redirecting3.eu/p/18NL/K4i8/988g
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 redirecting3.eu/p/18NL/K4i8/988g
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /p/18NL/K4i8/988g HTTP/1.1
Host: redirecting3.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 21 Jan 2023 19:18:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 21 Jan 2023 20:18:48 GMT
Location: https://redirecting3.eu/p/18NL/K4i8/988g
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7XDbMgnJBTJ3OowbS4wv7Hzm2TSdM7Fj31RAqFsL3aTrq%2FvI4K7CX5ea1dDL3wq6nhScoylNrhJG6o%2Ffhprv5y5yoIERnOBuopjqGNUoveo2RruOVDNsMBlbeU2HPidgs0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d265da096a0b39-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11094
Expires: Sat, 21 Jan 2023 22:23:42 GMT
Date: Sat, 21 Jan 2023 19:18:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15243
Expires: Sat, 21 Jan 2023 23:32:51 GMT
Date: Sat, 21 Jan 2023 19:18:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 18:34:44 GMT
content-type: application/json
age: 2644
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6582
Expires: Sat, 21 Jan 2023 21:08:30 GMT
Date: Sat, 21 Jan 2023 19:18:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ri4t2XELxJzMjIzDbXtiTMmLBH6gfTC7pGqzM1nTUU/F0ij4Nz6rCKnKBkS4yQQTgCGltXhcjvo=
x-amz-request-id: 59RQ85KWQ3A1TSQM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 19:18:07 GMT
age: 41
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 772cb30739c8015bee0dee5405f3fa5a
be0515f3822211a6d70eb1a16af489277cbfc16d
195c46f43aab39237e0c4aac9de03109793821d2d2bc9ebf434f21ebaced11f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "195C46F43AAB39237E0C4AAC9DE03109793821D2D2BC9EBF434F21EBACED11F1"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Sun, 22 Jan 2023 01:18:21 GMT
Date: Sat, 21 Jan 2023 19:18:49 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 19:18:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 772cb30739c8015bee0dee5405f3fa5a
be0515f3822211a6d70eb1a16af489277cbfc16d
195c46f43aab39237e0c4aac9de03109793821d2d2bc9ebf434f21ebaced11f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "195C46F43AAB39237E0C4AAC9DE03109793821D2D2BC9EBF434F21EBACED11F1"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Sun, 22 Jan 2023 01:18:21 GMT
Date: Sat, 21 Jan 2023 19:18:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 12 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
Hash 8e2e183473ebc918d460517530f4a77c
d86f556faa90a36711bae8ba088f1b96a199e080
a62802910a86a26dbcdb4832fb4ce7dafba0b7e3fb0a436779354082d0b15384
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 18:48:58 GMT
age: 1791
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://redirecting3.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 21 Jan 2023 17:45:20 GMT
expires: Sat, 21 Jan 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 5609
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5642
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:49 GMT
Last-Modified: Sat, 21 Jan 2023 17:44:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.83.112.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.112.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 64cAgHAUpsJJ/raGrFrRhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W7Sw5zzLXAeJBwM9nKxXUX3tYAg=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
216.58.207.227200 OK 7.3 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7292, version 1.0\012- data
Hash 310db26833980fdf3643ba5e425c169d
9c765046671da2b10cd86f830e83de4dbfcf8d81
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
GET /s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 00:49:30 GMT
expires: Tue, 16 Jan 2024 00:49:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
content-type: font/woff2
age: 498560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
216.58.207.227200 OK 9.2 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9192, version 1.0\012- data
Hash e51ce9d6c4012d6cad42df7e131ebf76
326b56481a3967d4bdb3179d0c0f1e4c9a95a0f6
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
GET /s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9192
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:11:19 GMT
expires: Tue, 16 Jan 2024 18:11:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 18:09:44 GMT
content-type: font/woff2
age: 436051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 4.4 kB IP 216.58.211.3:0
Hash 4d9777e6d773363e2f1e293fe59188d7
28465d79175cfaac58e4fc98b48de5f6d8cd24ad
b27199159deb1db97de4dea418fdc001d831ebe6fa5a3e958b3c90d06326f2a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
policy.app.cookieinformation.com/uc.js
152.199.21.175200 OK 11 kB URL HTTP/2 policy.app.cookieinformation.com/uc.js
IP 152.199.21.175:0
File type Unicode text, UTF-8 text, with very long lines (33107), with no line terminators
Hash 81ede35afefa8f32ce3fd21406c6847a
cb0726b26484835a5430390efe21a3dc3c3a59f6
1aa4d56e416e187692876e268187d7bfaad7db788b888fb92f4e80f7300cd2d5
GET /uc.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 29
cache-control: max-age=300
content-md5: EX5qdQdyZyRflB6fYUbIlA==
content-type: application/javascript
date: Sat, 21 Jan 2023 19:18:50 GMT
etag: 0x8DAE403680AC17E
expires: Sat, 21 Jan 2023 19:23:50 GMT
last-modified: Thu, 22 Dec 2022 10:00:50 GMT
server: ECAcc (ska/F74D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 2eb65de8-e01e-0025-4acd-2d9131000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 10660
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
216.58.207.227200 OK 9.1 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9132, version 1.0\012- data
Hash 358d3070946a90b4960cd111154fdc12
a0ba0bf47a7f905f9aa1a3ce15a39cdac62466ee
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
GET /s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 18:35:07 GMT
expires: Mon, 15 Jan 2024 18:35:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
content-type: font/woff2
age: 521023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOXOhpKKSTj5PW.woff2
216.58.207.227200 OK 7.4 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOXOhpKKSTj5PW.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7440, version 1.0\012- data
Hash b795f8e9cc27d2c0eca992ff45747e9f
ba834dc64cdbbbb62397608c6c8406687bc0a0b9
24fa3876869e08deb833b5d996264271326c4a18a4b8bbaf548c399036d6a02d
GET /s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOXOhpKKSTj5PW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 11:35:39 GMT
expires: Wed, 17 Jan 2024 11:35:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 18:09:55 GMT
content-type: font/woff2
age: 373391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2
216.58.207.227200 OK 7.4 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7364, version 1.0\012- data
Hash ea10852dd6f3c0a059695a402e9f6bb1
344ad455936bc6c6ce62de711794d47e9654f2b0
b61047f357297788d3a55acc2bd6921330b4f44e6e56686b6ee4407ac8468f8a
GET /s/opensans/v18/mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 07:22:19 GMT
expires: Tue, 16 Jan 2024 07:22:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
content-type: font/woff2
age: 474991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
216.58.207.227200 OK 9.2 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9180, version 1.0\012- data
Hash a01def30f4398df303f818579d05f4ea
01ebe0374d54222d690db76d0d1974238744a4e9
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
GET /s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:05:54 GMT
expires: Wed, 17 Jan 2024 18:05:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
content-type: font/woff2
age: 349976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
policy.app.cookieinformation.com/cookiesharingiframe.html
152.199.21.175200 OK 2.8 kB URL HTTP/2 policy.app.cookieinformation.com/cookiesharingiframe.html
IP 152.199.21.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8796), with no line terminators
Hash 1be7ea6c7f373db951f6f2f24740facb
a0136ef2ad8226ccfd5030bb41139f78e76e4c3f
1cd21944758500b60a3ae76be17c8c9274f89ee2641df2ae48848b6259f103e2
GET /cookiesharingiframe.html HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 291
cache-control: max-age=300
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Sat, 21 Jan 2023 19:18:50 GMT
etag: 0x8DAE403680BF9D3
expires: Sat, 21 Jan 2023 19:23:50 GMT
last-modified: Thu, 22 Dec 2022 10:00:50 GMT
server: ECAcc (ska/F754)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e976c1f8-601e-0059-14cc-2dbfce000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 2809
X-Firefox-Spdy: h2
alerabat.com/extension/install?sub1=mlClick-m5jFqg48&sub2=617500&sub3=MyLead
172.67.73.9200 OK 30 kB URL HTTP/2 alerabat.com/extension/install?sub1=mlClick-m5jFqg48&sub2=617500&sub3=MyLead
IP 172.67.73.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f321af9f001ce082f377edeeef6d974
96d978fc69ff743e2b587568f1febb4de284d48f
68de05caf4506fff5e7518bf57397b38d24fbcea4f69ac7aaf3ce80975178f8c
GET /extension/install?sub1=mlClick-m5jFqg48&sub2=617500&sub3=MyLead HTTP/1.1
Host: alerabat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://redirecting3.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 19:18:50 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
strict-transport-security: max-age=2592000; includeSubDomains
set-cookie: ext_mylead_sub1=mlClick-m5jFqg48; expires=Fri, 21-Apr-2023 18:18:50 GMT; Max-Age=7772400; path=/; httponly; samesite=lax
ext_mylead_sub2=617500; expires=Fri, 21-Apr-2023 18:18:50 GMT; Max-Age=7772400; path=/; httponly; samesite=lax
device_view=full; expires=Tue, 21-Feb-2023 19:18:50 GMT; Max-Age=2678400; path=/; httponly
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBzaRp6ZvFM51%2B%2BKUGS2b9wWQys6QgWUUo9J4aGWrEFdO4Ah4Ypu8qX0E7ey01zwP39q6%2FW5gV79n9rRyVJPqWy77XlUBK4ASJ4dieVmEcvt6l2Gf53kbt0YXqMR8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d265e19fc6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TR5N46
142.250.74.40200 OK 97 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR5N46
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (37246)
Hash e606c8b94384c9bde783bb39bfd38517
4aee25d695e994238e787bf05bab73b3fced9145
464abba6287cf584ce78cdd583a300eda447d816d705608b13d2f8173c3af7fd
GET /gtm.js?id=GTM-TR5N46 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 19:18:50 GMT
expires: Sat, 21 Jan 2023 19:18:50 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96575
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/ee87f3/alerabat.com/pl.js
152.199.21.175200 OK 15 kB URL HTTP/2 policy.app.cookieinformation.com/ee87f3/alerabat.com/pl.js
IP 152.199.21.175:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65289)
Hash 1daf96b3eea912fc86a8595b0a497e3a
9a4780450f220e595984ef3438156d200c3b6e3f
894eb0d65356e606f7c34883c13d3013cf44c0263dc69d14d7401231a3f2eaac
GET /ee87f3/alerabat.com/pl.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=300
content-md5: gWybuQZyRoInZlWGTO8XRg==
content-type: application/javascript
date: Sat, 21 Jan 2023 19:18:50 GMT
etag: 0x8DAF2797ACF5089
expires: Sat, 21 Jan 2023 19:23:50 GMT
last-modified: Mon, 09 Jan 2023 19:41:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 160a2fd9-801e-00a5-78cd-2d6e37000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 15302
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-M7QBSXW
142.250.74.174200 OK 113 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-M7QBSXW
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 113 kB (113415 bytes)
Hash 09f7c9523f4972399f1fdfd3ce8e53e1
d34af37ecc4ad64e9d35f91698de8cea68e784c9
b60b7ad8cf01543141313b6943a2dba4970d8f308b76ecaa2860dc30c7171dad
GET /optimize.js?id=GTM-M7QBSXW HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 19:18:50 GMT
expires: Sat, 21 Jan 2023 19:18:50 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a9632769f4ef97cebf6548886e7ecfb6
6f7de8b7999f566d79cc026774e790502f191850
dbc9a2ecbc7fc795688c959b5c07e4f3e440a8852ade4ba68948a2629c019d02
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 19:18:50 GMT
Last-Modified: Sat, 21 Jan 2023 17:52:39 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uuFlmPPQodW21gmvGVPIVW9rQ_B3jiByEPazGE6xMO2UfUPfah6ykQ==
Age: 5171
capture-api.ap3prod.com/-/events/page-event
3.136.152.32200 OK 68 B URL HTTP/2 capture-api.ap3prod.com/-/events/page-event
IP 3.136.152.32:0
File type JSON data\012- , ASCII text
Hash e6ff063f78040ec1e55c3c01684157f8
db88f3bab617e9faf8835e97f3a3a34a3513fd23
04139a81669e8149750d278ec75f43594e0fe21075eedf85881e11d01529ab83
POST /-/events/page-event HTTP/1.1
Host: capture-api.ap3prod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 327
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 19:18:50 GMT
content-type: application/json
content-length: 68
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://alerabat.com
allow: GET, POST, PUT, DELETE, OPTIONS
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: s=IGPMOpoA10hL03YDAGPMOpoupFsbyad9J7EuBEzt6XdiuuiY7g; Path=/; Expires=Tue, 20 Jan 2026 19:18:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Accept-Encoding
x-version: master-2301200639-3678-8e4af60
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBR3UGBC77U963VQ5820&lib=ttq
95.101.10.113200 OK 1.4 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBR3UGBC77U963VQ5820&lib=ttq
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3441)
Hash dfe41b7940e71e16223c683b7df2745b
a53ed896e33b669ae6f8ce4bc6cffb17196d3bcb
8d38d768dc9859397b778d3bfc100df132be61d594deea9132591a7b94de36ba
GET /i18n/pixel/events.js?sdkid=CBR3UGBC77U963VQ5820&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230121191850828FCA427BC42150777D
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b94d8044efc74bad14bd83627e0319554be979fad0eb20f10a23f79a1bc5f68e112074f470d186c634c5b53418970b9128e14a5bbe9d8b6b7b1a5209b00933d8d45e69c2e88135d4a24e855ea79b85ee5
content-encoding: gzip
content-length: 1439
x-origin-response-time: 55,23.220.106.76
x-akamai-request-id: 287a397e.1270f7bd
expires: Sat, 21 Jan 2023 19:18:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 21 Jan 2023 19:18:50 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KeIgHCEjdOJsI4VrlHIQQNcpOa; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-106-76.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=55, inner; dur=13
x-parent-response-time: 156,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
95.101.10.113200 OK 68 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 0124d7d5e989c270f40d9802f0732fd8
1e6e3eda854acb2f92faad41cc39ed1b1baff7d8
828d1a595277d3b5aa0c72690a79a46306468f88ed16054e59e721dfde2253a6
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Cookie: _ttp=2KeIgHCEjdOJsI4VrlHIQQNcpOa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202301121758356AC605B348667A840430
x-tt-trace-host: 01814bbe4def86411beeb30373d8a0a1078f6d8d03190a3ce90a20922b9aace6a6925fe29dc6bed8d3832c2d873443cc0251bca2c5a97bb333427eee117429af43184bae223d82a747b6fe9ca6f355277d642babeee153884a939461620437b9bc
content-encoding: gzip
date: Sat, 21 Jan 2023 19:18:50 GMT
content-length: 68082
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
x-akamai-request-id: 1270f8b2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:50 GMT
Last-Modified: Sat, 21 Jan 2023 17:49:10 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 21 Jan 2023 17:45:20 GMT
expires: Sat, 21 Jan 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 5610
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F82147F4942842FB86B3C598B3DEE6CB Ref B: OSL30EDGE0114 Ref C: 2023-01-21T19:18:50Z
date: Sat, 21 Jan 2023 19:18:50 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: S4GKkVTgebf9Vy7eM/M2TxFMfZv4STurfTYLtBcm+iTboclSNsq5Zq9eTayMbV2xLbKkDgYYj+YtlifGmj7sAg==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 19:18:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Last-Modified: Sat, 21 Jan 2023 17:49:10 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
95.101.10.113200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e35cd3aeb48075134b13d5d593e609af
b967aced0b33616a54a9b7d5d3d092f28b9cca81
e25f7cb45c4d46dc9ebcf4cbe5209c87765cb94c15384780899eee7d888273e6
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Cookie: _ttp=2KeIgHCEjdOJsI4VrlHIQQNcpOa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825795F92399DF9E7BC6845
x-tt-trace-host: 01213c9428e1dc2e706424a5e4830ae2753a9403fe7ed2020932fc61a3c47c96784adda24a6c56428140d39df42ee71252f6133830581f45dad09e0f84f6c427e5570f8f5241c1349d3294ee56c52eab748dbda5cfd0ecad2a022e79233890d27b
content-encoding: gzip
content-length: 30930
date: Sat, 21 Jan 2023 19:18:51 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
x-akamai-request-id: 1270f952
X-Firefox-Spdy: h2
bat.bing.com/p/action/148010202.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/148010202.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/148010202.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 182A40AC3A3E428B8EB9169B6F8D00EF Ref B: OSL30EDGE0114 Ref C: 2023-01-21T19:18:51Z
date: Sat, 21 Jan 2023 19:18:50 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=148010202&tm=gtm002&Ver=2&mid=d941e3d0-8a3c-4330-8c38-4ef8cc264230&sid=6f7cffb099c011edbab1b33375386f7b&vid=6f7d09a099c011ed92970b0703645947&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=alerabat.com&p=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&r=https%3A%2F%2Fredirecting3.eu%2F<=501&evt=pageLoad&sv=1&rn=573003
13.107.21.200204 No Content 5.8 kB URL HTTP/2 bat.bing.com/action/0?ti=148010202&tm=gtm002&Ver=2&mid=d941e3d0-8a3c-4330-8c38-4ef8cc264230&sid=6f7cffb099c011edbab1b33375386f7b&vid=6f7d09a099c011ed92970b0703645947&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=alerabat.com&p=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&r=https%3A%2F%2Fredirecting3.eu%2F<=501&evt=pageLoad&sv=1&rn=573003
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 607be14f5609b1ff22906f2916d902f1
409f33456748375067cbd6b1ba963631562d3aed
8381cceb73b884c47cc8dc8c1eff2c96b62a7bdf9136d5c25f8f082c7b2e41be
GET /action/0?ti=148010202&tm=gtm002&Ver=2&mid=d941e3d0-8a3c-4330-8c38-4ef8cc264230&sid=6f7cffb099c011edbab1b33375386f7b&vid=6f7d09a099c011ed92970b0703645947&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=alerabat.com&p=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&r=https%3A%2F%2Fredirecting3.eu%2F<=501&evt=pageLoad&sv=1&rn=573003 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1E73823144696A480EEC9091459C6BB3; domain=.bing.com; expires=Thu, 15-Feb-2024 19:18:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B6CFB61F4BEC43AC9374323A5363EEBF Ref B: OSL30EDGE0114 Ref C: 2023-01-21T19:18:51Z
date: Sat, 21 Jan 2023 19:18:50 GMT
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.113200 OK 5.3 kB URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
Hash 71b6d21ffd9a4ca14c9df7f8a0230a55
9ec916bcfce569b5e4dae87778d31028e090941a
f92d74a5207df161170a018dc971b716a59e523ca9efc796f95aa3a7e11bbe51
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 849
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Cookie: _ttp=2KeIgHCEjdOJsI4VrlHIQQNcpOa
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230121191851B8736135BC4DF0774211
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb616c037d177ce59e2a29555d6813ad63346d3a7e3903861802d2cc3b70814fb76247b8264885f4ec962caba6a923890c622e43b9433bd4d173fa050aabc582f5ba6e1dcf82bdd440956bddf4b28196a9f
expires: Sat, 21 Jan 2023 19:18:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 21 Jan 2023 19:18:51 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=6, origin; dur=113
x-origin-response-time: 113,95.101.10.109
x-akamai-request-id: 1270f97d
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9223
Expires: Sat, 21 Jan 2023 21:52:34 GMT
Date: Sat, 21 Jan 2023 19:18:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9223
Expires: Sat, 21 Jan 2023 21:52:34 GMT
Date: Sat, 21 Jan 2023 19:18:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9223
Expires: Sat, 21 Jan 2023 21:52:34 GMT
Date: Sat, 21 Jan 2023 19:18:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9223
Expires: Sat, 21 Jan 2023 21:52:34 GMT
Date: Sat, 21 Jan 2023 19:18:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cxuHpm9vR0_DvHdEtR5p5eRRNAFgCrOTnak0RsH3OeCccehhurKhJA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 01:38:03 GMT
age: 63648
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&gjid=1578343166&_gid=1966996780.1674328730&_u=IEBAAEAAQAAAACAAI~&z=331277961
108.177.14.157200 OK 149 kB URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&gjid=1578343166&_gid=1966996780.1674328730&_u=IEBAAEAAQAAAACAAI~&z=331277961
IP 108.177.14.157:0
Size 149 kB (148707 bytes)
Hash 78d02bb44b42622bc016dbbd6e5adaea
09fe9b5aa69fa0453437e7400ef020665b95e99c
67e412ac5356a77d5b2294f28c6a03dddae391206b2b98e187205506b2401846
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&gjid=1578343166&_gid=1966996780.1674328730&_u=IEBAAEAAQAAAACAAI~&z=331277961 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://alerabat.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 19:18:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:04:24 GMT
age: 76467
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: 67ff0d3d-ed43-4269-92f4-c3eb5445e9c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyBEhzIAMFnCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-27c6ebf6450d0e3275dad906;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8-aCSDcxTLree8fsGCxZEqY0272fNcqQEtHJ7aVAO6XjQRmjZXgqdw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:18:04 GMT
age: 50447
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m9Elq65CekBIl_QIpAhrwIy_gNmHHhxO_lyhmgA_v7T0LUmCXNMOAQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:39:27 GMT
age: 77964
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2c28916-3631-461f-8eaf-6d24961d9110.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2c28916-3631-461f-8eaf-6d24961d9110.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 476046a1ca0444e381e76423ec70a59e
fca15006510971eeece8d0b0f0594e52c7089297
d15bd15ff9ac7ac17ecf1c85c6db3022db8e92ddc7a8d19e99f320b931be4236
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2c28916-3631-461f-8eaf-6d24961d9110.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11034
x-amzn-requestid: ea862f2a-f9df-4a80-a27e-5728e6a39c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w5UFWsoAMFobQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761d5-0d35e5a712fff4a57bf265b9;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sZdHPl3ikAqc-h9G-jxdw9wEb4sr7dljeD_lO2abCmGU8sLh30V57Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 04:03:01 GMT
age: 54950
etag: "fca15006510971eeece8d0b0f0594e52c7089297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1b8f3e0407b4d6e24afea546ca274e1
d8a70b23dba532ff8a44ebe4e12890efb5e0c584
24cb3abc9ffe27836d8e0bf2a1eff295d504e09b02237dc4dda938e012c49425
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6377
x-amzn-requestid: 065663fc-8bc2-4b83-a7e3-ad4e24f895f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EzgHCHIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4e3-6bbc3fe80ba4a7de13b99982;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -mkifCnUT7O_yZUfHIFdGexUiYGMk8s_Whsfey8PcmGBUWygX-cnjQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:30:57 GMT
age: 49674
etag: "d8a70b23dba532ff8a44ebe4e12890efb5e0c584"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=681043939426626&ev=PageView&dl=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&rl=https%3A%2F%2Fredirecting3.eu%2F&if=false&ts=1674328730356&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222242380935920983%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22PLN%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22733912894378398%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&it=1674328730137&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=681043939426626&ev=PageView&dl=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&rl=https%3A%2F%2Fredirecting3.eu%2F&if=false&ts=1674328730356&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222242380935920983%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22PLN%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22733912894378398%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&it=1674328730137&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=681043939426626&ev=PageView&dl=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&rl=https%3A%2F%2Fredirecting3.eu%2F&if=false&ts=1674328730356&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222242380935920983%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22PLN%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22733912894378398%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&it=1674328730137&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 19:18:51 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 1.5 kB IP 216.58.211.3:0
Hash 7a4909a67e7faa38a3f792526d79f95e
f9693c93eeef5ca449a32052d50839d969b1df32
5c0c2f71deb872eda26adb5447ae42796a753515686a1eaf4ffd68c938aadb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/859.25fcbbf1-1221.js
151.101.130.137200 OK 70 kB URL HTTP/2 js-agent.newrelic.com/859.25fcbbf1-1221.js
IP 151.101.130.137:0
Hash 8d003a2f5bc671bdca6b5716f75813cf
891efd08916235e7e11faec42fdd3efbc5a177a8
a87913068e1f232e3b49731e09c7997e2614b9635c2e80ed6bcc9761af2d23b8
GET /859.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +goQW8pSNEuaIL/VsSxuQTdOwAWWYzYUnH4OUaVbXC1zyfGdCkQKkZuApSeSUw3SR0m2dnPDMlc=
x-amz-request-id: 33WDWKJ4SEWGQJD2
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "955ba8bb9a6f4fec37ed25b54890b88a"
x-amz-version-id: LcQjPO428dQ4CkCwzu1ctp1i_7pNRF02
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 21 Jan 2023 19:18:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 2721
x-timer: S1674328731.449489,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5994
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&_u=IEBAAEAAQAAAACAAI~&z=900022142
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&_u=IEBAAEAAQAAAACAAI~&z=900022142
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&_u=IEBAAEAAQAAAACAAI~&z=900022142 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 19:18:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&_u=IEBAAEAAQAAAACAAI~&z=900022142
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&_u=IEBAAEAAQAAAACAAI~&z=900022142
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35417772-1&cid=392386814.1674328730&jid=1972568370&_u=IEBAAEAAQAAAACAAI~&z=900022142 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 19:18:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3c232c19f3fc429b50b4b21d042ea2d1
232ff9e14ff2bd70e2c058c139e3694cc8c45f25
dfdf4248506d908ca817562e74c64bdb1a192c61c6d1f2f2f66db045bc1e3575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chrome.google.com/_/scs/cws-static/_/ss/k=cws.main.Argaay56zxk.L.F4.O/am=AQ/d=0/rs=AAxzQIWitqQoIOcAP3LwnEFB5ph_qvUcmg
142.250.74.174200 OK 48 kB URL HTTP/2 chrome.google.com/_/scs/cws-static/_/ss/k=cws.main.Argaay56zxk.L.F4.O/am=AQ/d=0/rs=AAxzQIWitqQoIOcAP3LwnEFB5ph_qvUcmg
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash efe8c32229aa781b6dc718e0d58c4a8a
0f326976add635a41617288bc31f0845a30f0bfc
68b146d4bf50e5c62b0032f745f95b6aae228a381b3e7ed2fcd67bf8a68a8c6f
GET /_/scs/cws-static/_/ss/k=cws.main.Argaay56zxk.L.F4.O/am=AQ/d=0/rs=AAxzQIWitqQoIOcAP3LwnEFB5ph_qvUcmg HTTP/1.1
Host: chrome.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883; NID=511=cFZb4nluWFmFtya_1023fmeyRxLa2RyFZtNycOWgvmtPAKMvyoZLilc7my-8ZsGICtmuUZo4VIGMH6QnPnkUS69-YfT1-8vlbYxcOdqVsB8sSqb5RAxfbsDkeHwcoxHIKyWN85uz2llbFpf56IFU1Poec26368U6LVBYtT0RrC4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/chrome-webstore
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-webstore"
report-to: {"group":"chrome-webstore","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-webstore"}]}
content-length: 47892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 10:05:01 GMT
expires: Wed, 15 Feb 2023 10:05:01 GMT
cache-control: public, max-age=2332800
last-modified: Mon, 11 Jul 2022 23:09:16 GMT
content-type: text/css; charset=UTF-8
age: 206030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
142.250.74.99200 OK 370 B URL HTTP/2 www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
IP 142.250.74.99:0
File type ASCII text, with very long lines (1575)
Hash 5266900cb12d88989c1f360e3e4a9a2d
1aaa1a1aa9b38b65364032034cfb51f5f3f65014
b0e577a3fd8f3d3f1ae97954b5523595f66e6d0541fad66062b7cf4804142b59
GET /images/icons/material/anim/mspin/mspin_googcolor_medium.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 20:42:48 GMT
expires: Thu, 18 Jan 2024 20:42:48 GMT
cache-control: public, max-age=31536000
age: 254163
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14048, version 1.0\012- data
Hash cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://chrome.google.com/
Origin: https://chrome.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:34:17 GMT
expires: Wed, 17 Jan 2024 15:34:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
content-type: font/woff2
age: 359074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1253134067.1674328730&url=https%3A%2F%2Falerabat.com%2Fextension%2Finstall>m=2wg1i0TR5N46
142.250.74.130200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1253134067.1674328730&url=https%3A%2F%2Falerabat.com%2Fextension%2Finstall>m=2wg1i0TR5N46
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G100&gcd=G100&rnd=1253134067.1674328730&url=https%3A%2F%2Falerabat.com%2Fextension%2Finstall>m=2wg1i0TR5N46 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 19:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-5G9HQXFPLH>m=2oe1i0&_p=1888563576&gcs=G100&cid=1696136081.1674328730&ul=en-us&sr=1280x1024&_s=1&sid=1674328729&sct=1&seg=0&dl=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&dr=https%3A%2F%2Fredirecting3.eu%2F&dt=alerabat.com&en=page_view&_fv=1&_nsi=1&_ss=2&ep.ext_cid=762b157b-8f37-4196-90b7-143679a1ce85
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-5G9HQXFPLH>m=2oe1i0&_p=1888563576&gcs=G100&cid=1696136081.1674328730&ul=en-us&sr=1280x1024&_s=1&sid=1674328729&sct=1&seg=0&dl=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&dr=https%3A%2F%2Fredirecting3.eu%2F&dt=alerabat.com&en=page_view&_fv=1&_nsi=1&_ss=2&ep.ext_cid=762b157b-8f37-4196-90b7-143679a1ce85
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5G9HQXFPLH>m=2oe1i0&_p=1888563576&gcs=G100&cid=1696136081.1674328730&ul=en-us&sr=1280x1024&_s=1&sid=1674328729&sct=1&seg=0&dl=https%3A%2F%2Falerabat.com%2Fextension%2Finstall%3Fsub1%3DmlClick-m5jFqg48%26sub2%3D617500%26sub3%3DMyLead&dr=https%3A%2F%2Fredirecting3.eu%2F&dt=alerabat.com&en=page_view&_fv=1&_nsi=1&_ss=2&ep.ext_cid=762b157b-8f37-4196-90b7-143679a1ce85 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://alerabat.com
date: Sat, 21 Jan 2023 19:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 21 Jan 2023 18:41:07 GMT
expires: Sat, 21 Jan 2023 20:41:07 GMT
cache-control: public, max-age=7200
age: 2265
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.gstatic.com/chrome/webstore/images/icon_48px.png
216.58.207.195200 OK 1.5 kB URL HTTP/2 ssl.gstatic.com/chrome/webstore/images/icon_48px.png
IP 216.58.207.195:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 75d78a3233b5e0672f48247200decdb0
da7e8b9db98a6950d1637b4dd5e098fa2ec3a02a
e136ae509e08ac00fb264cb82cfa1081982ddcf775ee058b201fabbcc59b7c8a
GET /chrome/webstore/images/icon_48px.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1501
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 10:08:46 GMT
expires: Mon, 15 Jan 2024 10:08:46 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/png
age: 551406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.gstatic.com/chrome/webstore/images/icon_144px.png
216.58.207.195200 OK 4.8 kB URL HTTP/2 ssl.gstatic.com/chrome/webstore/images/icon_144px.png
IP 216.58.207.195:0
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 419ad3c10005503ed2392691295b4288
f5e0174886f45c9d8e949904d400b7350c8b8c02
aaa528d6524d57d8f900b5d4ca1814376ac768d1e9a829d514421ae2f481a6df
GET /chrome/webstore/images/icon_144px.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 4800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 04:08:37 GMT
expires: Sun, 21 Jan 2024 04:08:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/png
age: 54615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21700, version 1.0\012- data
Hash 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
68f598c84936c9720c5ffd6685294f5c94000dff
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://chrome.google.com/
Origin: https://chrome.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 19:32:13 GMT
expires: Tue, 16 Jan 2024 19:32:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:43:33 GMT
content-type: font/woff2
age: 431199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
216.58.207.227200 OK 163 kB URL HTTP/2 fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 162924, version 1.0\012- data
Size 163 kB (162924 bytes)
Hash 7f2e1b48b71ec58fda4539018a2f56cc
507bf81f52fa8c99bf2c5c8bd59a981899ca9995
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
GET /s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://chrome.google.com/
Origin: https://chrome.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 162924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 16:07:41 GMT
expires: Tue, 16 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Aug 2022 00:15:09 GMT
content-type: font/woff2
age: 443471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15456, version 1.0\012- data
Hash ef07862e819cad83cb08b19c20edf250
01e4e905f07683348af5aba82699bdd163dff6ad
7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1
GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://chrome.google.com/
Origin: https://chrome.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 00:55:37 GMT
expires: Mon, 15 Jan 2024 00:55:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:43:20 GMT
content-type: font/woff2
age: 584595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21464, version 1.0\012- data
Hash 923a543cc619ea568f91b723d9fb1ef0
6f4ade25559645c741d7327c6e16521e43d7e1f9
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://chrome.google.com/
Origin: https://chrome.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 13:28:31 GMT
expires: Tue, 16 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
content-type: font/woff2
age: 453021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50bbck.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50bbck.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11116, version 1.0\012- data
Hash bd3f4738f3328d1d58f327638b826cc3
def9403ffdc3aaf731fbdb32afa2602c6f579abb
b27330a80a9fca4414a26311c0f104e0c30344ee03109ad413c39b520f36544e
GET /s/opensans/v15/mem8YaGs126MiZpBA-UFW50bbck.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://chrome.google.com/
Origin: https://chrome.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 18:35:25 GMT
expires: Mon, 15 Jan 2024 18:35:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:40 GMT
content-type: font/woff2
age: 521007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0dd6dc6c57d5e3f54edb2ab5b5eb4dda
a248bc080e883e856c3eae582406a95462e04b0d
62e914131b4846fb36127e326b68231fb1e02cd3c865ce6d2b00dcdfc610fc8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/client.js
142.250.74.46200 OK 6.9 kB URL HTTP/2 apis.google.com/js/client.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (2054)
Hash 7483d9ef99d2b6efb03e9d5919e3a432
2605e066795b74daa9d7b084714c6bc891c15357
eb6215774725b8849c5a21f469167f86095ffc2dd365ad43eb535d8e7c49013e
GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883; NID=511=cFZb4nluWFmFtya_1023fmeyRxLa2RyFZtNycOWgvmtPAKMvyoZLilc7my-8ZsGICtmuUZo4VIGMH6QnPnkUS69-YfT1-8vlbYxcOdqVsB8sSqb5RAxfbsDkeHwcoxHIKyWN85uz2llbFpf56IFU1Poec26368U6LVBYtT0RrC4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6896
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sat, 21 Jan 2023 19:18:52 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "448a241b93f6677d"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=148010202&tm=gtm002&Ver=2&mid=d941e3d0-8a3c-4330-8c38-4ef8cc264230&sid=6f7cffb099c011edbab1b33375386f7b&vid=6f7d09a099c011ed92970b0703645947&vids=1&msclkid=N&evt=pageHide
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=148010202&tm=gtm002&Ver=2&mid=d941e3d0-8a3c-4330-8c38-4ef8cc264230&sid=6f7cffb099c011edbab1b33375386f7b&vid=6f7d09a099c011ed92970b0703645947&vids=1&msclkid=N&evt=pageHide
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=148010202&tm=gtm002&Ver=2&mid=d941e3d0-8a3c-4330-8c38-4ef8cc264230&sid=6f7cffb099c011edbab1b33375386f7b&vid=6f7d09a099c011ed92970b0703645947&vids=1&msclkid=N&evt=pageHide HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0A071A1C7DD06E5919F608BC7C256F51; domain=.bing.com; expires=Thu, 15-Feb-2024 19:18:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8DAC1D0351C74D518B1DD06021C1639E Ref B: OSL30EDGE0114 Ref C: 2023-01-21T19:18:52Z
date: Sat, 21 Jan 2023 19:18:51 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4436568-7&cid=1200443437.1674328731&jid=314124523&_v=5.7.2&z=161195054
108.177.14.155200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4436568-7&cid=1200443437.1674328731&jid=314124523&_v=5.7.2&z=161195054
IP 108.177.14.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4436568-7&cid=1200443437.1674328731&jid=314124523&_v=5.7.2&z=161195054 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 19:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b6b06a47d5f35483956c51ae6b96af06
e49f5f703895b470f0afafe0d2182f0f49383b2c
b14f34188f8acb034cc830f2fb93521063d1089be92f0fac7b3e306d54ea8944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1d497e2648111e44540f16f2e308d48d
7ac7e9c0b63e8c182d21663337a7287b4875d0ea
0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dd2abef7a2307c54b17e46b852a3c6f8
829e9878879ffc0702a014529fd3885ae02886c8
b2dc90c56e6c9fe79ccc4e2b0d84a355dd5815b7231b3e34b08d0bb35cbe6351
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1d497e2648111e44540f16f2e308d48d
7ac7e9c0b63e8c182d21663337a7287b4875d0ea
0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/LW8PapEW4M1RlzdmooGmE71WwTchojjGn2tkyssvwlca4ogrFBo1IRMxn3Usqy27VomZh6c3Hi_Q0mCQ-Rlc8ceUog=w128-h128-e365-rj-sc0x00ffffff
142.250.74.97200 OK 3.9 kB URL HTTP/2 lh3.googleusercontent.com/LW8PapEW4M1RlzdmooGmE71WwTchojjGn2tkyssvwlca4ogrFBo1IRMxn3Usqy27VomZh6c3Hi_Q0mCQ-Rlc8ceUog=w128-h128-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 42984df8ebbe56f5d7ee13891635016d
69128328ce07d436b9fbba925ffa15739c5c849e
7d5b0f0c2c413658e91016258e3f2ca327ef8e3133aa2d350b9dbc10d6afdd2f
GET /LW8PapEW4M1RlzdmooGmE71WwTchojjGn2tkyssvwlca4ogrFBo1IRMxn3Usqy27VomZh6c3Hi_Q0mCQ-Rlc8ceUog=w128-h128-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3887
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Mon, 15 Jan 2024 20:14:49 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/5Ls2h_cXmGo/default.jpg
142.250.74.182200 OK 3.1 kB URL HTTP/2 i.ytimg.com/vi/5Ls2h_cXmGo/default.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash b37db31d6b5193a819229765caecc012
969aee87b1b639832eef2e26fb42dec8b3220f0f
999b7f6024e4ba28d5dd080345ba7df6da65ef0d1eb1472d3b8b0c56655fa71f
GET /vi/5Ls2h_cXmGo/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 3127
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sat, 21 Jan 2023 21:18:52 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/5Ls2h_cXmGo/hqdefault.jpg
142.250.74.182200 OK 14 kB URL HTTP/2 i.ytimg.com/vi/5Ls2h_cXmGo/hqdefault.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 4b8e9d45cce880db3fb73b83d2777b99
c16f8ce736757b975f0cdadfe2176b858d4ded20
6447db2d2b54af6302dbfc4ca8f45227e3d2dd877d539aa9fe4dd8b0d9a68489
GET /vi/5Ls2h_cXmGo/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 14121
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sat, 21 Jan 2023 21:18:52 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
scone-pa.clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__
142.250.74.170200 OK 288 B URL HTTP/2 scone-pa.clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cc506d083ab8099cad9b5bc3fbba1caf
b9b1fc9a7b30079717f1980c558d98d018efefd7
110e8b6e77e85aafe1fd356a3f1b22d69ad5a60d7a8eab97f5984111ed3dbc29
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__ HTTP/1.1
Host: scone-pa.clients6.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883; NID=511=cFZb4nluWFmFtya_1023fmeyRxLa2RyFZtNycOWgvmtPAKMvyoZLilc7my-8ZsGICtmuUZo4VIGMH6QnPnkUS69-YfT1-8vlbYxcOdqVsB8sSqb5RAxfbsDkeHwcoxHIKyWN85uz2llbFpf56IFU1Poec26368U6LVBYtT0RrC4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-pHGt1kVmcJOOA2pAOAc5FQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/xd3cpp/2, require-trusted-types-for 'script'
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp; report-to="gapi"
report-to: {"group":"gapi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi"}]}
content-encoding: gzip
date: Sat, 21 Jan 2023 19:18:52 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 288
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/96Clj3cefiSoKLVOG8wGhTgeoFhpZXdcEJrhUQJiQOf7f20N9RfJl-B30vjKnA3LG-MahDMJ_9v9IXcdmjaPpp06tVw=w640-h400-e365-rj-sc0x00ffffff
142.250.74.97200 OK 56 kB URL HTTP/2 lh3.googleusercontent.com/96Clj3cefiSoKLVOG8wGhTgeoFhpZXdcEJrhUQJiQOf7f20N9RfJl-B30vjKnA3LG-MahDMJ_9v9IXcdmjaPpp06tVw=w640-h400-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x400, components 3\012- data
Hash 4d7695f53b2814899008aa88a2b647c9
9cef208bae26132e5952a0863bfa58ac400e3a64
8a953b1bab9e9edcc7d5c43722ebc6311926551452798490353066862f517b0d
GET /96Clj3cefiSoKLVOG8wGhTgeoFhpZXdcEJrhUQJiQOf7f20N9RfJl-B30vjKnA3LG-MahDMJ_9v9IXcdmjaPpp06tVw=w640-h400-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 56105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/fbU2C-OjsnBRceO4cIbdmbqc1X8T7JjurFD0ywnmtrSjDjMUg8SlK1kRUU7QHelAN8jzIg-yl687Ia7ffiRBUtft=w640-h400-e365-rj-sc0x00ffffff
142.250.74.97200 OK 55 kB URL HTTP/2 lh3.googleusercontent.com/fbU2C-OjsnBRceO4cIbdmbqc1X8T7JjurFD0ywnmtrSjDjMUg8SlK1kRUU7QHelAN8jzIg-yl687Ia7ffiRBUtft=w640-h400-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x400, components 3\012- data
Hash 9b810fb9aefac5ccf81b985b8dde02ad
ea187ce91a2b7e06ab40fcb627e11fd803b645ec
d1a8d90da419660c1085c7e30b6f93fe1d71c7992505247680ee6d8fe24866f1
GET /fbU2C-OjsnBRceO4cIbdmbqc1X8T7JjurFD0ywnmtrSjDjMUg8SlK1kRUU7QHelAN8jzIg-yl687Ia7ffiRBUtft=w640-h400-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 54954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/96Clj3cefiSoKLVOG8wGhTgeoFhpZXdcEJrhUQJiQOf7f20N9RfJl-B30vjKnA3LG-MahDMJ_9v9IXcdmjaPpp06tVw=w120-h90-e365-rj-sc0x00ffffff
142.250.74.97200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/96Clj3cefiSoKLVOG8wGhTgeoFhpZXdcEJrhUQJiQOf7f20N9RfJl-B30vjKnA3LG-MahDMJ_9v9IXcdmjaPpp06tVw=w120-h90-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x75, components 3\012- data
Hash 6cd3da9f098f2734eeca54a0e6029ff3
393ce354a5654d2b2fad9565112316d50f234cff
9b45d5b10aa63e0ca2477384007ec78907c2b16cfb1caac757e6a2886077256a
GET /96Clj3cefiSoKLVOG8wGhTgeoFhpZXdcEJrhUQJiQOf7f20N9RfJl-B30vjKnA3LG-MahDMJ_9v9IXcdmjaPpp06tVw=w120-h90-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4503
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sun, 14 Jan 2024 18:45:44 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/fbU2C-OjsnBRceO4cIbdmbqc1X8T7JjurFD0ywnmtrSjDjMUg8SlK1kRUU7QHelAN8jzIg-yl687Ia7ffiRBUtft=w120-h90-e365-rj-sc0x00ffffff
142.250.74.97200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/fbU2C-OjsnBRceO4cIbdmbqc1X8T7JjurFD0ywnmtrSjDjMUg8SlK1kRUU7QHelAN8jzIg-yl687Ia7ffiRBUtft=w120-h90-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x75, components 3\012- data
Hash efa3d92cef8b580a7c8e9eb00b21e52f
3d65eacb6d81438775d3f66f2f40e6c059d993c0
3376dab9f4d23b197972ce48adfa8046ec4651ccee7475109b22ec318d065488
GET /fbU2C-OjsnBRceO4cIbdmbqc1X8T7JjurFD0ywnmtrSjDjMUg8SlK1kRUU7QHelAN8jzIg-yl687Ia7ffiRBUtft=w120-h90-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4641
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 09:07:34 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/f48j0XOimn6MCS9i2xAsYGLfYzTI2_C5Z8UNRWM-Uqn-ruQCOubwL2eCjITdh0lj5-WSIPxx1mwTmVpBfVtIXUqmyOs=w640-h400-e365-rj-sc0x00ffffff
142.250.74.97200 OK 55 kB URL HTTP/2 lh3.googleusercontent.com/f48j0XOimn6MCS9i2xAsYGLfYzTI2_C5Z8UNRWM-Uqn-ruQCOubwL2eCjITdh0lj5-WSIPxx1mwTmVpBfVtIXUqmyOs=w640-h400-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x400, components 3\012- data
Hash 643b655b8879cdde67ae6c7111653f03
447d7dd301ad393ed9abf2cc3a9fe47dcdc992f2
0678402e6a96a317c29981b32aa3abd9dc851b8fff3fe95f67e9df180f5a3b47
GET /f48j0XOimn6MCS9i2xAsYGLfYzTI2_C5Z8UNRWM-Uqn-ruQCOubwL2eCjITdh0lj5-WSIPxx1mwTmVpBfVtIXUqmyOs=w640-h400-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 55353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/7UewDyu5u10a8A1DqEr1eL20WHaUW567t7TkZEg-ZETLDfo0qQx5l1co--rxV_eLOC-hAN-eTQbGLGSGSrtqY22PiA=w640-h400-e365-rj-sc0x00ffffff
142.250.74.97200 OK 47 kB URL HTTP/2 lh3.googleusercontent.com/7UewDyu5u10a8A1DqEr1eL20WHaUW567t7TkZEg-ZETLDfo0qQx5l1co--rxV_eLOC-hAN-eTQbGLGSGSrtqY22PiA=w640-h400-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x400, components 3\012- data
Hash d14df2bc37ce9759d1971332d8ed2cb7
1141d83f0fd6c69c7d925eeb3acbff34a4b3a543
d0af33fbc36bb9a9578b9bba235b7228a34b0fd39bc2b790747084d1de69480d
GET /7UewDyu5u10a8A1DqEr1eL20WHaUW567t7TkZEg-ZETLDfo0qQx5l1co--rxV_eLOC-hAN-eTQbGLGSGSrtqY22PiA=w640-h400-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 46551
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 09:07:34 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/7UewDyu5u10a8A1DqEr1eL20WHaUW567t7TkZEg-ZETLDfo0qQx5l1co--rxV_eLOC-hAN-eTQbGLGSGSrtqY22PiA=w120-h90-e365-rj-sc0x00ffffff
142.250.74.97200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/7UewDyu5u10a8A1DqEr1eL20WHaUW567t7TkZEg-ZETLDfo0qQx5l1co--rxV_eLOC-hAN-eTQbGLGSGSrtqY22PiA=w120-h90-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x75, components 3\012- data
Hash e61f45cd719cb81831322bfd46a8d340
abf8cce067fc8386393bf00f020346d59a584b34
491bac84a3126c082d9158c4841647591c504bb024eb75981e0042cae866c8ae
GET /7UewDyu5u10a8A1DqEr1eL20WHaUW567t7TkZEg-ZETLDfo0qQx5l1co--rxV_eLOC-hAN-eTQbGLGSGSrtqY22PiA=w120-h90-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 4305
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/0fBpntVsQ19kFutUVPOpd7gMSc7kLXfDWxDa3Ef1Hl9p9iTH0FLeC-QHtHvidDKZY9av-qC5EBC3WpZT8rXEJKrP=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/0fBpntVsQ19kFutUVPOpd7gMSc7kLXfDWxDa3Ef1Hl9p9iTH0FLeC-QHtHvidDKZY9av-qC5EBC3WpZT8rXEJKrP=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f4972bfe68ccaa0c72be974b06d16275
52d6f26d9fd1d25a88bf167338bdc6c648b1075e
5a9f09bd7f3c03f0494b53827479ce1e41a7e81f40734f939723717a2f4a9745
GET /0fBpntVsQ19kFutUVPOpd7gMSc7kLXfDWxDa3Ef1Hl9p9iTH0FLeC-QHtHvidDKZY9av-qC5EBC3WpZT8rXEJKrP=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2204
x-xss-protection: 0
date: Sat, 21 Jan 2023 18:50:24 GMT
expires: Tue, 16 Jan 2024 18:09:09 GMT
cache-control: public, max-age=31536000, no-transform
age: 1708
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/f48j0XOimn6MCS9i2xAsYGLfYzTI2_C5Z8UNRWM-Uqn-ruQCOubwL2eCjITdh0lj5-WSIPxx1mwTmVpBfVtIXUqmyOs=w120-h90-e365-rj-sc0x00ffffff
142.250.74.97200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/f48j0XOimn6MCS9i2xAsYGLfYzTI2_C5Z8UNRWM-Uqn-ruQCOubwL2eCjITdh0lj5-WSIPxx1mwTmVpBfVtIXUqmyOs=w120-h90-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x75, components 3\012- data
Hash 1ce8bfdcad41850a2c9633a290fd6131
f807b647448cfe30bfa79b2e8e8dfa9cdfdde3c3
a2c0c0ca3e116130322c46b6f807560d346eaadf47afe98f72b10f534e7d13ac
GET /f48j0XOimn6MCS9i2xAsYGLfYzTI2_C5Z8UNRWM-Uqn-ruQCOubwL2eCjITdh0lj5-WSIPxx1mwTmVpBfVtIXUqmyOs=w120-h90-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 4606
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/sv94ky7FBjmdNtx6e6ZbuhvLLndetQPtJGsNozRFfSdh9cL5l3EBs_JobvShjBxxcN8gmOFjy-DIZuLHqRSUWESu4w=w700-h280-e365-rj-sc0x00ffffff
142.250.74.97200 OK 25 kB URL HTTP/2 lh3.googleusercontent.com/sv94ky7FBjmdNtx6e6ZbuhvLLndetQPtJGsNozRFfSdh9cL5l3EBs_JobvShjBxxcN8gmOFjy-DIZuLHqRSUWESu4w=w700-h280-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x280, components 3\012- data
Hash f7e2af1e19f6abb9306362c78a5b8102
33d7c8cbcc973e56ef73a337838bc3f4b6ddc5f8
c4e688005527e4f34ac8462074789e53197b43cfe6531b0aa19ec5fe4f826c40
GET /sv94ky7FBjmdNtx6e6ZbuhvLLndetQPtJGsNozRFfSdh9cL5l3EBs_JobvShjBxxcN8gmOFjy-DIZuLHqRSUWESu4w=w700-h280-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 24895
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Tue, 16 Jan 2024 19:18:45 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/hyQKODXZsWHKt24juEhfUXECfGswgwJ0qYEwotBWsYcSd2rfJgqTTCb6w2KphOZbYSDkKn5RDp1FXOa6umnO5Gag7g=w700-h280-e365-rj-sc0x00ffffff
142.250.74.97200 OK 35 kB URL HTTP/2 lh3.googleusercontent.com/hyQKODXZsWHKt24juEhfUXECfGswgwJ0qYEwotBWsYcSd2rfJgqTTCb6w2KphOZbYSDkKn5RDp1FXOa6umnO5Gag7g=w700-h280-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x280, components 3\012- data
Hash f2ddcf159db7c3f2ffc9ce4b4164a178
1a88c821b35b61aba955f45e80bb83094e6ce9bc
d07148564eab10b9de0efe9c9209132a13272ed55345db1f9e9e8bede4e77eb4
GET /hyQKODXZsWHKt24juEhfUXECfGswgwJ0qYEwotBWsYcSd2rfJgqTTCb6w2KphOZbYSDkKn5RDp1FXOa6umnO5Gag7g=w700-h280-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 35311
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Tue, 16 Jan 2024 21:06:10 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/yUW8Dh3Yqz_1POUparQsjwTSwyH-ogdpMh8azwgQS17AGCsHgCsUiAH310ZlM7ltWnc4J1AAg3DKhu_NWwp_RLc9=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/yUW8Dh3Yqz_1POUparQsjwTSwyH-ogdpMh8azwgQS17AGCsHgCsUiAH310ZlM7ltWnc4J1AAg3DKhu_NWwp_RLc9=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 5464619a7fff3f6ccbd549acb5c5ea03
de0fd8d8e007caec1aea06f8e72ac27af7c67981
946011dd9fe918df67624d632e224e703e48fea12a3ff9b46f2e8e12f4e5f497
GET /yUW8Dh3Yqz_1POUparQsjwTSwyH-ogdpMh8azwgQS17AGCsHgCsUiAH310ZlM7ltWnc4J1AAg3DKhu_NWwp_RLc9=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2138
x-xss-protection: 0
date: Sat, 21 Jan 2023 17:46:40 GMT
expires: Sun, 14 Jan 2024 06:00:42 GMT
cache-control: public, max-age=31536000, no-transform
age: 5532
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/M3UuJnPd704b7tAEHpYvt2q9n58UAcsTKA12MuDt35DmH304vJD-3nz34eJo4S1Z4KwkHjyZE5Ig7pWGDR4SmQW1cA=w700-h280-e365-rj-sc0x00ffffff
142.250.74.97200 OK 61 kB URL HTTP/2 lh3.googleusercontent.com/M3UuJnPd704b7tAEHpYvt2q9n58UAcsTKA12MuDt35DmH304vJD-3nz34eJo4S1Z4KwkHjyZE5Ig7pWGDR4SmQW1cA=w700-h280-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x280, components 3\012- data
Hash 481455fba090a3a22befe090b930a14b
c85fdc2806d1d469148ee40d115151da73848b51
6fa4b740c2f5c20f7503b7ec18c180207a5459e5503a49b5d1be68cea3c4736b
GET /M3UuJnPd704b7tAEHpYvt2q9n58UAcsTKA12MuDt35DmH304vJD-3nz34eJo4S1Z4KwkHjyZE5Ig7pWGDR4SmQW1cA=w700-h280-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 60973
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 09:07:34 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/WRJmeQY7Rukp97GFAnGW3qNx9Baq30QarNGDfV7sL0s3sbSre5WBiRTRuOPy4ofmV18YB72e_QyHiPKOATBsp9uIRA=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/WRJmeQY7Rukp97GFAnGW3qNx9Baq30QarNGDfV7sL0s3sbSre5WBiRTRuOPy4ofmV18YB72e_QyHiPKOATBsp9uIRA=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 4afd66caf0232238500f52809a2f37d3
c0e20488aa40fee0b887ed44ebe9c8f0e569d6c9
ec0353a4271756bd1d94fed633fc348a3514e5b3fa02db5ae123d5244ab1769d
GET /WRJmeQY7Rukp97GFAnGW3qNx9Baq30QarNGDfV7sL0s3sbSre5WBiRTRuOPy4ofmV18YB72e_QyHiPKOATBsp9uIRA=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2219
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 08:41:08 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-CoXMkJmhrNE1LTncvJdm7YxV6SRGVuHXMaDjEnb29e8Iaoj2LCy77fz2167TFyaSYXcVFZKRk7aucVUBVLJ0XiZgg=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.6 kB URL HTTP/2 lh3.googleusercontent.com/-CoXMkJmhrNE1LTncvJdm7YxV6SRGVuHXMaDjEnb29e8Iaoj2LCy77fz2167TFyaSYXcVFZKRk7aucVUBVLJ0XiZgg=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 2e69438fc7b5394221e85bf977434e59
a48b543a8d473248a58ef153caf3a06254e06208
14b0c827c84561073c8fb601ac13f41169cc4abfe82c55e9c679c39299ae33ce
GET /-CoXMkJmhrNE1LTncvJdm7YxV6SRGVuHXMaDjEnb29e8Iaoj2LCy77fz2167TFyaSYXcVFZKRk7aucVUBVLJ0XiZgg=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1649
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Tue, 16 Jan 2024 20:14:10 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/RP0_yE6kkleprxLNPM5iHP1lk1qSHd5tGvsHV941hHKe3y5Wzy2zO3csFd0ssZT-4p6wfGlMiB_YxaBQWfX_oLMvcA=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/RP0_yE6kkleprxLNPM5iHP1lk1qSHd5tGvsHV941hHKe3y5Wzy2zO3csFd0ssZT-4p6wfGlMiB_YxaBQWfX_oLMvcA=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash e4776aad61e0eb9c93e429a01cb6a087
10bbc54242ecfbf311977907c49aac377650c4ce
8c1abe870314849afa9395260dc98827a5720d76befaad461eb12e2a5be6f7ff
GET /RP0_yE6kkleprxLNPM5iHP1lk1qSHd5tGvsHV941hHKe3y5Wzy2zO3csFd0ssZT-4p6wfGlMiB_YxaBQWfX_oLMvcA=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1252
x-xss-protection: 0
date: Sat, 21 Jan 2023 18:50:53 GMT
expires: Tue, 16 Jan 2024 18:10:42 GMT
cache-control: public, max-age=31536000, no-transform
age: 1679
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/5_GoiOkflWsSHM7DuSfffOgoHkBeoOMNLeeMuc4RZ-4IFiSDwIPJcUcb9vYApPv0uGSoAwRviFtAjJwc_YkdPa4dKSg=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/5_GoiOkflWsSHM7DuSfffOgoHkBeoOMNLeeMuc4RZ-4IFiSDwIPJcUcb9vYApPv0uGSoAwRviFtAjJwc_YkdPa4dKSg=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash da3743d3a5e8d3b4a0843d30c27986d2
280cfa75ba7067d535801761de455cecd06af49c
1dde1dfd0990ecab3d93283cad69d3d024fc7d5fff3a1437d00cab60c1e7b8d7
GET /5_GoiOkflWsSHM7DuSfffOgoHkBeoOMNLeeMuc4RZ-4IFiSDwIPJcUcb9vYApPv0uGSoAwRviFtAjJwc_YkdPa4dKSg=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2691
x-xss-protection: 0
date: Sat, 21 Jan 2023 17:38:11 GMT
expires: Tue, 16 Jan 2024 18:45:49 GMT
cache-control: public, max-age=31536000, no-transform
age: 6041
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/gPK7Y02l1Gln0ESw8mDXFlGq8IJ1Wqau7U1ChX6dC-PbEir0xrGJSE5GN65YxSQYQjXdwNiXzpmVLhGXVVvpzwiH=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.5 kB URL HTTP/2 lh3.googleusercontent.com/gPK7Y02l1Gln0ESw8mDXFlGq8IJ1Wqau7U1ChX6dC-PbEir0xrGJSE5GN65YxSQYQjXdwNiXzpmVLhGXVVvpzwiH=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 3dbbfb41eeb5afc317d570149938a3df
13bd8bb46a4e6fadd3cd696da14a71cc491f1c35
88ba0529bf37ebb1827187bd66fd97aea5b62f9658ee467a9e95248faa07b96f
GET /gPK7Y02l1Gln0ESw8mDXFlGq8IJ1Wqau7U1ChX6dC-PbEir0xrGJSE5GN65YxSQYQjXdwNiXzpmVLhGXVVvpzwiH=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2505
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sat, 20 Jan 2024 08:45:36 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/TJOuBmEYVwM28b7au6JQtqxehI4o_ZcdVWrMD3OaCxe3-c9rw7wtg9ZL80xkbtOx9W3rYqJJ79QDaipGn6uqlfQYK4E=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/TJOuBmEYVwM28b7au6JQtqxehI4o_ZcdVWrMD3OaCxe3-c9rw7wtg9ZL80xkbtOx9W3rYqJJ79QDaipGn6uqlfQYK4E=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash ce7d49ce9a688ad0ec8532a66e37f4b9
fbbbd36c7b76755baa8dde764a85053e7bfabd7d
05d567e3f711a97db67d32d5b47170034325225dcc4ce4bb818b43d76241753b
GET /TJOuBmEYVwM28b7au6JQtqxehI4o_ZcdVWrMD3OaCxe3-c9rw7wtg9ZL80xkbtOx9W3rYqJJ79QDaipGn6uqlfQYK4E=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1548
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 07:20:22 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/WXO45Ekn7JQqDM20SUGSsiCoOhdQ-d8FQvgJdJNv5Xi09FUC5nsaZqhwpJywVtmMb0iNGrOQ-QVb_yCQ7gRr52JR8g=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/WXO45Ekn7JQqDM20SUGSsiCoOhdQ-d8FQvgJdJNv5Xi09FUC5nsaZqhwpJywVtmMb0iNGrOQ-QVb_yCQ7gRr52JR8g=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 67275e2540c4ea249983c8622d78173e
d4b5cef87b3e690b1403457bd9bcd3839cf4ffb5
d0f879477e7eda1ea3f6fe32e7778cddf53bc7135c6494ffd76903e4405bd436
GET /WXO45Ekn7JQqDM20SUGSsiCoOhdQ-d8FQvgJdJNv5Xi09FUC5nsaZqhwpJywVtmMb0iNGrOQ-QVb_yCQ7gRr52JR8g=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1974
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sun, 14 Jan 2024 10:31:53 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/__e-2R_9UgeuW1ogJmDTn_b4Fp8qVzgPs2UtyP3iq72XSjKEulzj9FwQKH6oN1EqkP-yQrb4zwZOrAH7cwZhLwA3=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.5 kB URL HTTP/2 lh3.googleusercontent.com/__e-2R_9UgeuW1ogJmDTn_b4Fp8qVzgPs2UtyP3iq72XSjKEulzj9FwQKH6oN1EqkP-yQrb4zwZOrAH7cwZhLwA3=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 8b23508a5cd92f93fd7ea5260df8e749
f760574c35409da616404b365c7b960c2d74a506
4da59c05c4a17b769a59ca867558554b2e2034c1252a56742b8e83e0fd53b407
GET /__e-2R_9UgeuW1ogJmDTn_b4Fp8qVzgPs2UtyP3iq72XSjKEulzj9FwQKH6oN1EqkP-yQrb4zwZOrAH7cwZhLwA3=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2456
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Tue, 16 Jan 2024 10:45:43 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/eJJIh1NLZEArjl_TeG4LwW1mGF6z7VQCfDKbtuak39h0D8alwWCprIbUN6s_joHZwNow-bzL2x_8xTd7itTQdbymVg=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 856 B URL HTTP/2 lh3.googleusercontent.com/eJJIh1NLZEArjl_TeG4LwW1mGF6z7VQCfDKbtuak39h0D8alwWCprIbUN6s_joHZwNow-bzL2x_8xTd7itTQdbymVg=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f16796f559ea4e69ac7a2c2f711fdc53
5ff1d519375a6146e50c2abc0aa8b5171bf50aee
d710cf5c7b10e5c5dcdcb92d36b6f2270e9915d24278df099f78bd504bada6b9
GET /eJJIh1NLZEArjl_TeG4LwW1mGF6z7VQCfDKbtuak39h0D8alwWCprIbUN6s_joHZwNow-bzL2x_8xTd7itTQdbymVg=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 856
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Tue, 16 Jan 2024 10:45:43 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/GFk2sj9Iqakzq9lIBOfBRwjMe88QBQD35NekGLDexl_mzTZZBaE0U8TyCFJZs8boJ-5ZmvS7ITzjxjia3DXfPweKjCM=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/GFk2sj9Iqakzq9lIBOfBRwjMe88QBQD35NekGLDexl_mzTZZBaE0U8TyCFJZs8boJ-5ZmvS7ITzjxjia3DXfPweKjCM=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f5abc6464cd59ac024e503f9f2b92fa1
cadad5f0fce44abfac72d5e8dd63d612679bb1ed
882e35bfb3acc35e431f6ac81f04227e59b750cb2ef5a8eae7701be2c9a52ba2
GET /GFk2sj9Iqakzq9lIBOfBRwjMe88QBQD35NekGLDexl_mzTZZBaE0U8TyCFJZs8boJ-5ZmvS7ITzjxjia3DXfPweKjCM=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1985
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 09:07:34 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/w0qc52MgeGtTUwSaOCTFtMH6x8kj2ySlaTNQRdtFAoopcDrRgmSFWNPGQiJ4SzpkLu4sIn-GUnE_vtV7boF3Ev7W20w=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/w0qc52MgeGtTUwSaOCTFtMH6x8kj2ySlaTNQRdtFAoopcDrRgmSFWNPGQiJ4SzpkLu4sIn-GUnE_vtV7boF3Ev7W20w=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 504b182fcbe42f0fa4c72a4969f4ace6
72ca2f4ac1811e860435d030cbfc8fbfa2eb34d1
76bb0d0f1803c5325c3f0aa65e07782a0be606d196fc1ef1b9772cde79a8cfcf
GET /w0qc52MgeGtTUwSaOCTFtMH6x8kj2ySlaTNQRdtFAoopcDrRgmSFWNPGQiJ4SzpkLu4sIn-GUnE_vtV7boF3Ev7W20w=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1528
x-xss-protection: 0
date: Sat, 21 Jan 2023 18:36:14 GMT
expires: Mon, 15 Jan 2024 10:37:24 GMT
cache-control: public, max-age=31536000, no-transform
age: 2558
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/081d0241vo_JLjqSdu2jT6iiAxioMpVARKZd6mde4H97-SP03eAO0H3jhmKD48VOPVDjzF1MM8DGli9igOtXGgo4qMY=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/081d0241vo_JLjqSdu2jT6iiAxioMpVARKZd6mde4H97-SP03eAO0H3jhmKD48VOPVDjzF1MM8DGli9igOtXGgo4qMY=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a6602a0401c883ef21ed838b1bca0802
373a7b73d4798caf328fd432a64b7eeaaab1f55f
f7dd954b6320226b32ece9c01d2677f94059ad63fbd323d3583805fc19cbf537
GET /081d0241vo_JLjqSdu2jT6iiAxioMpVARKZd6mde4H97-SP03eAO0H3jhmKD48VOPVDjzF1MM8DGli9igOtXGgo4qMY=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2074
x-xss-protection: 0
date: Sat, 21 Jan 2023 16:58:11 GMT
expires: Tue, 16 Jan 2024 18:43:30 GMT
cache-control: public, max-age=31536000, no-transform
age: 8441
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/iKk2rA_1xE1_Qu7hkFlTROZ-4KOkT_2g2OBF1yVPfzofEqAmK-3L6NGHDtBlpEkpoKe0hg0tJImU1VLdEtagvFeWjro=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/iKk2rA_1xE1_Qu7hkFlTROZ-4KOkT_2g2OBF1yVPfzofEqAmK-3L6NGHDtBlpEkpoKe0hg0tJImU1VLdEtagvFeWjro=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 2029ed7c4d64568bacc8a3b1a620cdfd
be255c9f8a7973bdab07513aa6499f930c392bcd
4166acc2fb9ccf419efe80315c325169a3f47be7c31cfa33118edef3deffa2cc
GET /iKk2rA_1xE1_Qu7hkFlTROZ-4KOkT_2g2OBF1yVPfzofEqAmK-3L6NGHDtBlpEkpoKe0hg0tJImU1VLdEtagvFeWjro=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1684
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Mon, 15 Jan 2024 19:31:00 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/LREIjoFem61rXYhOgiWIrhRb7PkBf2XhEj1qiSB4cRgCDylFABlVydOTlYylrFdugunhWhRW9NAAQf-X1_qyrRFnUg=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/LREIjoFem61rXYhOgiWIrhRb7PkBf2XhEj1qiSB4cRgCDylFABlVydOTlYylrFdugunhWhRW9NAAQf-X1_qyrRFnUg=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 3efafd9175ae38382b5fd8cd4a95425c
cf197ca483fd3d2c91d09925f8ea9cceeefdae95
0d1aad1b4b3ce061a9a3b94fe32ecb520faf92df7f9fd10113617a5bf49fef0c
GET /LREIjoFem61rXYhOgiWIrhRb7PkBf2XhEj1qiSB4cRgCDylFABlVydOTlYylrFdugunhWhRW9NAAQf-X1_qyrRFnUg=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1898
x-xss-protection: 0
date: Sat, 21 Jan 2023 18:44:32 GMT
expires: Sun, 21 Jan 2024 09:55:06 GMT
cache-control: public, max-age=31536000, no-transform
age: 2060
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/Mv1xGzIHD0Gx__XctKSWyFPf1hgoQOE6KN7ogJdMYPiX4n-G6swoJKxm_MDoUzKXjWCH9KvzkTF_bWZjW83ysqRsZA=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/Mv1xGzIHD0Gx__XctKSWyFPf1hgoQOE6KN7ogJdMYPiX4n-G6swoJKxm_MDoUzKXjWCH9KvzkTF_bWZjW83ysqRsZA=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash e83a2b470bf7b89e5d30d5ed6cf834ae
7eb81b04c9400b420ef6398f4753293a9d28c253
e814a8b0bfa6c20ef84956d27917297e1a03d8f45e29121dcb40a3268a1a623e
GET /Mv1xGzIHD0Gx__XctKSWyFPf1hgoQOE6KN7ogJdMYPiX4n-G6swoJKxm_MDoUzKXjWCH9KvzkTF_bWZjW83ysqRsZA=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1300
x-xss-protection: 0
date: Sat, 21 Jan 2023 18:05:31 GMT
expires: Tue, 16 Jan 2024 21:06:10 GMT
cache-control: public, max-age=31536000, no-transform
age: 4401
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/VfgD2Lq9z8TqTvKQXf5BurFR9glSMOCRu9YJMLfuXgtq1I7Z2YqlM48RXXcwH57IZ2_W-ohfGimtDTDDjHDzsEQI=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/VfgD2Lq9z8TqTvKQXf5BurFR9glSMOCRu9YJMLfuXgtq1I7Z2YqlM48RXXcwH57IZ2_W-ohfGimtDTDDjHDzsEQI=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 4b7b295e0beeec1c23ebf45e516e1c8d
daaa1016fb0f631d92969f46adfa091ad6ecae8f
ab5c23b8d602102c8c09d404b83b07145d051afa21f58181374e16caa4810ddf
GET /VfgD2Lq9z8TqTvKQXf5BurFR9glSMOCRu9YJMLfuXgtq1I7Z2YqlM48RXXcwH57IZ2_W-ohfGimtDTDDjHDzsEQI=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2318
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sat, 13 Jan 2024 15:15:23 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/B4OOPYFpSVRygrqKF2yQcM-x4Vh5GB6BmvLVPmAlAiFsWBS_l7E9kAgDnaQEWF8Wa8PbBfjFfb5WFgPaTK0MsihvbA=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/B4OOPYFpSVRygrqKF2yQcM-x4Vh5GB6BmvLVPmAlAiFsWBS_l7E9kAgDnaQEWF8Wa8PbBfjFfb5WFgPaTK0MsihvbA=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 8392a0375ad50f4d17211cca9fbf8071
90bdea46bf4232f5a1d2cea4a26fb141e75331b2
ad143e0941a04f940ce33f356a83fe08908824c86db1b8cf1b9ea8c68c45f9c0
GET /B4OOPYFpSVRygrqKF2yQcM-x4Vh5GB6BmvLVPmAlAiFsWBS_l7E9kAgDnaQEWF8Wa8PbBfjFfb5WFgPaTK0MsihvbA=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 2392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/NhuI7mPJS3ABeSrLDQiFetAx17KIcSFHDnxVaDZJ9MfWf2fbNg0XHEduaYufUwKzF8ALwGJIu9Boua52-RGptfj6=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/NhuI7mPJS3ABeSrLDQiFetAx17KIcSFHDnxVaDZJ9MfWf2fbNg0XHEduaYufUwKzF8ALwGJIu9Boua52-RGptfj6=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 477fc5c688ae5dbbd6cc8db887e869eb
e28b8798bd51e762268e4795a5168c8a662c4dd6
aa7c44d016834fded77d15ebdda586a63e60e2eea58ef0e51a7eb6c9b407c6fe
GET /NhuI7mPJS3ABeSrLDQiFetAx17KIcSFHDnxVaDZJ9MfWf2fbNg0XHEduaYufUwKzF8ALwGJIu9Boua52-RGptfj6=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2364
x-xss-protection: 0
date: Sat, 21 Jan 2023 16:28:42 GMT
expires: Tue, 16 Jan 2024 20:42:02 GMT
cache-control: public, max-age=31536000, no-transform
age: 10210
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 734914122d719ab9651f0bf7a4c1fe2f
6dab619cf1acaa1645caf9658fc31c1ee8530bec
9f81a0f9e79924cbbeb56efd122ad30c1e2097eac0d96ca27435027514c57241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/bkzC2msCJqkGemg0XuCmJtKyXm273lr8IrBSTajYZ6fX7TTgzIVLiasitvTAGXSUyTVXQaO4eKDa0XL77Z-0IFTMrIM=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/bkzC2msCJqkGemg0XuCmJtKyXm273lr8IrBSTajYZ6fX7TTgzIVLiasitvTAGXSUyTVXQaO4eKDa0XL77Z-0IFTMrIM=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
Hash 68f0fb96ab1385bd0d2ba1e155b0d06b
cfba3efbe066962660ffca509adcdc0761786360
9d31d596f5d70ef7e6db8470fc767712047d5b588c241a0ab25767a751b18f20
GET /bkzC2msCJqkGemg0XuCmJtKyXm273lr8IrBSTajYZ6fX7TTgzIVLiasitvTAGXSUyTVXQaO4eKDa0XL77Z-0IFTMrIM=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2062
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Sat, 13 Jan 2024 15:15:23 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/4TAs3stCJHZCRZCyZQIUSR_vjNwmG9wyGpkLSXEyXxIoIwJXQ8qGylP1R8KP2L098MrIlz9G5R5elUVEtatpqVhbSw=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 944 B URL HTTP/2 lh3.googleusercontent.com/4TAs3stCJHZCRZCyZQIUSR_vjNwmG9wyGpkLSXEyXxIoIwJXQ8qGylP1R8KP2L098MrIlz9G5R5elUVEtatpqVhbSw=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash d35e77de05d57b197549d656a22776d2
7534bdd64b149b3ec6f43a577f08515521334012
084715f0d56a79542f77b37c5d11d3db21b837ce930dd823d4e67a4eb19afca1
GET /4TAs3stCJHZCRZCyZQIUSR_vjNwmG9wyGpkLSXEyXxIoIwJXQ8qGylP1R8KP2L098MrIlz9G5R5elUVEtatpqVhbSw=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 21 Jan 2024 19:18:52 GMT
cache-control: public, max-age=31536000, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 19:18:52 GMT
server: fife
content-length: 944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/vw0GQEAd3lir1Sb0DIkGmctrF3Ju6yauOSi-BJDG4dOJcUIDuU78wJROAA_RGPkf6mlsIIgbva7AHTzK_yjlKcXXOtg=w50-h50-e365-rj-sc0x00ffffff
142.250.74.97200 OK 1.6 kB URL HTTP/2 lh3.googleusercontent.com/vw0GQEAd3lir1Sb0DIkGmctrF3Ju6yauOSi-BJDG4dOJcUIDuU78wJROAA_RGPkf6mlsIIgbva7AHTzK_yjlKcXXOtg=w50-h50-e365-rj-sc0x00ffffff
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f68251aa3475b40fa033cd8f57d3a08c
65427352594ddfdc072d907245a7fcbefc5d4d26
9e86b06e44d6f4f9d99535d702030d226a0059a84371ea7204a7a46b4c7b431a
GET /vw0GQEAd3lir1Sb0DIkGmctrF3Ju6yauOSi-BJDG4dOJcUIDuU78wJROAA_RGPkf6mlsIIgbva7AHTzK_yjlKcXXOtg=w50-h50-e365-rj-sc0x00ffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chrome.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1558
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:52 GMT
expires: Wed, 17 Jan 2024 09:07:34 GMT
cache-control: public, max-age=31536000, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dde33554805ccfe323040b91d1f01ec0
e6d8df903c2eaebe80f9ac1c8d302305f5aad023
ffd4492975db65290c140c948367c2db203019f837bb455033d71c87b880a4cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1d497e2648111e44540f16f2e308d48d
7ac7e9c0b63e8c182d21663337a7287b4875d0ea
0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 17f5ba39b1f66e39ad760d8e85018d79
7f21e8b294282191409297adeaace6be817f39f3
3a1bab6643c631b02d842788328cf1417059c4beb1b274e684253c7201ee18d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 4.6 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
File type gzip compressed data, max compression\012- data
Hash 55f78053ba3213a5cef97338571237bd
9112789334279eda15a44a418e2aff935803adcf
c9a2a3345a409bc12ad4b1d7b8a89ceb94c358936a8daf901b60ce63d3081696
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 21 Jan 2023 19:18:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:17:34 GMT
expires: Sat, 21 Jan 2023 19:32:34 GMT
cache-control: public, max-age=900
age: 80
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 17f5ba39b1f66e39ad760d8e85018d79
7f21e8b294282191409297adeaace6be817f39f3
3a1bab6643c631b02d842788328cf1417059c4beb1b274e684253c7201ee18d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 45 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type gzip compressed data, max compression\012- data
Hash c47547552ca6a6840a7a90e0a9fb61f8
23a22da61ef9a28213365854a62c52ce583e4d4e
88e3bdd6c821e5e37589f0f1432d13d6fc0296f44155342bd2ce68027a05b8f5
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 21 Jan 2023 19:18:54 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash bf0c2d7c08670f1373fdf8cc2695c94f
1591fe0eae8c1c837365eb76947344aaeb06a39e
3ab6d179e80e18b0400859a98c4a88a901c832bdb4dcdef1273d1489877fda26
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 21 Jan 2023 19:18:54 GMT
server: ESF
cache-control: private
content-length: 31283
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
216.58.207.228200 OK 14 kB URL HTTP/2 www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (36392)
Hash 224f0c569b57002328a0d93922ad4f85
49f653f477e53d804034c7daf3f6ff850693ea48
367eb30e42b960d0cf60b3bd0f2dd41b61101f15285358dffeb2309b428533a0
GET /js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: NID=511=cFZb4nluWFmFtya_1023fmeyRxLa2RyFZtNycOWgvmtPAKMvyoZLilc7my-8ZsGICtmuUZo4VIGMH6QnPnkUS69-YfT1-8vlbYxcOdqVsB8sSqb5RAxfbsDkeHwcoxHIKyWN85uz2llbFpf56IFU1Poec26368U6LVBYtT0RrC4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14417
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 05:49:32 GMT
expires: Tue, 16 Jan 2024 05:49:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 480562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9e066b3db92de7fd43cabf02f6b08672
c11a2085fd79db8017ca3dd86d2fb7fc3abb50a6
5104ef2e30a9ebdebf5ff09f9d44f4e950613469b6aa8802295891925c965769
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 21 Jan 2023 19:18:54 GMT
server: ESF
cache-control: private
content-length: 31276
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/-WgxN2qkbPQNq2pRJcOZ-qACHe8R4uEjQtaT4ya7qg9JH9UZJ15Wuy69Z0sGYBFJ5kaRLm9sVA=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.1 kB URL HTTP/2 yt3.ggpht.com/-WgxN2qkbPQNq2pRJcOZ-qACHe8R4uEjQtaT4ya7qg9JH9UZJ15Wuy69Z0sGYBFJ5kaRLm9sVA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 987cd60aba57070c41ef3757aa4cbcb8
aeaa8f2fd918a1dc2099f24dd35025dba33394e3
ee2e7f759e33b22e06a7534e99336e92e4ef7f53aaeaf3a5bfea49d940b477f6
GET /-WgxN2qkbPQNq2pRJcOZ-qACHe8R4uEjQtaT4ya7qg9JH9UZJ15Wuy69Z0sGYBFJ5kaRLm9sVA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4062
x-xss-protection: 0
date: Sat, 21 Jan 2023 19:18:54 GMT
expires: Tue, 17 Jan 2023 10:45:44 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 19:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 21 Jan 2023 19:18:54 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b45bb6407fef72240087ddfd486bac18
026cb47041928f4bb3ecc5de005b156911de28a6
813af7d68ab165c0d9109b058bbb26ae6c0d53201ac17f6a250a904a6af65940
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1128
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 21 Jan 2023 19:18:54 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9412645314358f39ba117ab5eb295b21
869b3de82bc0d40238c2d58584becbb2ac3a4231
f949be1125f873af11b77377feb6e40ee77b44a4703a2dabce4c0ed4ebe96f10
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1187
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 21 Jan 2023 19:18:54 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
redirecting3.eu/p/18NL/K4i8/988g
188.114.97.1200 OK 0 B URL HTTP/2 redirecting3.eu/p/18NL/K4i8/988g
IP 188.114.97.1:0
Analyzer Verdict Alert fortinet Phishing
GET /p/18NL/K4i8/988g HTTP/1.1
Host: redirecting3.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 21 Jan 2023 19:18:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, private
x-robots-tag: noindex, nofollow
set-cookie: df16c081c25306654a0efb89b8761a08=df16c081c25306654a0efb89b8761a08; expires=Sun, 21-Jan-2024 19:18:49 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajZNGF4%2B0XcDFcbSAiyIfxwlmni6EfjJ6nkT9TYFGgWpQVgET%2Fv2QMkA457DPBhCDqwiY9lYTjXlLZKQgCPbRkL8uy2JB%2BpuO5o5QhobIl4U%2Bpv2aMwp6kD9IGtMQymig%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d265dcbade0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn3l.ink/app.js
54.230.111.39200 OK 0 B IP 54.230.111.39:0
GET /app.js HTTP/1.1
Host: cdn3l.ink
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 21:19:30 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 20 Jan 2023 21:19:47 GMT
cache-control: public, max-age=3600
etag: W/"b4646474ceb3860758d88cbffe986e95"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: woyrns7gXj00tN8q8-EXCjC5gTtHaDgxbTOS06oZN7FbsAU4DdtQ3g==
age: 79144
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
capture-api.ap3prod.com/-/widgets/get
3.136.152.32200 OK 0 B URL HTTP/2 capture-api.ap3prod.com/-/widgets/get
IP 3.136.152.32:0
POST /-/widgets/get HTTP/1.1
Host: capture-api.ap3prod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 186
Origin: https://alerabat.com
Connection: keep-alive
Referer: https://alerabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 19:18:51 GMT
content-type: application/json
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://alerabat.com
allow: GET, POST, PUT, DELETE, OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Accept-Encoding
x-version: master-2301200639-3678-8e4af60
X-Firefox-Spdy: h2
chrome.google.com/webstore/detail/alerabatcom-kupony-i-cash/dacdinoicboceafielngnmjjplncljhj?utm_source=MyLead&utm_medium=CPA&utm_campaign=617500&utm_term=mlClick-m5jFqg48&hl=pl
142.250.74.174200 OK 0 B URL HTTP/2 chrome.google.com/webstore/detail/alerabatcom-kupony-i-cash/dacdinoicboceafielngnmjjplncljhj?utm_source=MyLead&utm_medium=CPA&utm_campaign=617500&utm_term=mlClick-m5jFqg48&hl=pl
IP 142.250.74.174:0
GET /webstore/detail/alerabatcom-kupony-i-cash/dacdinoicboceafielngnmjjplncljhj?utm_source=MyLead&utm_medium=CPA&utm_campaign=617500&utm_term=mlClick-m5jFqg48&hl=pl HTTP/1.1
Host: chrome.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alerabat.com/
Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, User-Agent
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 21 Jan 2023 19:18:51 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"coop_chromewebstore","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chromewebstore"}]}
content-security-policy: script-src 'nonce-AawTY7Rw0LKo3YCBk_TLkg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';worker-src 'self';report-uri /webstore/cspreport, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/chromewebstore/2
cross-origin-opener-policy: unsafe-none; report-to="coop_chromewebstore"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=cFZb4nluWFmFtya_1023fmeyRxLa2RyFZtNycOWgvmtPAKMvyoZLilc7my-8ZsGICtmuUZo4VIGMH6QnPnkUS69-YfT1-8vlbYxcOdqVsB8sSqb5RAxfbsDkeHwcoxHIKyWN85uz2llbFpf56IFU1Poec26368U6LVBYtT0RrC4; expires=Sun, 23-Jul-2023 19:18:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2