zoosiana.com/packages
216.152.143.240301 Moved Permanently 178 B IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert quad9 Sinkholed
GET /packages HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 30 Oct 2022 16:51:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://zoosiana.com/packages
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 08e6c2a84b9de97bdd5a18a3a63ae614
7efc3c3550bf303438e0ec910f78714588f3c72b
a3bfd5d99c99a5956cf91510743a0911b300938ae2095bfbadbc7f9485b4e3b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3BFD5D99C99A5956CF91510743A0911B300938AE2095BFBADBC7F9485B4E3B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12119
Expires: Sun, 30 Oct 2022 20:13:00 GMT
Date: Sun, 30 Oct 2022 16:51:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3583
Cache-Control: max-age=149987
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 10:30:48 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3583
Cache-Control: max-age=149987
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 10:30:48 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de47d7f9f8d5035d5490f0386442d813
fe86a705a7540c619fddd835ba720bccd2f17cfc
1b3bb62c83f8117b31f021c532a77dfea594a33ea40b5ed62dc67a29f6d15115
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B3BB62C83F8117B31F021C532A77DFEA594A33EA40B5ED62DC67A29F6D15115"
Last-Modified: Sun, 30 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 30 Oct 2022 21:12:31 GMT
Date: Sun, 30 Oct 2022 16:51:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hDq9Y5opp0M+cH/5VpdOac9WhCqxFg9/elB4W7bdRsXY5cO2xb21PHwgHYvLlT+6hWnuxngDzy0=
x-amz-request-id: FQM4JVV3MSHPK9P5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 30 Oct 2022 16:44:34 GMT
age: 387
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 16:51:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7244c6e2ba079e179a73530fc88a2f7b
482d7250ddab48111d98439e104b099d3f0da06e
1f6b03b6f9f74a72f67b20abd495ac87964ecc7127ae9592d240f405b350cb3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F6B03B6F9F74A72F67B20ABD495AC87964ECC7127AE9592D240F405B350CB3B"
Last-Modified: Sat, 29 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Sun, 30 Oct 2022 22:50:53 GMT
Date: Sun, 30 Oct 2022 16:51:01 GMT
Connection: keep-alive
zoosiana.com/packages
216.152.143.240200 OK 6.6 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1639), with CRLF, LF line terminators
Hash f031f739532bace1c4e6c9e1eadc35d8
7cb33f15653a095f86ac4515eaff1eb36d98cbb6
6949f0860219acd986cff6a76ce8d573fa016df3d082701d98651c42e5867b83
Analyzer Verdict Alert quad9 Sinkholed
GET /packages HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6569
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 160915529
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9764c875002c224f81bd966db2995460
dd384811c207f54188bd097e286b2880bfcbc28b
13d0f25b1d045a816fe13b56d04af6ae00a5e2862412c781e53e069c2d33a3a1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5576
Cache-Control: max-age=146922
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Etag: "635e3097-1d7"
Expires: Tue, 01 Nov 2022 09:39:43 GMT
Last-Modified: Sun, 30 Oct 2022 08:06:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 918d38ced5fd1c6ad5d9c1953abe35c3
1a1d7cae9b5706e4456614e6a337fb60c4faa185
d89294f49bd80e45e34dde62820cc13ab87e30eac9ca82c971ef868886ce6d5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32e837c0fbe63274d45283b4a023dd6c
6f6548aab66b39153530fea54d95b20b85b24ef8
6cf1a45a66254ab7a94cf29a4ac72878c84303b214a3bf49eb637d6babbaf554
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
142.250.74.74200 OK 7.3 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP 142.250.74.74:0
File type ASCII text, with very long lines (28290)
Hash 29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012
GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Oct 2022 03:12:51 GMT
expires: Sat, 28 Oct 2023 03:12:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 221890
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 918d38ced5fd1c6ad5d9c1953abe35c3
1a1d7cae9b5706e4456614e6a337fb60c4faa185
d89294f49bd80e45e34dde62820cc13ab87e30eac9ca82c971ef868886ce6d5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 918d38ced5fd1c6ad5d9c1953abe35c3
1a1d7cae9b5706e4456614e6a337fb60c4faa185
d89294f49bd80e45e34dde62820cc13ab87e30eac9ca82c971ef868886ce6d5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
216.152.143.240200 OK 56 kB URL HTTP/1.1 zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP 216.152.143.240:0
File type ASCII text, with very long lines (728)
Hash 5171c5f1bc6200e863123e54d0f94e80
b1b447bd47af5d47b844208fdbaea95aea24d544
3f992f3ddccc17905fa5e67ff7c46d6f7b9fc67aa8025d9b77bfa83838ae8abb
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:01 GMT
Content-Type: text/css
Content-Length: 56436
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 01:16:31 GMT
ETag: "86959-5ea53718cb9f8-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 377471709 376282801
Age: 12629
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jFKorIEjM5Hxmd837V4jHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dGXadOqZg1Qd+9t4y26VgnN+XVA=
zoosiana.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
216.152.143.240200 OK 465 B URL HTTP/1.1 zoosiana.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "48c-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 626357845 625627470
Age: 6547
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/cms_websites/cms_theme_custom_css.php?ver=248_11
216.152.143.240200 OK 8.7 kB URL HTTP/1.1 zoosiana.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (483)
Hash 538f4d8e87764206da2b0843d863bba2
84b89efaaafc904beec4d3bdbb794c103c192c61
c0be350f8acfeb88f4b0d55e1b024ad1517a005374e58850c997f15d0a5c7dc9
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8686
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 377471742
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
216.152.143.240200 OK 27 kB URL HTTP/1.1 zoosiana.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (31992)
Hash 43e4680f6eac3296c5890df07ef0e681
364f900918d939eeb9248371dc47bf36a947c008
70bd2fb470b84cb10b17c9064b41847322d8e1cf92265efd7579bc955cf1e12e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/javascript
Content-Length: 27146
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 21:11:52 GMT
ETag: "1b79d-5ea642475d491-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 377597822 375549309
Age: 6966
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/wp-includes/js/underscore.min.js?ver=1.8.3
216.152.143.240200 OK 5.8 kB URL HTTP/1.1 zoosiana.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 216.152.143.240:0
File type ASCII text, with very long lines (16194)
Hash 0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:20 GMT
ETag: "401a-59379a1f1413b-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 625795879 625627483
Age: 6547
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/cms_websites/cms_custom_css.php?ver=248_11
216.152.143.240200 OK 5.1 kB URL HTTP/1.1 zoosiana.com/cms_websites/cms_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (2070)
Hash fe05f005b333b952a64fb634451acd52
8461b98609801374c85deecfebc0e90b3960ffd5
05dd05ba21df9d041fc04ed6c051ab8b74f47b1d3fe642c2dbee594f22bd8f92
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 5125
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 377471745
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
216.152.143.240200 OK 517 B URL HTTP/1.1 zoosiana.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1015), with no line terminators
Hash 09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "3f7-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 626452207 624612306
Age: 6547
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/cms_websites/js/external/scripts.js
216.152.143.240200 OK 121 kB URL HTTP/1.1 zoosiana.com/cms_websites/js/external/scripts.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (32077)
Size 121 kB (120679 bytes)
Hash 2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:51 GMT
ETag: "634a9-5c189ea71917e-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 626452202
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d332252032a6e9f5a3f8c623289adcee
78c82defc80cb9ef15e07784157159ffc49d520f
76f287be6a441ce49bfca8b29dcc7470899d831547595ac88d44a469676ca3d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5580dc56f5c8e3012864d54092c07b3a
fb9997cf8b29e970213ed34a4d637bb8525a6eb0
cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d332252032a6e9f5a3f8c623289adcee
78c82defc80cb9ef15e07784157159ffc49d520f
76f287be6a441ce49bfca8b29dcc7470899d831547595ac88d44a469676ca3d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/goudybookletter1911/v15/sykt-z54laciWfKv-kX8krex0jDiD2HbY6IJshzW.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/goudybookletter1911/v15/sykt-z54laciWfKv-kX8krex0jDiD2HbY6IJshzW.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26504, version 1.0\012- data
Hash 0062f897abcb89a703345381d5d0ebe5
77a21ab52a00c11dda95404f833978aa8df76411
0a237756fe19d9c10508a21ff668e885589f2434d6df2bdef61fadf4c04165af
GET /s/goudybookletter1911/v15/sykt-z54laciWfKv-kX8krex0jDiD2HbY6IJshzW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoosiana.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Oct 2022 05:50:47 GMT
expires: Sat, 28 Oct 2023 05:50:47 GMT
cache-control: public, max-age=31536000
age: 212415
last-modified: Thu, 21 Apr 2022 16:41:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16324, version 1.0\012- data
Hash f43fa5b4f6366eae0039e4e49db645de
d7fec074ba8b6e69bec4a995ea722d3d1513ad43
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoosiana.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 22:19:57 GMT
expires: Wed, 25 Oct 2023 22:19:57 GMT
cache-control: public, max-age=31536000
age: 412265
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zoosiana.com/files/2019/10/white-logo
216.152.143.240200 OK 61 kB URL HTTP/1.1 zoosiana.com/files/2019/10/white-logo
IP 216.152.143.240:0
File type PNG image data, 1060 x 352, 8-bit/color RGBA, non-interlaced\012- data
Hash 20f28164230fadc6222bc4dbb6fa318f
6bff6e2bea2fcf191f2b537fb420e7b84a66f8f4
1614ab4464acb085ae2c6bc8520794171a1b09e3ad8e1798796937d03689bcaf
Analyzer Verdict Alert quad9 Sinkholed
GET /files/2019/10/white-logo HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: image/png
Content-Length: 61081
Connection: keep-alive
Last-Modified: Wed, 30 Oct 2019 14:03:30 GMT
ETag: "3573e8965d8f35d143df32021ce7907c"
Expires: Tue, 30 Dec 2025 07:03:27 GMT
Vary: Accept-Encoding
X-Varnish: 188154508 180672199
Age: 70454
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
fonts.gstatic.com/s/fingerpaint/v15/0QInMXVJ-o-oRn_7dron8YW-9JzT.woff2
216.58.207.195200 OK 53 kB URL HTTP/2 fonts.gstatic.com/s/fingerpaint/v15/0QInMXVJ-o-oRn_7dron8YW-9JzT.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 53412, version 1.0\012- data
Hash e53b72d9cc110bf93830db73c7d0bce9
0cfdb158e48e7afcf581c4cb51d3c2d580154a10
fe858ea5c066c72ea8efd0bd7d30588ead2a2772b7325a1fe549167ed28f0b9c
GET /s/fingerpaint/v15/0QInMXVJ-o-oRn_7dron8YW-9JzT.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoosiana.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 53412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 00:14:08 GMT
expires: Wed, 25 Oct 2023 00:14:08 GMT
cache-control: public, max-age=31536000
age: 491814
last-modified: Thu, 21 Apr 2022 16:26:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zoosiana.com/files/2019/10/background_1.jpg
216.152.143.240200 OK 67 kB URL HTTP/1.1 zoosiana.com/files/2019/10/background_1.jpg
IP 216.152.143.240:0
File type gzip compressed data, max compression\012- data
Hash 0d6aaa22e3e7f98e45b869a82aef9d25
cff493bc20f72c4b97ad4ebe84e8c6466b26f767
10601b66303168f0be9c5f6dbd87c2a3ca248f83f7bb2b18dccbd0ce00d313ae
Analyzer Verdict Alert quad9 Sinkholed
GET /files/2019/10/background_1.jpg HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: image/jpeg
Content-Length: 66120
Connection: keep-alive
Last-Modified: Wed, 23 Oct 2019 17:28:27 GMT
ETag: "f7f937bea3a2f8731c6236b9f1f00653"
Expires: Tue, 30 Dec 2025 23:07:12 GMT
Vary: Accept-Encoding
X-Varnish: 377471786 376282816
Age: 12630
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d332252032a6e9f5a3f8c623289adcee
78c82defc80cb9ef15e07784157159ffc49d520f
76f287be6a441ce49bfca8b29dcc7470899d831547595ac88d44a469676ca3d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zoosiana.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
216.152.143.240200 OK 433 kB URL HTTP/1.1 zoosiana.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (65350)
Size 433 kB (432702 bytes)
Hash aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:25 GMT
ETag: "11e248-5a7d7dcacc8e5-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 188154488 186559875
Age: 11466
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
216.152.143.240200 OK 16 kB URL HTTP/1.1 zoosiana.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP 216.152.143.240:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Hash d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:45 GMT
ETag: "3ef0-5e8acea36f0e7"
Vary: Accept-Encoding
X-Varnish: 626357872 624772068
Age: 13778
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
216.152.143.240302 Found 0 B URL HTTP/1.1 zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://zoosiana.com
Vary: Accept-Encoding
X-Varnish: 626357888 625809827
Age: 6520
Via: 1.1 varnish (Varnish/5.2)
zoosiana.com/files/2020/04/call-answer-200.png
216.152.143.240200 OK 2.1 kB URL HTTP/1.1 zoosiana.com/files/2020/04/call-answer-200.png
IP 216.152.143.240:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash a7e55af49bb5758acddeb2b7b1e01dc4
87e777c1bb3b0070b53e10ca7f33e9eab6818930
6fc613da18e3aa5ef9d498bed7a023d61c405f7e1be128d2f5aaeb142b5cbc02
Analyzer Verdict Alert quad9 Sinkholed
GET /files/2020/04/call-answer-200.png HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: image/png
Content-Length: 2052
Connection: keep-alive
Last-Modified: Fri, 03 Apr 2020 20:43:48 GMT
ETag: "2070a9a89ace664bb0066142652824f8"
Expires: Tue, 30 Dec 2025 23:07:12 GMT
Vary: Accept-Encoding
X-Varnish: 187808193 186427718
Age: 12630
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
zoosiana.com/wp-content/themes/beacon-theme_charlotte/css/bkgs/subtle-white-feathers.png
216.152.143.240200 OK 177 kB URL HTTP/1.1 zoosiana.com/wp-content/themes/beacon-theme_charlotte/css/bkgs/subtle-white-feathers.png
IP 216.152.143.240:0
File type PNG image data, 500 x 333, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (177395 bytes)
Hash fd3eccdf106f7b9d978daa537da5b533
2f1b04215cc90204b627f98d1a4a9ad8f318c326
db61eb71bfb40806503cabc5447af2d6f61f72e3304be78f9695addc953a975a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/beacon-theme_charlotte/css/bkgs/subtle-white-feathers.png HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: image/png
Content-Length: 177395
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:16:47 GMT
ETag: "2b4f3-59378c5c7ad24"
Vary: Accept-Encoding
X-Varnish: 377471788 377372859
Age: 2770
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6009
Expires: Sun, 30 Oct 2022 18:31:12 GMT
Date: Sun, 30 Oct 2022 16:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6009
Expires: Sun, 30 Oct 2022 18:31:12 GMT
Date: Sun, 30 Oct 2022 16:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6009
Expires: Sun, 30 Oct 2022 18:31:12 GMT
Date: Sun, 30 Oct 2022 16:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6009
Expires: Sun, 30 Oct 2022 18:31:12 GMT
Date: Sun, 30 Oct 2022 16:51:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04fada3-6f86-41fd-be82-9370d0b3a44c.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04fada3-6f86-41fd-be82-9370d0b3a44c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 813760fc1cdeaffc44e203eb4bea2a41
1fb8b4bf212166d392da3ddd2d48f1465000cfc2
86848c8ab08561d84f883c592a68f1468f606dd29a208138977dd5da6e642934
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04fada3-6f86-41fd-be82-9370d0b3a44c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8054
x-amzn-requestid: cfcf6ce9-6c48-4187-8882-a2ba3171f69a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV3tFW0oAMF8WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cfd-5be118db6a7ad23a47f6e604;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:02 GMT
x-amz-cf-pop: SFO20-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NUHfhWGtR45mfjW9JwzHcVnLLss8o-5XTwImhQJfrSPpkzdlO1e3Nw==
via: 1.1 c1caaceb6655a57ae014aef7bc8ec388.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:48:02 GMT
age: 68581
etag: "1fb8b4bf212166d392da3ddd2d48f1465000cfc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F173899d5-a6c1-4568-b9bb-656991aa35ac.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F173899d5-a6c1-4568-b9bb-656991aa35ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca2c80d1659f0cef2fd6913f1c48db2a
7a37d18cb01b4fa0e169a23988c76065c05fcb48
43dda0a73db1e4ce7546b88c47d0dd4ec5457fc1da3cfbe3ba6dab5501c9da3d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F173899d5-a6c1-4568-b9bb-656991aa35ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9296
x-amzn-requestid: 721b37d6-f1f3-4932-ad64-fbd5936ce6fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayVxOFm6oAMFfzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cd4-0c8925962ef5fb343b20c0ea;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kBBM7PmScnSDm5AThGwzDO9cO3F54EGPpcDSxWJOOB3y84PAchyUPg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 22:07:54 GMT
age: 67389
etag: "7a37d18cb01b4fa0e169a23988c76065c05fcb48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1110221ffc54766308cbf62f94cd9f
926f36919d5875592200b78d286edcb4c3ba884c
8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: bba12ac1-b0d8-46f7-b218-9e2b85c0c650
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYZ7GU5oAMF_hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa10c-3e2bab543800bfa84c231cf1;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MG0t11rp-RYiUJRFIrNvDOxuZqjVWGy7Pu4t4ERfH9eKA0v7Z6zknA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 23:23:50 GMT
age: 62833
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zoosiana.com/files/2019/10/Zoosiana_Full_Color_1.png
216.152.143.240200 OK 11 kB URL HTTP/1.1 zoosiana.com/files/2019/10/Zoosiana_Full_Color_1.png
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6138c205ed582180977c00ae3231e5dd
76e15ea81dc440923032e72c3a8601124d895712
f5e7c84c06192e19ff0d5743031a770f79e89a7b41903ef37dab1bafb3978ac6
Analyzer Verdict Alert quad9 Sinkholed
GET /files/2019/10/Zoosiana_Full_Color_1.png HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:02 GMT
Content-Type: image/png
Content-Length: 112168
Connection: keep-alive
Last-Modified: Tue, 15 Oct 2019 18:28:23 GMT
ETag: "d30e45cb63667c6539d9d56885d06c3d"
Expires: Tue, 30 Dec 2025 22:48:03 GMT
Vary: Accept-Encoding
X-Varnish: 160879183 158683246
Age: 13778
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5afc9738-560a-4197-a196-5e4a5e404f87.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5afc9738-560a-4197-a196-5e4a5e404f87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da74651ffffea74758f4e575b1a0ad85
384167f6b1d68e16495ad2d5ed33c1b42016050b
00c66dd699a27ef6b384b6359c2258b4d313edd547d81684d88686720a864a11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5afc9738-560a-4197-a196-5e4a5e404f87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3608
x-amzn-requestid: 5513ca0e-f6f4-4d62-80ad-a446cc3287c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayWlXHXDIAMFRmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9e22-7c2190735030c7e863ac2a84;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: k92HikH_RrS_OFHkAjYrSEbT2JezX4rhP3yJPChxL5XeKb3ncZusJw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 22:14:48 GMT
age: 66975
etag: "384167f6b1d68e16495ad2d5ed33c1b42016050b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35161f25-76fc-4488-8158-91f54bebc480.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35161f25-76fc-4488-8158-91f54bebc480.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c09cea8034a4c555227e8d4538c61a1
c796c0c760e916e8f227ecf9d6100aaa1dfb08a9
f5c7130a9319f0393b563f4df00cafbe979de2a277e30b3c4029c68e1f1b3ef8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35161f25-76fc-4488-8158-91f54bebc480.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13896
x-amzn-requestid: 5f5ee765-aaf1-420e-b3c7-b44ef0a1ecfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayWR2EFVoAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9da5-4c1fa6b86b7965b22204d184;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fqHFMqUy2wBaVEOWbUKXy7fi6MRsVRs7-8iCI8oJIvanXtJoJqig9Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:48:11 GMT
age: 68572
etag: "c796c0c760e916e8f227ecf9d6100aaa1dfb08a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zoosiana.com/
216.152.143.240200 OK 8.0 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1639), with CRLF, LF line terminators
Hash 0eaed9ba568e4d91b745869921361bc5
268c9dbf6a9115ba94de1c3f316bbdf5891b3fe7
13bdbc7a715b4d2e504037706f64374a91471771e1b71e4302e72b1929bbd21b
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7972
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 161254710
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7f82bd4d59e524ef0773811a0c7414a3
bb1aa4c3dfebc047a5b5648ae6a3c84c977a4840
9022a411f7f5da582b358b51faa5aca04f1e7012f835d271a821af9c1a73d233
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db741a912686c81c48a7fe7c8eb0e458
77d7f264d2ad7b48b4254137857ebc733970af76
09a0bcde2ba15f155c07bfcdb8bbcf90d514c211eb1ada1f78006b19b2826f61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5599
Cache-Control: max-age=166005
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Etag: "635e7b0d-1d7"
Expires: Tue, 01 Nov 2022 14:57:48 GMT
Last-Modified: Sun, 30 Oct 2022 13:24:29 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 30 Oct 2022 16:17:12 GMT
expires: Sun, 30 Oct 2022 18:17:12 GMT
cache-control: public, max-age=7200
age: 2031
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Mt3W98QcblpXmjBoYVgO7DzJsIWLdIiqRre9wFvI9TkZjxurxULK6rpTU8QnQNpZKorPdaSopyYsbtWWd03EMw==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1679558926
date: Sun, 30 Oct 2022 16:51:03 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=965219651&utmhn=zoosiana.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Packages%20%7C%20Zoosiana&utmhid=1243211776&utmr=-&utmp=%2Fpackages&utmht=1667148659705&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D121777408.418246583.1667148660.1667148660.1667148660.1%3B%2B__utmz%3D121777408.1667148660.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=965219651&utmhn=zoosiana.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Packages%20%7C%20Zoosiana&utmhid=1243211776&utmr=-&utmp=%2Fpackages&utmht=1667148659705&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D121777408.418246583.1667148660.1667148660.1667148660.1%3B%2B__utmz%3D121777408.1667148660.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=965219651&utmhn=zoosiana.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Packages%20%7C%20Zoosiana&utmhid=1243211776&utmr=-&utmp=%2Fpackages&utmht=1667148659705&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D121777408.418246583.1667148660.1667148660.1667148660.1%3B%2B__utmz%3D121777408.1667148660.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Sun, 30 Oct 2022 02:12:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 52733
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7f82bd4d59e524ef0773811a0c7414a3
bb1aa4c3dfebc047a5b5648ae6a3c84c977a4840
9022a411f7f5da582b358b51faa5aca04f1e7012f835d271a821af9c1a73d233
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=677130665&utmhn=zoosiana.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Packages%20%7C%20Zoosiana&utmhid=1243211776&utmr=-&utmp=%2Fpackages&utmht=1667148659703&utmac=UA-88638279-120&utmdid=i9k95&utmcc=__utma%3D121777408.418246583.1667148660.1667148660.1667148660.1%3B%2B__utmz%3D121777408.1667148660.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1921175541&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=677130665&utmhn=zoosiana.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Packages%20%7C%20Zoosiana&utmhid=1243211776&utmr=-&utmp=%2Fpackages&utmht=1667148659703&utmac=UA-88638279-120&utmdid=i9k95&utmcc=__utma%3D121777408.418246583.1667148660.1667148660.1667148660.1%3B%2B__utmz%3D121777408.1667148660.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1921175541&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=677130665&utmhn=zoosiana.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Packages%20%7C%20Zoosiana&utmhid=1243211776&utmr=-&utmp=%2Fpackages&utmht=1667148659703&utmac=UA-88638279-120&utmdid=i9k95&utmcc=__utma%3D121777408.418246583.1667148660.1667148660.1667148660.1%3B%2B__utmz%3D121777408.1667148660.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1921175541&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 30 Oct 2022 16:51:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tag.simpli.fi/sifitag/962b0be0-8328-0138-2de8-06abc14c0bc6
169.50.137.176200 OK 3.1 kB URL HTTP/2 tag.simpli.fi/sifitag/962b0be0-8328-0138-2de8-06abc14c0bc6
IP 169.50.137.176:0
File type ASCII text, with very long lines (3100)
Hash c7f6d275ad205f35fa512e5cb86fb285
31af6ce5246a29a7aa416b5c0f04e6792579436e
e81961ebcd90168cfdfaf121d7454245dbee61305017d38db70cf0730cd865b1
GET /sifitag/962b0be0-8328-0138-2de8-06abc14c0bc6 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=992FABD5E7EE4756AE498553DD6D98C2; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=992FABD5E7EE4756AE498553DD6D98C2; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
x-request-id: FyLm4FE7Bh1MsAQvVyEB
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db741a912686c81c48a7fe7c8eb0e458
77d7f264d2ad7b48b4254137857ebc733970af76
09a0bcde2ba15f155c07bfcdb8bbcf90d514c211eb1ada1f78006b19b2826f61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5599
Cache-Control: max-age=166005
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Etag: "635e7b0d-1d7"
Expires: Tue, 01 Nov 2022 14:57:48 GMT
Last-Modified: Sun, 30 Oct 2022 13:24:29 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
zoosiana.com/files/2020/05/alligator_icon-removebg-preview.png?w=196&h=196&zc=0
216.152.143.240200 OK 25 kB URL HTTP/1.1 zoosiana.com/files/2020/05/alligator_icon-removebg-preview.png?w=196&h=196&zc=0
IP 216.152.143.240:0
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 68c20004849221cf4a70331132142c3d
a4debf8745f3d45c888f39a292e29fe2e7371cf7
2edefbee5456f4535bfe334f3c1e5593e1d2ee9a0b6b9f7886d1fac68c539394
Analyzer Verdict Alert quad9 Sinkholed
GET /files/2020/05/alligator_icon-removebg-preview.png?w=196&h=196&zc=0 HTTP/1.1
Host: zoosiana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/packages
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:03 GMT
Content-Type: image/png
Content-Length: 25044
Connection: keep-alive
Last-Modified: Sun, 30 Oct 2022 16:51:03 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 09 Nov 2022 16:51:03 GMT
Vary: Accept-Encoding
X-Varnish: 161254719
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
www.facebook.com/tr/?id=785581615642200&ev=PageView&dl=https%3A%2F%2Fzoosiana.com%2Fpackages&rl=&if=false&ts=1667148660001&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22521393665598281%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22819296478977680%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%223009237169362310%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22273040017549175%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1667148660000.489359986&it=1667148659743&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=785581615642200&ev=PageView&dl=https%3A%2F%2Fzoosiana.com%2Fpackages&rl=&if=false&ts=1667148660001&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22521393665598281%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22819296478977680%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%223009237169362310%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22273040017549175%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1667148660000.489359986&it=1667148659743&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=785581615642200&ev=PageView&dl=https%3A%2F%2Fzoosiana.com%2Fpackages&rl=&if=false&ts=1667148660001&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22521393665598281%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22819296478977680%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%223009237169362310%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22273040017549175%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1667148660000.489359986&it=1667148659743&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 30 Oct 2022 16:51:03 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 53daec112e07eef14f0d6850d6ac540a
5cbc17bb752472ceefd257e04d6f8083561ade6c
8f6b994ab46f1e63acd02cb21c5ca64d2248b192f969464d50ecd3434c54c039
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a9b5f9d84b60489b29b38796e7570357
9f338a0d69a074335953863d1ff1906d79b14bc1
bec9751b200792384bdd1841b0fe06f84c9fcade36c960d8cc9ad807c41feffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.simpli.fi/p?cid=186552&cb=sifi_att_2796487590502._hp
169.50.137.179200 OK 900 B URL HTTP/2 i.simpli.fi/p?cid=186552&cb=sifi_att_2796487590502._hp
IP 169.50.137.179:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (764), with CRLF line terminators
Hash 2c6a32fba5d726e13555b3022296a909
0d88b8a54a0855f573118c83b2e4a61867e6eb91
5bfc0c9f49aab71330c2f2150e4a2d98cd968f9e6cae1630b32d5fa023e4e43f
GET /p?cid=186552&cb=sifi_att_2796487590502._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=04C883B4EC6E438BB1189C7F0E9978BC; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=04C883B4EC6E438BB1189C7F0E9978BC; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
uid_syncd=true; path=/; expires=Sun, 06 Nov 2022 17:51:03 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Sun, 06 Nov 2022 17:51:03 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
um.simpli.fi/freewheel
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=1B8C07BB244449999241B2382DAB40E3; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=1B8C07BB244449999241B2382DAB40E3; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;
set-cookie: suid=D24EE44F91BA422C9978C13EE30B7150; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=D24EE44F91BA422C9978C13EE30B7150; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=A40E1B902BB04BA19828D1A493F55BC1&j=0
set-cookie: suid=A40E1B902BB04BA19828D1A493F55BC1; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=A40E1B902BB04BA19828D1A493F55BC1; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=99ABBE7F15074539BBD7B7AA4C091A38; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=99ABBE7F15074539BBD7B7AA4C091A38; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=AA2B7FB6457A41C286DDD4C22100017F
set-cookie: suid=AA2B7FB6457A41C286DDD4C22100017F; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=AA2B7FB6457A41C286DDD4C22100017F; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=536048F18E2C4CE1A0AC0A14D93021B8
set-cookie: suid=536048F18E2C4CE1A0AC0A14D93021B8; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=536048F18E2C4CE1A0AC0A14D93021B8; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25
set-cookie: suid=C81F325E3AD642FFAD5296AB0CA81F25; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=C81F325E3AD642FFAD5296AB0CA81F25; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=E3A4073E6E1C4EA9961171F079629322
set-cookie: suid=E3A4073E6E1C4EA9961171F079629322; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=E3A4073E6E1C4EA9961171F079629322; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1026675585/?random=1667148663693&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
142.250.74.130302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1026675585/?random=1667148663693&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1026675585/?random=1667148663693&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:51:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=d6teY9XANcbI6wSlxbmABg&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
142.250.74.130302 Found 296 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0103dd025950e32d5eb84f8e72ddb997
9ddb94b670f62f21ddee3157f2ad97d122bf8248
ad325fee7bf9ae842aa1ea62cadbd134bf6590eaa84413165b1b7c6f4e5afd0d
GET /pixel?google_nid=simplifi&google_cm&google_sc HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
date: Sun, 30 Oct 2022 16:51:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 296
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-Oct-2022 17:06:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
um.simpli.fi/liveramp_match
34.91.62.186302 Found 142 B URL HTTP/2 um.simpli.fi/liveramp_match
IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=DCDA86A358F04FE393ACE76A70D4726D
set-cookie: suid=DCDA86A358F04FE393ACE76A70D4726D; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=DCDA86A358F04FE393ACE76A70D4726D; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F
set-cookie: suid=9FED89FD978348D5B6020BCF5A1C959F; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=9FED89FD978348D5B6020BCF5A1C959F; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/an
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=CE0AB1CE8F4E42F1BBF33488EAB2CFCA
set-cookie: suid=CE0AB1CE8F4E42F1BBF33488EAB2CFCA; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=CE0AB1CE8F4E42F1BBF33488EAB2CFCA; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3D1AFE88C53D4F26A12840185D18D943&expires=365
set-cookie: suid=3D1AFE88C53D4F26A12840185D18D943; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=3D1AFE88C53D4F26A12840185D18D943; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=43AE1F74FB0C44648BECF73B6A04654F
set-cookie: suid=43AE1F74FB0C44648BECF73B6A04654F; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=43AE1F74FB0C44648BECF73B6A04654F; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/pubmatic
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=D0823C73D81D4E79AAC0D84B1A21401D; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=D0823C73D81D4E79AAC0D84B1A21401D; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/telaria_p
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=33141E308E89471F85353E0ADFE66A17
set-cookie: suid=33141E308E89471F85353E0ADFE66A17; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=33141E308E89471F85353E0ADFE66A17; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/tapad
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /tapad HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A
set-cookie: suid=2220C79D76B845069E0781F0AC21639A; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=2220C79D76B845069E0781F0AC21639A; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ad_advisor
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ad_advisor HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2218780F5C5E400DAD7B5AF65DEF4704
set-cookie: suid=2218780F5C5E400DAD7B5AF65DEF4704; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=2218780F5C5E400DAD7B5AF65DEF4704; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AF7ED0D455D94D0DA2EE9664630D682E
set-cookie: suid=AF7ED0D455D94D0DA2EE9664630D682E; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=AF7ED0D455D94D0DA2EE9664630D682E; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
142.250.74.130302 Found 248 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 90f3317c598426fe1c249b0cc4845475
72856fffdc53e9e630c38bbd9b4fe04afb72015a
2d722b67473e8cf5282435d3608e9a9fe2092279aceaf9d88d4b89fecac69c8b
GET /pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://um.simpli.fi/g_match?id=&google_error=3
date: Sun, 30 Oct 2022 16:51:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ad2cced230b50fff1d3d7b55a81a6ab7
4827c5613fe891a749fbfdb5d33b3d7dda05cd79
f4fcea9918fc32dca08d111a11e894d02134e317b9400146540dd7abd6521abb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a9cb409214c05c66df16f488327e86d4
18824846c07ee7e78f7275a78e190c2b5c1c3c89
2ed77e2cb968012185854d2c01d26d87888b680768c9089d26cda06ebb80333b
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 16:51:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 22:10:19 GMT
Expires: Sat, 05 Nov 2022 22:10:18 GMT
Etag: "18824846c07ee7e78f7275a78e190c2b5c1c3c89"
Cache-Control: max-age=602863,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 586
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7625a74d9920b4f3-OSL
um.simpli.fi/g_match?id=&google_error=3
34.91.62.186204 No Content 0 B URL HTTP/2 um.simpli.fi/g_match?id=&google_error=3
IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g_match?id=&google_error=3 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 30 Oct 2022 16:51:03 GMT
set-cookie: suid=C19786B5FDD64AB8A33A71597D6B0527; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; SameSite=none; Secure;
suid_legacy=C19786B5FDD64AB8A33A71597D6B0527; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:03 GMT; Secure;
expires: Sat, 29 Oct 2022 16:51:03 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AF7ED0D455D94D0DA2EE9664630D682E
143.204.55.22403 Forbidden 986 B URL HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AF7ED0D455D94D0DA2EE9664630D682E
IP 143.204.55.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b5e916659f05e75a67c568c84899cd20
aec4ebbe6c2cc850de2a3bb0fd21b919079c69f5
3ab10e8139c22be3a318bc90735090a61f570eb18365ad82898b81f88a85e7f4
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AF7ED0D455D94D0DA2EE9664630D682E HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Sun, 30 Oct 2022 16:51:03 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uQPYTJGOlM2NwBGQ4EK1uSo0h3Eix4piAolV6U62oIEFcbFrcCnMhA==
X-Firefox-Spdy: h2
fei.pro-market.net/engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;
107.178.240.89302 Found 0 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;
IP 107.178.240.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img; HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="1+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rkks53)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;sr
content-type: image/gif
content-length: 0
date: Sun, 30 Oct 2022 16:51:03 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=d6teY9XANcbI6wSlxbmABg&sscte=1&crd=
172.217.21.162302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=d6teY9XANcbI6wSlxbmABg&sscte=1&crd=
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=d6teY9XANcbI6wSlxbmABg&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:51:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-Oct-2022 17:06:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 705300d410377c8d82ace4b2ea761292
25c400c9c7fe6dd40af104c02ff3f533b3cea19e
c59f1dff3280fdb79fd17e7108030cbb01375df2485e984f20c920effef68c99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fei.pro-market.net/engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;sr
107.178.240.89200 OK 43 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;sr
IP 107.178.240.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=D24EE44F91BA422C9978C13EE30B7150;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rkks54)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Sun, 30 Oct 2022 16:51:03 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stags.bluekai.com/site/29931?id=536048F18E2C4CE1A0AC0A14D93021B8
23.38.201.22200 OK 62 B URL HTTP/2 stags.bluekai.com/site/29931?id=536048F18E2C4CE1A0AC0A14D93021B8
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/29931?id=536048F18E2C4CE1A0AC0A14D93021B8 HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 30 Oct 2022 16:51:04 GMT
set-cookie: bku=blx99cigUZ1PZK1X; Path=/; Domain=.bluekai.com; Expires=Sun, 30 Apr 2023 16:51:04 GMT; Secure; SameSite=None
bkpa=KJy9nyexd02pSUHknp/8mE1hwtkAwEDpBM96mWRhmWD0xpHeHEaO1Wae1WWhBWx81p901D/T9y9Znx+2; Path=/; Domain=.bluekai.com; Expires=Sun, 30 Apr 2023 16:51:04 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 302b483b0d06ba9012004b70aff25746
3c8bbc6c90184ffa77675b9f6caa88a6b9e81288
b66de15abbce14a6294222716e8bb6cdca7ef0e6be7b924e25300c0995827c1d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5705
Cache-Control: max-age=167931
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635e822a-1d7"
Expires: Tue, 01 Nov 2022 15:29:55 GMT
Last-Modified: Sun, 30 Oct 2022 13:54:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b3950bcf781a98a95cda56b089d64367
38182ace949a5462837d1abc83d9a3144af34706
ea78e5ed03ef925ed100faeec8f63feda2316df4951126e3050e233f2491a394
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 30 Oct 2022 01:42:55 GMT
Expires: Sun, 06 Nov 2022 01:42:54 GMT
Etag: "38182ace949a5462837d1abc83d9a3144af34706"
Cache-Control: max-age=549709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7625a74e797db50f-OSL
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 002cb5b1838604672ee361c35c10965e
f655b952ce8af6d61321686a4d90fae39c2adf27
00455f04e92a40d655546a2b9182116446fa48711fc744b62f6769b373941d47
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4561
Cache-Control: max-age=113879
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635db37e-1d7"
Expires: Tue, 01 Nov 2022 00:29:03 GMT
Last-Modified: Sat, 29 Oct 2022 23:13:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
us-u.openx.net/w/1.0/sd?id=537072966&val=43AE1F74FB0C44648BECF73B6A04654F
35.244.159.8200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537072966&val=43AE1F74FB0C44648BECF73B6A04654F
IP 35.244.159.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537072966&val=43AE1F74FB0C44648BECF73B6A04654F HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 30 Oct 2022 16:51:04 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2e2bd4b97aca6a0eec8270833c2cb16a
0e256dc85f9f91643c009971483db657c7947788
6763be97e81767383bc3bfdb88622403474845e2fffd9bbc6faae735a1d52e33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
idsync.rlcdn.com/419566.gif?partner_uid=DCDA86A358F04FE393ACE76A70D4726D
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/419566.gif?partner_uid=DCDA86A358F04FE393ACE76A70D4726D
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /419566.gif?partner_uid=DCDA86A358F04FE393ACE76A70D4726D HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 451 Unavailable For Legal Reasons
date: Sun, 30 Oct 2022 16:51:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash da0a65e05f601a0452c4b04c9798d89c
f73a63f2522f8d9a9c8240ed119db43efb85fecb
b1b73020436e5ae7dd2e527281a6487720f236a5dbf8e387e0be660734e388db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159443
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635e6778-1d7"
Expires: Tue, 01 Nov 2022 13:08:27 GMT
Last-Modified: Sun, 30 Oct 2022 12:00:56 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j4DYmn6p7XRD6ONYcMkVWG7DS-IAvTR7ydAusInDYgKkyovsHmBXVg==
Age: 4051
sync.search.spotxchange.com/partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=0aa55915-5873-11ed-aabe-1131174c0506; expires=Sun, 27-Nov-2022 16:51:04 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F&__user_check__=1&sync_id=0aa5595a-5873-11ed-aabe-1131174c0506
X-fe: 86
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ib.adnxs.com/setuid?entity=66&code=CE0AB1CE8F4E42F1BBF33488EAB2CFCA
185.89.210.101307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=CE0AB1CE8F4E42F1BBF33488EAB2CFCA
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=CE0AB1CE8F4E42F1BBF33488EAB2CFCA HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCE0AB1CE8F4E42F1BBF33488EAB2CFCA
AN-X-Request-Uuid: 0185a4b7-cb68-4cb7-b97d-8e5c134de0cd
Set-Cookie: uuid2=2479841955079050837; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 28-Jan-2023 16:51:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3806169def8861e18c16805744e13a3
f41d1b61fef96e46860a8a1cf08ec7df6bc7196d
58b52edce1006ce040ff70a4366b146d1e581046bee2eb77481febe929ae2dd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6489
Cache-Control: max-age=168728
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635e8237-1d7"
Expires: Tue, 01 Nov 2022 15:43:12 GMT
Last-Modified: Sun, 30 Oct 2022 13:55:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd73a87ecd46168245cd70e458043cbb
6483a7b7483f0ae8f016d3e9c33139ba9655b635
d77d3b8cf951c778c10969fde5046dae2ebedeed979946ec09ffd6bad21e4155
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3270
Cache-Control: max-age=126597
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635dea37-1d7"
Expires: Tue, 01 Nov 2022 04:01:01 GMT
Last-Modified: Sun, 30 Oct 2022 03:06:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=7969&xuid=F531B16A3E0A416FB832FCB8740E78FB&dongle=yf3
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7969&xuid=F531B16A3E0A416FB832FCB8740E78FB&dongle=yf3
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7969&xuid=F531B16A3E0A416FB832FCB8740E78FB&dongle=yf3 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:04 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:51:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 9d968d709900704a2887931b98712058
99f2195a4a27e4620c2c3911a460b42e3975f6ba
0593566a921cd33e6c07338c98e3a9c6c5f85cc5f67c797832d3967d97501129
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 30 Oct 2022 07:11:09 GMT
Expires: Mon, 31 Oct 2022 07:11:09 GMT
ETag: "99f2195a4a27e4620c2c3911a460b42e3975f6ba"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 302b483b0d06ba9012004b70aff25746
3c8bbc6c90184ffa77675b9f6caa88a6b9e81288
b66de15abbce14a6294222716e8bb6cdca7ef0e6be7b924e25300c0995827c1d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3059
Cache-Control: max-age=165285
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635e822a-1d7"
Expires: Tue, 01 Nov 2022 14:45:49 GMT
Last-Modified: Sun, 30 Oct 2022 13:54:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 4b9689dc0d175766d1e09e6102fb3f75
18a5f8d9ab2eaf6dedd224bc86fb92335927872e
a615199bc00e76cf2bd5cba62644cb3061128573bfa4013bfe5430755b993422
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 29 Oct 2022 20:34:47 GMT
Expires: Sun, 30 Oct 2022 20:34:47 GMT
ETag: "18a5f8d9ab2eaf6dedd224bc86fb92335927872e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
loadm.exelator.com/load/?p=204&g=2191&simid=A40E1B902BB04BA19828D1A493F55BC1&j=0
34.254.143.3204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=A40E1B902BB04BA19828D1A493F55BC1&j=0
IP 34.254.143.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=A40E1B902BB04BA19828D1A493F55BC1&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 30 Oct 2022 16:51:04 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 30 Oct 2022 16:51:04 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1667148664205;Expires=Thu, 29 Dec 2022 16:51:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=69d50f88-2a14-4019-868b-161c76d72d04;Expires=Thu, 29 Dec 2022 16:51:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F&__user_check__=1&sync_id=0aa5595a-5873-11ed-aabe-1131174c0506
185.94.180.125200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F&__user_check__=1&sync_id=0aa5595a-5873-11ed-aabe-1131174c0506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=9FED89FD978348D5B6020BCF5A1C959F&__user_check__=1&sync_id=0aa5595a-5873-11ed-aabe-1131174c0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=0ab08c28-5873-11ed-958f-1a3cf9d10306; expires=Sun, 27-Nov-2022 16:51:04 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 55
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3ff3fa16e037f40095f7c9dbd53acf10
64193a0dcf67f1a316e7df5b681b822f85a20b29
9fe09be583afafdfdacd77bd7cbca3f68e16a34890163ff581e9f436a7f10045
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25
99.81.33.254302 Found 0 B URL HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25
IP 99.81.33.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /map/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 30 Oct 2022 16:51:04 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.13.79
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=2&3pid=E3A4073E6E1C4EA9961171F079629322
216.52.2.30204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=E3A4073E6E1C4EA9961171F079629322
IP 216.52.2.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=E3A4073E6E1C4EA9961171F079629322 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Sun, 30 Oct 2022 16:51:04 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pod: X-Sovrn-Pod: ad_ap6ams1
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash b1ae0a0e9decc937a68d40c5a95c3e98
642129a163d4baa85c14eff8d2c2c86d2245f733
2c48f7bcde3b1c9adbcd9f42aa4efc47a838c2f3fe45a64986210b532d05b155
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3040
Cache-Control: max-age=135020
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635e0c04-2d7"
Expires: Tue, 01 Nov 2022 06:21:24 GMT
Last-Modified: Sun, 30 Oct 2022 05:30:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 727
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCE0AB1CE8F4E42F1BBF33488EAB2CFCA
185.89.210.101200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCE0AB1CE8F4E42F1BBF33488EAB2CFCA
IP 185.89.210.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3DCE0AB1CE8F4E42F1BBF33488EAB2CFCA HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 72bd20d0-8a35-4656-a29d-b7e1b8782570
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2Il^rJWM(!]tbPl1N!7On*M$=BX@6cxY=Rl#!xfe:?kMh0]WWh1P`jdW]oRfnR2`kmuaN`=u<r/X%W#.wL4W1Qw2FAZe'^; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 28-Jan-2023 16:51:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A
35.227.248.159200 OK 95 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A
IP 35.227.248.159:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=2220C79D76B845069E0781F0AC21639A HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:04 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1667148664248;Expires=Thu, 29 Dec 2022 16:51:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=5ddf0183-c07b-4862-9692-aee2074f8b9d;Expires=Thu, 29 Dec 2022 16:51:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Thu, 29 Dec 2022 16:51:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25
99.81.33.254200 OK 49 B URL HTTP/2 bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25
IP 99.81.33.254:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/ct=y/c=7625/tp=SIMP/tpid=C81F325E3AD642FFAD5296AB0CA81F25 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:04 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.30.16
x-consent: absent
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 780c78c3308a040a7ae0c5f856e382bc
ec936f2194e9b9ae98e1dbcded09a047c2905b60
62182868c2579b05fcdeb2709328c59fff077b977080184af5d4e3ff01e42252
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90784
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635d5260-1d7"
Expires: Mon, 31 Oct 2022 18:04:08 GMT
Last-Modified: Sat, 29 Oct 2022 16:18:40 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gIekjvUDyiVKEBs44hXTpiZWlPPJdMrx43FxUxoUF2cvppnZ7enMIQ==
Age: 6328
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ef1f21f252900f5fe405ccabca14e7fa
a23a6b4ae7a5eddf58ef66b6fe4648c2716f0193
e5cc6b7e4fc09e710ceb466279ebb555987621395b5058836371f3572101386f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd73a87ecd46168245cd70e458043cbb
6483a7b7483f0ae8f016d3e9c33139ba9655b635
d77d3b8cf951c778c10969fde5046dae2ebedeed979946ec09ffd6bad21e4155
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3270
Cache-Control: max-age=126597
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635dea37-1d7"
Expires: Tue, 01 Nov 2022 04:01:01 GMT
Last-Modified: Sun, 30 Oct 2022 03:06:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b3950bcf781a98a95cda56b089d64367
38182ace949a5462837d1abc83d9a3144af34706
ea78e5ed03ef925ed100faeec8f63feda2316df4951126e3050e233f2491a394
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 16:51:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 30 Oct 2022 01:42:55 GMT
Expires: Sun, 06 Nov 2022 01:42:54 GMT
Etag: "38182ace949a5462837d1abc83d9a3144af34706"
Cache-Control: max-age=549709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7625a74fbb00b50f-OSL
www.google.no/pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777&ipr=y&prhg=0
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777&ipr=y&prhg=0
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=1761296480&cv=7&fst=1667148663693&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=d6teY9XANcbI6wSlxbmABg&random=264639777&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:51:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ef1f21f252900f5fe405ccabca14e7fa
a23a6b4ae7a5eddf58ef66b6fe4648c2716f0193
e5cc6b7e4fc09e710ceb466279ebb555987621395b5058836371f3572101386f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 0692c99723734f5b964ca91bafc00500
4d2705ba5ce94b7ac203370051ca6c1b7890f826
6abd38abd29bef22bff08cdce6484826a2f1cfcce5702561b742d71e45441bba
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90662
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635d5114-1d7"
Expires: Mon, 31 Oct 2022 18:02:06 GMT
Last-Modified: Sat, 29 Oct 2022 16:13:08 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Luu_0IA59ihFwKM_xTefOqCsQFe0em5RB_-iK7wSDKfB9ggi8dmQww==
Age: 6538
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a2de653b3c38f5ccde7a0bf5719ecef
ba3b38638b05f68c6f1eeee344f1948f880b5f8f
45347ab86fa01e7da21d973011c96fff0e6d8171029d18f12c791db6e5c8d983
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4116
Cache-Control: max-age=116665
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 16:51:04 GMT
Etag: "635dc01d-1d7"
Expires: Tue, 01 Nov 2022 01:15:29 GMT
Last-Modified: Sun, 30 Oct 2022 00:06:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
sync.bfmio.com/sync?pid=141&uid=AA2B7FB6457A41C286DDD4C22100017F
54.205.71.136204 0 B URL HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=AA2B7FB6457A41C286DDD4C22100017F
IP 54.205.71.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=AA2B7FB6457A41C286DDD4C22100017F HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
Date: Sun, 30 Oct 2022 16:51:04 GMT
Set-Cookie: __141_cid=AA2B7FB6457A41C286DDD4C22100017F; Domain=.bfmio.com; Expires=Mon, 30-Oct-2023 16:51:04 GMT; Path=/
__io_cid=cf90705302d56b3158d8fd5d0465ccfa51cbc500; Domain=.bfmio.com; Expires=Mon, 30-Oct-2023 16:51:04 GMT; Path=/
Connection: keep-alive
d.agkn.com/pixel/10751/?che=1667148664280&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D220113204320002541036
34.248.212.187302 Found 0 B URL HTTP/1.1 d.agkn.com/pixel/10751/?che=1667148664280&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D220113204320002541036
IP 34.248.212.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/10751/?che=1667148664280&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D220113204320002541036 HTTP/1.1
Host: d.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate
Date: Sun, 30 Oct 2022 16:51:04 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://um.simpli.fi/aa_px?sk=220113204320002541036
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3A7plVSxHzTjPe0rCAP8M%2BoQm3fXLf06z6;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
u=C|0AAAq8Wf4KvFn-AAAAAAA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 0
Connection: keep-alive
um.simpli.fi/aa_px?sk=220113204320002541036
34.91.62.186302 Found 142 B URL HTTP/2 um.simpli.fi/aa_px?sk=220113204320002541036
IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /aa_px?sk=220113204320002541036 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 30 Oct 2022 16:51:04 GMT
content-type: text/html
content-length: 142
set-cookie: suid=8611856E62A84CBC98BDE28700C4ED47; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:04 GMT; SameSite=none; Secure;
suid_legacy=8611856E62A84CBC98BDE28700C4ED47; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:04 GMT; Secure;
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/empty.gif
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /empty.gif HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=7BFE5BF7D65D41F596BA8A4EC89B3794; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:04 GMT; SameSite=none; Secure;
suid_legacy=7BFE5BF7D65D41F596BA8A4EC89B3794; Path=/; domain=simpli.fi; Expires=Tue, 31-Oct-23 16:51:04 GMT; Secure;
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3D1AFE88C53D4F26A12840185D18D943&expires=365
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3D1AFE88C53D4F26A12840185D18D943&expires=365
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=3D1AFE88C53D4F26A12840185D18D943&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
Content-Type: image/gif
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c52f3ba-431b-49b4-add9-144f1ed29d24.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c52f3ba-431b-49b4-add9-144f1ed29d24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb172796a2f188864b0e43cf4d12f0e7
c2e6735cb55bcf25432b08856fb7f4544d2a2ecb
3f018e0106027564814413ba39ef05813be65c16c022263474067a9c98d41987
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c52f3ba-431b-49b4-add9-144f1ed29d24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9382
x-amzn-requestid: 40fd211a-60bb-4447-bda0-d30732de7912
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayVxOFEToAMF2vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cd4-314afc4f42f9568505a97997;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4tX99HLMI7-6q8ajqNCbuN_C_gCwwS_rcO_UQSnss4AULVq73Mt_yg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 22:05:49 GMT
age: 67520
etag: "c2e6735cb55bcf25432b08856fb7f4544d2a2ecb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoosiana.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 30 Oct 2022 16:51:01 GMT
date: Sun, 30 Oct 2022 16:51:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2218780F5C5E400DAD7B5AF65DEF4704
54.76.86.77302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2218780F5C5E400DAD7B5AF65DEF4704
IP 54.76.86.77:0
GET /adscores/g.pixel?sid=9201915418&sifi_uid=2218780F5C5E400DAD7B5AF65DEF4704 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 30 Oct 2022 16:51:04 GMT
location: https://d.agkn.com/pixel/10751/?che=1667148664280&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D220113204320002541036
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3AIujqf0c2Tq09UyKOgbLyqYLNb36pdYHH; Path=/; Domain=.agkn.com; Expires=Mon, 30-Oct-2023 16:51:04 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
simplifi.partners.tremorhub.com/sync?UISF=33141E308E89471F85353E0ADFE66A17
34.203.60.99200 OK 0 B URL HTTP/2 simplifi.partners.tremorhub.com/sync?UISF=33141E308E89471F85353E0ADFE66A17
IP 34.203.60.99:0
GET /sync?UISF=33141E308E89471F85353E0ADFE66A17 HTTP/1.1
Host: simplifi.partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoosiana.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 16:51:04 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2