946fe3c2f2d726292605709e00d6b
e760304880a43478de1a8e30dc398498547d87a3
58074a713dd2563368b44e390e6b590d9c8afde60f24c1c242597f3f47d41a48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 17:30:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
htlb.casalemedia.com/cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213dda2ffaded40b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221418ed53c6ea0ec%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
104.18.19.126200 OK 37 B URL HTTP/2 htlb.casalemedia.com/cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213dda2ffaded40b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221418ed53c6ea0ec%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
IP 104.18.19.126:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6252c4c149058d27291f504de1c4dcbd
d29d0d08104f0a478f6ab5adfdb22b90b9de82fd
b2b51b093399dfb27bf0a6e89c5c8db8bb7dfedbadd41f0caded569fa305dbf9
GET /cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213dda2ffaded40b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fno.answersexpress.com%2Fspecular-spectacular-88781%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221418ed53c6ea0ec%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D HTTP/1.1
Host: htlb.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:10 GMT
content-type: application/json
content-length: 37
cf-ray: 74719f72cc2fb500-OSL
access-control-allow-origin: https://no.answersexpress.com
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0V3n7jK272RAVL7PXnmNkj0Fo7kkDJFfJpCii1OxvmGqQJeCqAd1uFaQTgZvtHbLbZEhNWO9U8jbWlQuOckS8Jl1PVsbPP5JmlcEBxESofZf1j1JK1lDAc6yN30TxG%2BsGq%2FpziN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
na.nawpush.com/tags/1349?version_name=b
45.133.44.24200 OK 659 B URL HTTP/2 na.nawpush.com/tags/1349?version_name=b
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (659), with no line terminators
Hash 6908299e6f6463a4daf8b98f24588ff0
377c460a86aa2809426e04a8a1df5b432ee1dbbe
ae3bba83b1182ab504a90f8037f6fd673b3fcb7e74581941ad5f190bedeffe71
GET /tags/1349?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:10 GMT
content-type: application/json
content-length: 659
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1721bc1215ea65f153e07f3fdef944
ea7470604b99c3e33c1631bea59472a2d89cc66b
01a159a95b01acbd7d211819d797caa6bddb0b3e255ad29d7befaefa178a4dc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 17:14:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
storage.googleapis.com/s2t-images/mr.js?0.8535231323761785
216.58.207.208200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.8535231323761785
IP 216.58.207.208:0
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.8535231323761785 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtydv8-dfgwemTHy7tXbQ3lfpWd340u_o6ijw9bnAirgkH4JYD4zDQSflDnJOTwMNIRhzT27Jq9785xpLsvhW14T44C-mIU
date: Wed, 07 Sep 2022 18:49:10 GMT
cache-control: public, max-age=31536000
expires: Thu, 07 Sep 2023 18:49:10 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1721bc1215ea65f153e07f3fdef944
ea7470604b99c3e33c1631bea59472a2d89cc66b
01a159a95b01acbd7d211819d797caa6bddb0b3e255ad29d7befaefa178a4dc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 938
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 18:33:32 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 529
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-origin: https://no.answersexpress.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 561
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-origin: https://no.answersexpress.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1721bc1215ea65f153e07f3fdef944
ea7470604b99c3e33c1631bea59472a2d89cc66b
01a159a95b01acbd7d211819d797caa6bddb0b3e255ad29d7befaefa178a4dc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 17:14:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 35 kB URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash 6eba321655ceb4c0609176488c75e5a0
e8ba9ae61ba0f0dfe32e3b19b7d72783bcdfdd38
0100dbdf10bd984ec867477325effcb26d58ac7d8c8733f9ae336d100da6a561
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-origin: https://no.answersexpress.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1721bc1215ea65f153e07f3fdef944
ea7470604b99c3e33c1631bea59472a2d89cc66b
01a159a95b01acbd7d211819d797caa6bddb0b3e255ad29d7befaefa178a4dc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Last-Modified: Wed, 07 Sep 2022 17:12:21 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 10dee419bf249eae9a850ff08e4d1ca7
777fb88a165281900d6da5f3e4ae141afe73bbad
9dc4af02817a529e9229ef682fadc92914e61643cac54b4a06a5f96d51154ec1
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 662
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://no.answersexpress.com
AN-X-Request-Uuid: 8ef63ec6-beb2-4e0a-98d6-59df417091b5
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 160e8df736550bb9f8020d27535a9e90
0eac9d47a3a4b127c657aac87b4e9234d19d2a61
1bf7b1e7bfa61cd5622607b74c700983f7e1fcc5680c0544da8c0617a9da87c7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 714
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://no.answersexpress.com
AN-X-Request-Uuid: 33bf8b5b-5080-4136-9b0c-2893bce0b1e3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 099fb190eab547a500a729555439f215
1273cf8944e19d6aceed1b1618c503b67350bdbe
52a97c463bb447f8528d16ff36633f98686f7cfeaa081c3efd03aaca399e7f2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adx.adform.net/adx/openrtb
37.157.5.142204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.5.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 554
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://no.answersexpress.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e27313c78bb1b4915b56819ea1681c89
aeea006638532562eb6d03ce71f1928f16a79e14
54f506e01b24da86d55bed7a799101e97f051c3ae9f40adb8627b28f611d4570
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:44:23 GMT
expires: Wed, 07 Sep 2022 18:59:23 GMT
cache-control: public, max-age=900
age: 288
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.5.142204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.5.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 589
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:49:11 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://no.answersexpress.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef624ec15e86a1551d068aa7b535ed69
920568fda6f4b8bf3edc71341f307aca850b6f61
9615bc8be5a82f4b7a887d8e366f5a637afa339dbc5a2e563aa8ec028bf1df6a
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 714
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://no.answersexpress.com
AN-X-Request-Uuid: 5205f090-e2e4-41be-b726-3fe2e91dc05b
Set-Cookie: icu=ChgI2cldEAoYASABKAEwp8_jmAY4AUABSAEQp8_jmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:49:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4667766881500425529; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:49:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
37.157.5.142204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.5.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 589
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:49:11 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://no.answersexpress.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 07 Sep 2022 18:49:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09cd4a35767fb409963659229eaf672f
f5593747662cd2c08b83f186af133957bfd47911
27388cbcc6ac59310c6d64622658f85dbe5e67643e77d77ba1c60a9763106023
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Sep 2022 18:49:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35963)
Hash 0a10e1669fa5f54a96c02562d935783f
fb9c033841ed0848caeede748301a5c91de6c800
25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 49529
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 39d5d9896a30e0279e1afe9bcd2929f0
aced612124f6e8f435c98a5495854caabaa30c3e
c44807326df4200b09d7d5f2b486a908d68b5a246adbb576b4bd97c0546aea98
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Sep 2022 18:49:11 GMT
server: ESF
cache-control: private
content-length: 30706
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db433121f8c8215d44bcd26aff290172
f96b386796e3589437cd57fac6782842c17ce746
455323a3f807014a498118929131b6aad4ec5283f95be23108b2afd329576098
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3639ba0efe4098829800b697fa38405d
96391802923ca3b07fdc294b6140c2749fd43a60
c99cafe0cef0d9d8c1212c49b7e4155efc6ee4cc9650bd6e256875599be1d8d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/RrRQpEmVcVw/maxresdefault.jpg
216.58.207.214200 OK 137 kB URL HTTP/2 i.ytimg.com/vi/RrRQpEmVcVw/maxresdefault.jpg
IP 216.58.207.214:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 137 kB (137441 bytes)
Hash 5d3f287a33e576f8a3222054ee92a819
549ea85acd50f8388db2f2de241c47af6b157e25
2f51ce5ea066776dd21c88103a17ab21d308658554ff0b0b25b04a3829b2f4bf
GET /vi/RrRQpEmVcVw/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 137441
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 17:58:38 GMT
expires: Wed, 07 Sep 2022 19:58:38 GMT
cache-control: public, max-age=7200
age: 3033
etag: "1526469855"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3639ba0efe4098829800b697fa38405d
96391802923ca3b07fdc294b6140c2749fd43a60
c99cafe0cef0d9d8c1212c49b7e4155efc6ee4cc9650bd6e256875599be1d8d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f826e6c7ed5681ea2e4fb221deee4c65
85450db9a100d7b512f454c49237d8071e6f5a05
d96e95c4e9ec09f5e53aef9d6be1e36858601c5b999587f1d104e588bbc49e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9xj1FVwInflH9lyUa-UBB2UU4mwSwu_Dpttdi4Ig=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9xj1FVwInflH9lyUa-UBB2UU4mwSwu_Dpttdi4Ig=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 2d8f47110f4c04579140ecbfb3d9f591
d2123a232579304f46901e7f6fdd97d62a4905c4
e5b5c06293dbf02a7ab4c7553ee6bb8c0db7a22d9fa4af3f8857e56f93a0d6f2
GET /ytc/AMLnZu9xj1FVwInflH9lyUa-UBB2UU4mwSwu_Dpttdi4Ig=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2398
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:26:30 GMT
expires: Fri, 29 Jul 2022 09:55:48 GMT
cache-control: public, max-age=86400, no-transform
age: 1361
etag: "v179"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3sWnLeFGKqLMnM2N3navLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0KPjoZsEfz8/RbEUe1jhkBxytv0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 59496ac62759b6e474de2975c4616ae4
ad7012c529ae9e9a3d303be7a4acd0c136c4f482
d158e67545924fc1326c87d82e610dcdb35781c7509e6a8693eff3c35d79f95d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js
143.204.55.65200 OK 90 kB URL HTTP/2 get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js
IP 143.204.55.65:0
Hash d8e282f173567d0c6200ba060875311e
f81996e788282d669cc97ed8d88cc2d0c3a67997
c26acdece3da7ad124fdc6d85e1677ab0c7ee7f9679b4578debb5ab1166c346e
GET /sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 10 Mar 2022 12:36:00 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Sep 2022 18:26:57 GMT
cache-control: public, max-age=3600
etag: W/"588fa2466d71b4d118fdf3af043b05a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7zyhlR1Fze1I8Lbh4nY-eWSC1Y6OnKh2xmvbkmzJbHODedin-x1kLg==
age: 1333
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=no.answersexpress.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=no.answersexpress.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=no.answersexpress.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:49:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=no.answersexpress.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=no.answersexpress.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=no.answersexpress.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:49:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 8.0 kB IP 142.250.74.3:0
Hash 365d49ff7d4927e4299bf24fea73429b
b6bf0a1254d4b982a86758447d81dda99fb5c5a9
635802052549503575cb14588f2753d4a35658ea663550859574f3ed9849a4cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14598), with no line terminators
Hash fe7513fd1df56cd8ff30d52ee2514ef1
b7b6db0a687992558d37f12cbb7eef2502cfe8c5
743180a7a307b08e7e7e1fb170f87140f09ddcce23845795bce5c8cc17ea5215
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:49:12 GMT
server: cafe
cache-control: private
content-length: 11083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 07 Sep 2022 18:49:12 GMT
expires: Thu, 07 Sep 2023 18:49:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:04 GMT
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
age: 76028
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 74080
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 0054ce27-72f6-4161-90d0-eeb20d9c9537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqcrEczIAMFqlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdea-0c3e511533c91b783a458f2b;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q4n9f959aCshN6qgQ2LWVSUTmSd4hvjWyF2GNdsR1_asVSdFKxXsqw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:08 GMT
age: 76084
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 75579
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 75119
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Sep 2022 18:49:12 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 7c3c10fd-ce94-4d39-9fc0-de3f30d307c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XkARtEI8oAMFqjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b140a-396d466a114b14592f68c813;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:06:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PCqO2_8gh8yq-POB4jnsRNA0xRULJBB3n8-_Kz7nWQrxqbMPykbfkw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:16 GMT
age: 76016
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 118 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3daf13d38b30bd5be8d522c52ca12d2a
c5cb11b31906b3772bc28117718421b1828b5d06
3855e6cec9de23c0ffb1b86e22c9c175349149650bac8a732e073113391c8a78
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1227
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Sep 2022 18:49:12 GMT
server: ESF
cache-control: private
content-length: 118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e573ff9371c6009815dd168229d18aa
94a37a77bfc9edaba87236e360f6a621a1858563
ea317461c226b80fcd9d6da385cf7b1436094606f1415b40831e2b88a1a25f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA317461C226B80FCD9D6DA385CF7B1436094606F1415B40831E2B88A1A25F06"
Last-Modified: Mon, 05 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7626
Expires: Wed, 07 Sep 2022 20:56:18 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16900cab3f492b70b62149ba3017eba5
473e474b33be6d9693d15ae5afd6b6d33cf9183b
bf1460c742e5084e162bddcad3b9ff16ec8ff24336de964bda8ff366010c921f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF1460C742E5084E162BDDCAD3B9FF16EC8FF24336DE964BDA8FF366010C921F"
Last-Modified: Tue, 06 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4649
Expires: Wed, 07 Sep 2022 20:06:41 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
d8a36d2504.e4d3c228c4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDIyMzg4ODIxMzQ1NTA5ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjYuMSIsInRhZ19pZCI6MTM0OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjM0LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJTcGVrdGFrdWwlQzMlQTZyJTJDc3Bla3Rha3VsJUMzJUE2ciUyQ055aGV0ZXIlMkMyMDIyJTJDVXRzaWt0ZW4lMkNpbm5laG9sZGVyJTJDZWt0ZSUyQ2ZhcmdlaW5mb3JtYXNqb24lMkNzZWx2JTJDb20lMkNkZXQlMkNpa2tlJTJDZXIlMkNkZW4lMkNuYXR1cmxpZ2UlMkNmYXJnZW4lMkNkZXQlMkNtZW5uZXNrZWxpZ2UlMkMlQzMlQjh5ZSUyQ3ZpbGxlJTJDc2UuJTIwIn0=
45.133.44.24200 OK 0 B URL HTTP/2 d8a36d2504.e4d3c228c4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDIyMzg4ODIxMzQ1NTA5ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjYuMSIsInRhZ19pZCI6MTM0OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjM0LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJTcGVrdGFrdWwlQzMlQTZyJTJDc3Bla3Rha3VsJUMzJUE2ciUyQ055aGV0ZXIlMkMyMDIyJTJDVXRzaWt0ZW4lMkNpbm5laG9sZGVyJTJDZWt0ZSUyQ2ZhcmdlaW5mb3JtYXNqb24lMkNzZWx2JTJDb20lMkNkZXQlMkNpa2tlJTJDZXIlMkNkZW4lMkNuYXR1cmxpZ2UlMkNmYXJnZW4lMkNkZXQlMkNtZW5uZXNrZWxpZ2UlMkMlQzMlQjh5ZSUyQ3ZpbGxlJTJDc2UuJTIwIn0=
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDIyMzg4ODIxMzQ1NTA5ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjYuMSIsInRhZ19pZCI6MTM0OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjM0LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJTcGVrdGFrdWwlQzMlQTZyJTJDc3Bla3Rha3VsJUMzJUE2ciUyQ055aGV0ZXIlMkMyMDIyJTJDVXRzaWt0ZW4lMkNpbm5laG9sZGVyJTJDZWt0ZSUyQ2ZhcmdlaW5mb3JtYXNqb24lMkNzZWx2JTJDb20lMkNkZXQlMkNpa2tlJTJDZXIlMkNkZW4lMkNuYXR1cmxpZ2UlMkNmYXJnZW4lMkNkZXQlMkNtZW5uZXNrZWxpZ2UlMkMlQzMlQjh5ZSUyQ3ZpbGxlJTJDc2UuJTIwIn0= HTTP/1.1
Host: d8a36d2504.e4d3c228c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:12 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.24200 OK 26 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (61593), with no line terminators
Hash 6f7c1cca3ba1b5d8d52dfa02d109c195
db0892af6bc15fe31aa3ddd39fe5e59e7d53bf79
e22efa221a020be46e8a59a4517b6f7c93bcb1a05a6e548cfe369d93458e7f69
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:12 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Sep 2022 14:09:54 GMT
etag: W/"6318a632-f150"
content-encoding: gzip
expires: Wed, 07 Sep 2022 18:54:12 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6607f633a69454985d8fa5678f2e67b1
05a1f633910f9a0597bd6de91e518c50fcc5a537
551b4d2829d358c83aa0fce1631957f8ac18192f43761cdb2c1796bb4d9f5fe3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "551B4D2829D358C83AA0FCE1631957F8AC18192F43761CDB2C1796BB4D9F5FE3"
Last-Modified: Wed, 07 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Wed, 07 Sep 2022 21:02:06 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13f32c51522de1520845381e8a9fc8a9
80cd3229bfb73e07bf3325b2a1049f69680f037c
1f7c1f756fb00ac9d27963e2f3fefc12c0c8326d5b0155613daa51cdd95601b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (2228)
Hash 5e6f20aab50c7ded3cf750de7af3cf44
409ec574caaecbcfdad3125b7f26e566816f0b14
82403f266bf5091d75d7e16617626e0d06955997fa0b814f84294dd466bc6606
GET /pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7602
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:43:31 GMT
expires: Wed, 21 Sep 2022 18:43:31 GMT
cache-control: public, max-age=1209600
etag: 8484125879011292595
content-type: text/javascript; charset=UTF-8
age: 341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 634428868929976434ab5892380e152e
14d320704d20c7727a88bae65e597b68a4e75e8e
2bc1bbaf3a15b255c6acc33a41ef375a79440c13765ed9aeeec53c571e7a40d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BC1BBAF3A15B255C6ACC33A41EF375A79440C13765ED9AEEEC53C571E7A40D4"
Last-Modified: Tue, 06 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3841
Expires: Wed, 07 Sep 2022 19:53:13 GMT
Date: Wed, 07 Sep 2022 18:49:12 GMT
Connection: keep-alive
hal9000.redintelligence.net/zone/69862vf4ayx1?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D
46.4.10.49200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/69862vf4ayx1?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1671), with CRLF line terminators
Hash f790b7236cba2252cb196e23dbf30387
8da13ab7e72f943636688048478fcf4bb7f77ceb
c3968f9e33bb46cb2de19b50b77101d9e5cbff172df9a160a0ac0e2d36bb9057
GET /zone/69862vf4ayx1?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4091
Connection: close
Content-Type: text/html; charset=UTF-8
hal90001.redintelligence.net/request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
46.4.10.49302 Found 0 B URL HTTP/1.1 hal90001.redintelligence.net/request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 07 Sep 2022 18:49:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Sep 2022 19:49:12 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=4bd563ae5227629b; expires=Tue, 06-Dec-2022 18:49:12 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
hal90001.redintelligence.net/request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
46.4.10.49200 OK 509 B URL HTTP/1.1 hal90001.redintelligence.net/request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 57576f01e42a6bcdac9f5cf46d6f57f4
21700cf930f08c36dbe029a51596323923010837
1fef617194b871fbaec6f06c8706f11df058ebbd5210ce3438afd0476ca655bb
GET /request.php?zone=69862vf4ayx1&nw=20&renderingType=javascript&namespace=34e5da40a1&subid=&uid=0bc024d5c88bd656&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC32aZqOcYY4faBIfPygW72IywDcm5opxpnMLNztUP8C4QASCqgMMiYMOEgICYGMgBCakCjAyQJ-avsD6oAwGqBPoBT9BQ-JmgNPMOTSeszKoFWADSEXpSoHTRNLEWmIsc486Uwi9xaszr1f6fdFjqUbpfJAKZqrq01nPS1NyFwgVk7nJ03ZVtd_Z0DBST5nal1ZeMXDfEY-3WNgQ3L-2ag9r4bDHfXoDsQgp0ernKTR8Te3moFRyNIU38b3KIOR4L3Wonk6H0M0XcK9xiaW5kI-cXbXKGqW79THJrx3SjHZ-xKVfWvwGK5UxccSzbxBs7iEuQUPFF_lfkIotV04KGVskoYjuy1HhUUR4JdnwDBozUK9gzdaQ8nGKSyK5UiRqVmn-TU8s3bx1zxiYCNcZjUZlb5g5i-FjwrUzE1sAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBMIiOGAEBABGB0yA6qCAToDgMAD8ggbYWR4LXN1YnN5bi0zNjQxMjAzMTg4NTY4Mjg4gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORohAQ_hvjSZ1hNAu2Ml67GrRDWtrMJo-sptQIX32FUW6UmdTZxaoM%26sig%3DAOD64_15rR5zzu1DlQNcMqljoRDQ9eF6IA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dla2LcQYnzxpoX0WwJSi61xI7zcRNrf4fhIuJ8QK3_aRD6PobD8KRwkPREX7Z2EB6uWQBILcEPQDhpUpqvQuFPLk6MVrhLaUhFfvNI_KKjy_RdFiqdwLIyhSj6INCY8GayXCIEbNFRzX4-fcUQVGsxhYn64A%26cry%3D1%26dbm_d%3DAKAmf-Dc1MOvjANbC5QWvr8fSJEwyUKQ0tXee5P21_bx8Tm-_fj3FMMohoFFXlzO2EG1-ySWR3wrEpHgoeXr0JiblsjUM386CJCFRwGW-aGUn6SjxwOQnWXJoAD1Rj9yMhWbnFoiuS5hpf2Uw0UhcaI-6CphaeCOLeNEE0k_uAgMLmB_ETlXvWWgCXN9z16k9A6GbAWIS_D66uSdWh65rSFYWE_zfbJ0fkw_g_Hm67fDhD6bj3xs6mls4ovY96MPLJXX7DFZCCNXkYXpFSq9WuAJasUlSiMKCq-_NooKYYzZ7G6LasSg8VcY5f-CMdJS0ZwvU-RntobUPusGSqPT3ASSpeZ3bz9VJn5b546JgztilmEhTccx_minLPP3DZWGOXbxBNZvvEufHhxBvbEbMBK3EVdLOnIWBfaJlJKb8lL_LR1M8KFIDIAixXnxieV-6OChlaD0qctU27oL4-FvNyahJiyRrnoV0GvjcdwdjNsiN7lKED7avIejysqFAAytNP5zBL5ErWoEQ2dN4wzHxAEnmbrXeyz33ee9s0i5uIDGQzBo30HnOgPjacCW2_4UyxazEPFzdxeo%26adurl%3D&documentReferer=https%3A%2F%2Fno.answersexpress.com%2F&ancestorOrigins=null&random=3053045146755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=4bd563ae5227629b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Sep 2022 19:49:13 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=4bd563ae5227629b; expires=Tue, 06-Dec-2022 18:49:13 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 78385400125808204438326012075001
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 509
Connection: close
Content-Type: application/x-javascript; charset=utf-8
hal90001.redintelligence.net/request_content.php?s=78385400125808204438326012075001&a=35e1efea
46.4.10.49200 OK 2.3 kB URL HTTP/1.1 hal90001.redintelligence.net/request_content.php?s=78385400125808204438326012075001&a=35e1efea
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 844f34c503c0a2bf75f3b123273db508
255fad0d9d25c4a39d495ebfa3e3c99218a50a09
9ad5678501a6dd2acb67e0d115b1e5d9f245b58b2a4b511a2539babcd83d7304
GET /request_content.php?s=78385400125808204438326012075001&a=35e1efea HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de357eb93e13012c3145380b575c9056.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=4bd563ae5227629b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Sep 2022 19:49:13 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2283
Connection: close
Content-Type: text/html; charset=utf-8
fp.metricswpsh.com/fp?tag_id=1349
23.88.85.6204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1349
IP 23.88.85.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=1349 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://no.answersexpress.com/
Origin: https://no.answersexpress.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 07 Sep 2022 18:49:13 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://no.answersexpress.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hal90001.redintelligence.net/viewability?s=78385400125808204438326012075001&a=18d7df73&vb=m
46.4.10.49200 OK 0 B URL HTTP/1.1 hal90001.redintelligence.net/viewability?s=78385400125808204438326012075001&a=18d7df73&vb=m
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=78385400125808204438326012075001&a=18d7df73&vb=m HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90001.redintelligence.net/request_content.php?s=78385400125808204438326012075001&a=35e1efea
Cookie: 8lcfmzhxc8d6_uid=4bd563ae5227629b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:13 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.contentspread.net/24i/content/soberfb/EN/S-300x600.gif
85.114.131.233200 OK 98 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-300x600.gif
IP 85.114.131.233:0
ASN #24961 myLoc managed IT AG
File type GIF image data, version 89a, 300 x 600\012- data
Hash 1fb479ecee8b6c066d1837d322eb1ac3
27d833cb481349d94904b3f0de66e9ec1ea93ed4
15489bb6f46021bebd0fedd4fef40981361ec05da79884da97f998dfe3c4690a
GET /24i/content/soberfb/EN/S-300x600.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90001.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:49:13 GMT
Content-Type: image/gif
Content-Length: 97758
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Connection: close
ETag: "5b55f22d-17dde"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 76f22c596e1361aa81ff0643a656ffcc
e2b25dc36fdcb469317fa158756274f58c2fbfa0
f1976c4f6d2951e03204a40bbb99425fc069dfb69cd6afbebf9ba9947c333362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 76f22c596e1361aa81ff0643a656ffcc
e2b25dc36fdcb469317fa158756274f58c2fbfa0
f1976c4f6d2951e03204a40bbb99425fc069dfb69cd6afbebf9ba9947c333362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 76f22c596e1361aa81ff0643a656ffcc
e2b25dc36fdcb469317fa158756274f58c2fbfa0
f1976c4f6d2951e03204a40bbb99425fc069dfb69cd6afbebf9ba9947c333362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 76f22c596e1361aa81ff0643a656ffcc
e2b25dc36fdcb469317fa158756274f58c2fbfa0
f1976c4f6d2951e03204a40bbb99425fc069dfb69cd6afbebf9ba9947c333362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs
216.58.211.1200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (14666)
Hash 56b8acb5d398385ddd88c19175668aed
232588b0fa0f3f04c9243e3d7e54719b1f754e88
e0a9e9f9eea0797335716388b2498d4c525433a1038fac133b11b06a53353613
GET /rtv/012208121708000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.answersexpress.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5202
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 05:40:12 GMT
expires: Fri, 01 Sep 2023 05:40:12 GMT
cache-control: public, max-age=31536000
age: 565741
etag: "23fb7130d171a0c1"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d42c96c095af90f1ad69117640010de9
1bd0beaa2e20e2458f06bbe4dbca8fa998340be9
03c9ecca6685f510c4c58eea78a5ec7690be9806cbe7e499fcfe8da82e47053b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
216.58.211.1200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 1998e90b9a0f771ec8638c255b019447
ca1958a09e1140ab0e4203e32a1e6c632b13db98
302cb3b102fc397ee72df0859424e37d3807c73f75cc31a6890d013ab61eaeb2
GET /rtv/012208121708000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61526
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 20:06:52 GMT
expires: Tue, 05 Sep 2023 20:06:52 GMT
cache-control: public, max-age=31536000
age: 168141
etag: "b1753c5424806777"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs
216.58.211.1200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (5046)
Hash 04ef82080285002fc2c0475d59004353
7b8a632212d23b6ffa9504ebbe5f27a2441a6a87
a11d9300062045f16b2e0cb9ed0800817fe7a97325cb60e2e69066bb7b549247
GET /rtv/012208121708000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.answersexpress.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 05:40:12 GMT
expires: Fri, 01 Sep 2023 05:40:12 GMT
cache-control: public, max-age=31536000
age: 565741
etag: "6b6863aa0ddd5cf3"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs
216.58.211.1200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 98cdefa327b0aea53b14d7d1340c4f68
8751a86d9dafa782e1292cce92dc20d2df69e981
171957a39a8f888059ca961643c35d57b96649980784a472bd32d014a4f1fb8d
GET /rtv/012208121708000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.answersexpress.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12954
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 19:51:47 GMT
expires: Wed, 06 Sep 2023 19:51:47 GMT
cache-control: public, max-age=31536000
age: 82646
etag: "008ca125395468a7"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 20:35:24 GMT
expires: Thu, 31 Aug 2023 20:35:24 GMT
cache-control: public, max-age=31536000
age: 598429
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 76f22c596e1361aa81ff0643a656ffcc
e2b25dc36fdcb469317fa158756274f58c2fbfa0
f1976c4f6d2951e03204a40bbb99425fc069dfb69cd6afbebf9ba9947c333362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-sec.indexww.com/um/ixmatch.html
23.38.200.248200 OK 1.4 kB URL HTTP/1.1 js-sec.indexww.com/um/ixmatch.html
IP 23.38.200.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2920), with no line terminators
Hash d41805aed22c3b9731d56a19244e6b8a
7e5da0bdf4db3f38f1590b5020750a93d1a174b5
46aa57bbee28a5fa9e4352e856a1d3a0485613234232d0b3de27adc74d8fac26
GET /um/ixmatch.html HTTP/1.1
Host: js-sec.indexww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 18:49:14 GMT
Content-Length: 1387
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7ddc6e0c8998c6173816250da95b0ee5
9153739906c8c8124460d3361e0403c1f85a313a
6799eb82f783dc511ba82cc08b9e182469e99a7f67f85073fd88c110930f26b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4943
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:49:14 GMT
Last-Modified: Wed, 07 Sep 2022 17:26:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 07 Sep 2022 18:49:14 GMT
Age: 51072
X-Served-By: cache-lga21975-LGA, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 144713
X-Timer: S1662576555.588204,VS0,VE0
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 07 Sep 2022 18:49:14 GMT
Age: 51073
X-Served-By: cache-lga21975-LGA, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 145817
X-Timer: S1662576555.598580,VS0,VE0
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 07 Sep 2022 18:49:14 GMT
Age: 51072
X-Served-By: cache-lga21975-LGA, cache-bma1632-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 145499
X-Timer: S1662576555.600156,VS0,VE0
Vary: Accept-Encoding
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fno.answersexpress.com%2F&domain=no.answersexpress.com&cw=1&lsw=1
178.250.2.146200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fno.answersexpress.com%2F&domain=no.answersexpress.com&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fno.answersexpress.com%2F&domain=no.answersexpress.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://no.answersexpress.com/
Origin: https://no.answersexpress.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://no.answersexpress.com
server-processing-duration-in-ticks: 391321
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
hal90001.redintelligence.net/viewability?s=78385400125808204438326012075001&a=18d7df73&vb=v
46.4.10.49200 OK 0 B URL HTTP/1.1 hal90001.redintelligence.net/viewability?s=78385400125808204438326012075001&a=18d7df73&vb=v
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=78385400125808204438326012075001&a=18d7df73&vb=v HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90001.redintelligence.net/request_content.php?s=78385400125808204438326012075001&a=35e1efea
Cookie: 8lcfmzhxc8d6_uid=4bd563ae5227629b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:49:14 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fno.answersexpress.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
104.18.18.126302 Found 342 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fno.answersexpress.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
IP 104.18.18.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c3ae51c8a554781f4b7cf5a1c0e21f89
229fb8551369030e981b8605c9c903fa575c2fe2
f047b8f52216503f1df3d0aa3e702ad4daa57fc5a8146774807c2e95369b901f
GET /usermatch?d=https%3A%2F%2Fno.answersexpress.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:49:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fno.answersexpress.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
cf-ray: 74719f8a4e83b4f7-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YxjnqgSpfx-ipw8GvJcYmAAA;domain=casalemedia.com;path=/;expires=Thu, 07 Sep 2023 18:49:14 GMT
CMPS=4468;domain=casalemedia.com;path=/;expires=Tue, 06 Dec 2022 18:49:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmWVqo3rC2jqTe6fwbPiuNBRNySvUelzPLfdPYwv5thD4T9oi52xYq%2BsRHxEGEoRYDAvb466IQGvuS5SqafF1cY22tj%2F%2F1Xj2OlXW8VVP3aADxmpOK3HVYW7qmthD2WiwGUoFT6ZEhD%2FFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.180307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: d64e63ae-3dca-4f52-bc7a-3d05ea61f939
Set-Cookie: uuid2=3199045207520006566; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:49:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.180200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c106c21d-3940-4c94-bdc7-717082d17646
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.180200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9069774e-bee5-4cd1-b385-fd12b6b95ebd
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.180200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 63a2ef10-2ef6-4cfa-9d24-7f560b76328d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.indexww.com/ht/htw-pixel.gif?0
104.18.13.76200 OK 43 B URL HTTP/2 cdn.indexww.com/ht/htw-pixel.gif?0
IP 104.18.13.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /ht/htw-pixel.gif?0 HTTP/1.1
Host: cdn.indexww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:14 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
etag: "761e21-2b-546dc3a097100"
cache-control: public, max-age=14400
expires: Wed, 07 Sep 2022 22:49:14 GMT
edge-control: cache-maxage=1h
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cf-cache-status: HIT
age: 35
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74719f8bd985b52d-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.180307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: b3baa746-c92e-4b4e-aa0d-c722bc62154a
Set-Cookie: uuid2=1882254818459279197; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:49:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.180200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 8f88daed-dfe3-479b-b0d3-6093bbec04bf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.180307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 2902dabc-ae4c-4749-87f9-6f9ec469e43d
Set-Cookie: uuid2=3827801402275937160; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:49:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.180307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 991b63ac-4887-417c-9002-b24201d5a123
Set-Cookie: uuid2=8221488029549238621; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:49:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.180200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 047a228c-1623-4908-89f3-8b45b695102d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.180200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5db03c86-40d9-4046-a261-c710c0b5278b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 8023303
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74719f6bd9380af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
havanese.top/code/gm2wkzjzga5ha3ddf42a
185.177.92.29200 OK 0 B URL HTTP/2 havanese.top/code/gm2wkzjzga5ha3ddf42a
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
GET /code/gm2wkzjzga5ha3ddf42a HTTP/1.1
Host: havanese.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:49:09 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=e6cb2a75-e7d8-4de0-b8c6-9af97fae22ff; expires=Fri, 07-Oct-2022 18:49:09 GMT; Max-Age=2592000; path=/; SameSite=None; domain=havanese.top; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.5.142200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.5.142:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://no.answersexpress.com/
Origin: https://no.answersexpress.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://no.answersexpress.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fno.answersexpress.com%2F&domain=no.answersexpress.com&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fno.answersexpress.com%2F&domain=no.answersexpress.com&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fno.answersexpress.com%2F&domain=no.answersexpress.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://no.answersexpress.com
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://no.answersexpress.com
server-processing-duration-in-ticks: 1010071
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
no.answersexpress.com/specular-spectacular-88781
172.67.130.177200 OK 0 B URL HTTP/2 no.answersexpress.com/specular-spectacular-88781
IP 172.67.130.177:0
GET /specular-spectacular-88781 HTTP/1.1
Host: no.answersexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:09 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=86400
expires: Thu, 08 Sep 2022 18:49:09 GMT
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgsFztMEaZafzqhZ77%2Bu5%2BFNxwxxZqsrG1HjAIeYKljJDrqvwv6gLKYiEsJEwW3XhvF2T%2BewZPPIeDmveASopYSCa6oQX%2FUIPUHWeqoW2K96JYXfB21Hs04XluOyL%2BM7FIdiAWbCqtk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74719f6a3e12b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:10 GMT
content-type: application/javascript
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
cf-cache-status: HIT
age: 2612956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlFUPAC6mrRkrYp75appAKmYk1UC2DV7aJ2kmD06nQVydgd7qhejSkOiJkgOz31vJzqifkTkxxcywfw90g7Tvi9MmDzdrVo1JGDM7qPI7rNdXcXaIN1e0w411jl8DKb9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74719f728f180b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.10:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.answersexpress.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 18:49:13 GMT
date: Wed, 07 Sep 2022 18:49:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cst.cstwpush.com/static/adManager.js
45.133.44.24200 OK 0 B URL HTTP/2 cst.cstwpush.com/static/adManager.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: cst.cstwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.answersexpress.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Wed, 07 Sep 2022 18:54:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.5.142200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.5.142:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://no.answersexpress.com/
Origin: https://no.answersexpress.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://no.answersexpress.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
js.wpushsdk.com/npc/sdk/wpu/csub.m.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/csub.m.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/wpu/csub.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:49:12 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 29 Aug 2022 10:45:16 GMT
etag: W/"630c98bc-d180"
content-encoding: gzip
expires: Wed, 07 Sep 2022 18:54:12 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7166264271882651
151.101.1.195200 OK 0 B URL HTTP/2 cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7166264271882651
IP 151.101.1.195:0
GET /consent/cookies_gdpr.js?0.7166264271882651 HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "6d9479856d34b784a695cf827606b5512cda2503d6ed62ebe429f4ef02dd9fef-br"
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:49:09 GMT
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662576550.846770,VS0,VE52
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
X-Firefox-Spdy: h2
faq.worldtourismgroup.com/s2r/pngpx
199.36.158.100200 OK 0 B URL HTTP/2 faq.worldtourismgroup.com/s2r/pngpx
IP 199.36.158.100:0
GET /s2r/pngpx HTTP/1.1
Host: faq.worldtourismgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.answersexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"56-VFeU3ViosBngCELYjq+NEz85C5s"
function-execution-id: dxrii7cws9wp
server: Google Frontend
strict-transport-security: max-age=31556926
x-cloud-trace-context: 38414e7dcfb0bdb88616cdd105cd1a49
x-country-code: NO
x-orig-accept-language: en-US,en;q=0.5
x-robots-tag: noindex
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:49:10 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662576550.096921,VS0,VE388
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.5.142200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.5.142:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://no.answersexpress.com/
Origin: https://no.answersexpress.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:49:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://no.answersexpress.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2