cy1.sabadosnegros.org/Auf-ein-Tattoo-vorbereiten-2073
104.21.33.147301 Moved Permanently 0 B URL HTTP/1.1 cy1.sabadosnegros.org/Auf-ein-Tattoo-vorbereiten-2073
IP 104.21.33.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Auf-ein-Tattoo-vorbereiten-2073 HTTP/1.1
Host: cy1.sabadosnegros.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 18:56:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 19:56:31 GMT
Location: https://cy1.sabadosnegros.org/Auf-ein-Tattoo-vorbereiten-2073
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6Q%2FVvOt6t1kZXBEISdIhnqHNF5aa9uAWsUrlGdbJfQU6G%2Fd1X0Vcp6J5CzRIZvqfv2302ElJgwEC1XEe0KcYYJGYT%2B4AqNpEsIdmsq1NMeFgEr1CY6yjKWNtIm0Xiq0yCpNK6VMCpk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471aa335f6f1c02-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 18:04:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g-2uJWe9ab0Azwh6ePyvWNwmzRY47AhaXUrnLv4Zhw3jfdElpU21QA==
Age: 3107
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7370
Expires: Wed, 07 Sep 2022 20:59:21 GMT
Date: Wed, 07 Sep 2022 18:56:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cOH5b6aXoVfXuKMPrhVO9gRU_3laxOANWjwNB1jNeAQxJj79V6xEiQ==
age: 54597
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
151.101.85.229200 OK 1.3 kB URL HTTP/2 cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (1460)
Hash 8786cd8041431d860694eed4e4df5493
ad176b25138137c05527a1a93f9b1d2bd9819bb6
2f1ab64452cbd8b4a75b5f778aaadd7f8a9c194ef48c5e2e9132393b68d21a85
GET /npm/cookieconsent@3/build/cookieconsent.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.1.1
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:31 GMT
age: 21544
x-served-by: cache-fra19128-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1299
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.6 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash af385ebd737068e6a2d823cfd72976a9
18cf9a57c0d84fc7409dc367567bcaeca0e4261b
022a9726286ee3ac68e7b574e6814d4a9b949d20e840fc48ecf02bae8f2e8ed3
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8024784C24C14195FB929C6D4BEEA5460C488FCA"
Expires: Thu, 08 Sep 2022 05:00:00 GMT
Last-Modified: Wed, 07 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2366
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471aa36b9841bfe-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d807fb0396ab013224b0d16ff43150ef
60676b6724cb1f7f9b01232bb61b24299e241813
4ee428c8579ce4be4deb2d80dad4df18fa4580788cf41e0e5844daef7b5cb7ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EE428C8579CE4BE4DEB2D80DAD4DF18FA4580788CF41E0E5844DAEF7B5CB7EE"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7807
Expires: Wed, 07 Sep 2022 21:06:38 GMT
Date: Wed, 07 Sep 2022 18:56:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 48 kB IP 142.250.74.3:0
Hash 9e48cfe30043ea1ec9d5874a0111d2af
df5d19a26a197ccd57037282099b87d3935af9e9
0c794fa063b3c0c85d0a1c08b9e4ee3977c219faef950d7c4e6d46c86f5dda46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 368674
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 18:38:18 GMT
Expires: Wed, 07 Sep 2022 19:07:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CtXxFtglzKjp1wi_lsy8mKi-omy78cfpuf7CXfV7FgNoNoC0eJjhSA==
Age: 1094
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Last-Modified: Wed, 07 Sep 2022 17:26:19 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e27313c78bb1b4915b56819ea1681c89
aeea006638532562eb6d03ce71f1928f16a79e14
54f506e01b24da86d55bed7a799101e97f051c3ae9f40adb8627b28f611d4570
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:44:23 GMT
expires: Wed, 07 Sep 2022 18:59:23 GMT
cache-control: public, max-age=900
age: 729
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 07 Sep 2022 18:56:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e27313c78bb1b4915b56819ea1681c89
aeea006638532562eb6d03ce71f1928f16a79e14
54f506e01b24da86d55bed7a799101e97f051c3ae9f40adb8627b28f611d4570
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c35a376c0e9620e600bbab87a4b93b86
d25ae8da4874fbe7d074f9e00a63ba4c0c637ef0
e214919ef42b09adfc38db575c0b2682ce0ed83b63763863884f1c369fadf14a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Sep 2022 18:56:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ef7019257f95e23f5fa7fc865d507655
7f3d70d26fb20232c31359b5bf71ab2c1f1bb1bf
a26b8a7828334b4321fec93619f3801973b019fda56d6e5293430406ae7d02d0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Sep 2022 18:56:32 GMT
server: ESF
cache-control: private
content-length: 30798
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0\012- data
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 22:23:00 GMT
expires: Mon, 04 Sep 2023 22:23:00 GMT
cache-control: public, max-age=31536000
age: 246812
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.203.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.203.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 35+j0mMy58lJckM9mRW2Ug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FF+jvCo/RJCVPGyMj2AZv192hfo=
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35963)
Hash 0a10e1669fa5f54a96c02562d935783f
fb9c033841ed0848caeede748301a5c91de6c800
25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 49970
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 59496ac62759b6e474de2975c4616ae4
ad7012c529ae9e9a3d303be7a4acd0c136c4f482
d158e67545924fc1326c87d82e610dcdb35781c7509e6a8693eff3c35d79f95d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1e3618360c113152e2ace6d959b95a6
a300d90c784376801014cd04c3df458647ba9985
7aeb4c402546444e2e2824b5d1543fa121fd31f9626331cae94580fc9b0640d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8-eJCejDIztVqh17TdajoSoYt7GHqEJXITektxTA=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8-eJCejDIztVqh17TdajoSoYt7GHqEJXITektxTA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 72b2ef1bc01ff6f6eb1ce023515403ea
6a0ebbeb9429f34e81dc445a7dc20d952b061ee0
7363f02dd81c8c5975b0d2137cf940f61bb9849e8644139a0cf4754d8b425282
GET /ytc/AMLnZu8-eJCejDIztVqh17TdajoSoYt7GHqEJXITektxTA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3365
x-xss-protection: 0
date: Wed, 07 Sep 2022 16:13:19 GMT
expires: Fri, 29 Jul 2022 12:46:19 GMT
cache-control: public, max-age=86400, no-transform
age: 9793
etag: "v328"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/asidl7Z8Isc/maxresdefault.jpg
216.58.207.246200 OK 206 kB URL HTTP/2 i.ytimg.com/vi/asidl7Z8Isc/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 206 kB (205881 bytes)
Hash b34180486371a4fe052e48a9d6073546
89d5e702f830868b2a65655cc8c14445a964321b
9bc9c1e4e25b244ade1a767be308b10925fe4eca7277c1682ad8a1992ab071de
GET /vi/asidl7Z8Isc/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 205881
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:56:32 GMT
expires: Wed, 07 Sep 2022 20:56:32 GMT
cache-control: public, max-age=7200
etag: "1619091344"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f826e6c7ed5681ea2e4fb221deee4c65
85450db9a100d7b512f454c49237d8071e6f5a05
d96e95c4e9ec09f5e53aef9d6be1e36858601c5b999587f1d104e588bbc49e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1e3618360c113152e2ace6d959b95a6
a300d90c784376801014cd04c3df458647ba9985
7aeb4c402546444e2e2824b5d1543fa121fd31f9626331cae94580fc9b0640d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/T6LjQP97zaE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/T6LjQP97zaE
IP 142.250.74.3:0
Hash 9c2579025cfc123ee543285827465132
8f3d4e440cc635f1361322bca5549a36db6f06ce
db3d499ad02b4fef9250464527358053516ad46f813d32c628731b885bf53a9f
POST /s/gts1d4/T6LjQP97zaE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.zx-adnet.com/consent/cookies_gdpr.js?0.39893149768539204
151.101.65.195200 OK 77 kB URL HTTP/2 cdn.zx-adnet.com/consent/cookies_gdpr.js?0.39893149768539204
IP 151.101.65.195:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2366), with CRLF line terminators
Hash 9ba6fff7c352925203641fc4468ac4e6
219e26c540c286596f6f3f1e587e5a7619bdabc6
b689dc4448b2a0ca705fc3a45368345fc320be9a7d63f02b9c7611b113b39c4c
GET /consent/cookies_gdpr.js?0.39893149768539204 HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "6d9479856d34b784a695cf827606b5512cda2503d6ed62ebe429f4ef02dd9fef-br"
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:33 GMT
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662576993.023440,VS0,VE50
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
X-Firefox-Spdy: h2
get.optad360.io/sf/prebid6.13.0.js
143.204.55.94200 OK 540 kB URL HTTP/2 get.optad360.io/sf/prebid6.13.0.js
IP 143.204.55.94:0
File type ASCII text, with very long lines (54812)
Size 540 kB (539768 bytes)
Hash 9880469287264dec1b2db80d6f0c4c98
1a82889c82e3effb9fcf372dec763f31e40bc879
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b
GET /sf/prebid6.13.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 539768
date: Tue, 19 Apr 2022 09:24:01 GMT
last-modified: Wed, 02 Mar 2022 11:37:42 GMT
etag: "9880469287264dec1b2db80d6f0c4c98"
cache-control: public, max-age=360000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rhx95p70VonxDlLljuDFdIIPvLiRkvbn_K1yVhKEAhWik2E7MIZ3zA==
age: 12216753
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.66200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (44969)
Hash cb1193d95b7f2dfd81b0aa87f53b1b0d
8f72f07142c0b5b7e291c1a13ec1a89c3b05ec5e
f7f448cb9ed905201e27660ba7e5f33fd6b251a26e9fdca1aae871dd4a617b3b
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 28533
date: Wed, 07 Sep 2022 18:56:33 GMT
expires: Wed, 07 Sep 2022 18:56:33 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1327 / 999 of 1000 / last-modified: 1662548676"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 122 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 961a7f95770dc8534edc157a45c1db84
210d1983c117a47d0ccb0f665b0cc9cf67c8f5ba
5afaaacd2d4a84a7390361a22685e713cf528cdae0afa9f5323153c5fd2f2f8e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1288
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Sep 2022 18:56:33 GMT
server: ESF
cache-control: private
content-length: 122
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash f2c09450546dd92b353f445e75eec217
4601b42faa8882b1bef05aff835a996f0129f60d
0034c165d743b0d50c865f552872070e9e1a706d950d3a2d977ab532479f85a0
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:33 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 11 Sep 2022 18:01:03 GMT
ETag: "4601b42faa8882b1bef05aff835a996f0129f60d"
Last-Modified: Wed, 07 Sep 2022 18:01:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 25
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471aa4049c61bfe-OSL
www.bigmp3db.com/1duwt.min.js?068d9c0
46.4.104.244200 OK 57 kB URL HTTP/2 www.bigmp3db.com/1duwt.min.js?068d9c0
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (63119), with no line terminators
Hash a2aaa2f4041b493652af497ac6dc94fb
692ee33711d5175fdd194ee80626cb0e21d998a2
df325edae0f5262b4465e7fd1ce8718e7d643d6d4f8d34b93161c276da56cc98
GET /1duwt.min.js?068d9c0 HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
cache-control: max-age=300
expires: Wed, 07-Sep-2022 22:01:33 EEST
duration: 1139360
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (674)
Hash 35e497ac5083383e52795573c74e6184
a56a1055a42342fad7a50b78e213aac618ba60db
d627635d5d4b4042f8f8111706bcad7b0dd4eec0fbde0400f7caf591ff460466
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72334
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
etag: "63186565-11a8e"
expires: Wed, 07 Sep 2022 19:56:33 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a17946fe3c2f2d726292605709e00d6b
e760304880a43478de1a8e30dc398498547d87a3
58074a713dd2563368b44e390e6b590d9c8afde60f24c1c242597f3f47d41a48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5244
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Last-Modified: Wed, 07 Sep 2022 17:29:09 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1721bc1215ea65f153e07f3fdef944
ea7470604b99c3e33c1631bea59472a2d89cc66b
01a159a95b01acbd7d211819d797caa6bddb0b3e255ad29d7befaefa178a4dc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Last-Modified: Wed, 07 Sep 2022 17:37:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 648
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1721bc1215ea65f153e07f3fdef944
ea7470604b99c3e33c1631bea59472a2d89cc66b
01a159a95b01acbd7d211819d797caa6bddb0b3e255ad29d7befaefa178a4dc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Last-Modified: Wed, 07 Sep 2022 17:37:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 71197b4712e4edf2289cb1a1cb9fc849
8c8bfa79c980d59941d2a6988be233e5bc82b741
8153020f9daff1d643c29a6d1dd321aeb8a2d271f98c1a41e571ed797958bc3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4563
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Last-Modified: Wed, 07 Sep 2022 17:40:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
useast.quantumdex.io/auction/apacdex
104.22.36.96500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP 104.22.36.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 770
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
date: Wed, 07 Sep 2022 18:56:33 GMT
content-length: 0
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, sabadosnegros.org != strephonsays.com
set-cookie: uid=670e3ade-b857-4334-987e-46b998ab0410; expires=Fri, 07 Oct 2022 18:56:33 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa41ed8415f4-ARN
X-Firefox-Spdy: h2
useast.quantumdex.io/auction/apacdex
104.22.36.96500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP 104.22.36.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 807
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 07 Sep 2022 18:56:33 GMT
content-length: 0
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, sabadosnegros.org != strephonsays.com
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Fri, 07 Oct 2022 18:56:33 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa420da215f4-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9cf3a03623a28898eb19c79afa9ff752
05cc2de25772fa8bc8e85ae2337234ace8a77dd8
25157bf58c114258f01fa10d77e4ee132e9efb02c96541ca9765e77fc16a9ed4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25157BF58C114258F01FA10D77E4EE132E9EFB02C96541CA9765E77FC16A9ED4"
Last-Modified: Mon, 05 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6781
Expires: Wed, 07 Sep 2022 20:49:34 GMT
Date: Wed, 07 Sep 2022 18:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9cf3a03623a28898eb19c79afa9ff752
05cc2de25772fa8bc8e85ae2337234ace8a77dd8
25157bf58c114258f01fa10d77e4ee132e9efb02c96541ca9765e77fc16a9ed4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25157BF58C114258F01FA10D77E4EE132E9EFB02C96541CA9765E77FC16A9ED4"
Last-Modified: Mon, 05 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6781
Expires: Wed, 07 Sep 2022 20:49:34 GMT
Date: Wed, 07 Sep 2022 18:56:33 GMT
Connection: keep-alive
jsc.mgid.com/w/i/wikicell.org.1122452.js
104.19.136.78200 OK 852 B URL HTTP/2 jsc.mgid.com/w/i/wikicell.org.1122452.js
IP 104.19.136.78:0
File type ASCII text, with very long lines (2317), with no line terminators
Hash afdec708dbe2d530cc7f498ae3a9ceb2
8ff460a2dba86c9729fbb56d5e5ccb50e7a1dcf4
fda773ee976cc35ae2d2894c918e308dbf7a61e97dd04766f095d67ca4441168
GET /w/i/wikicell.org.1122452.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2318
etag: W/"2f53335c9fb1608a66c44547c6a99e86"
last-modified: Wed, 08 Jun 2022 10:30:37 GMT
x-amz-id-2: xsEptCBn9tEUtm/53MdlUb53Sai7cftP6BaDDXTT7PflFxKm9pbK7EsV9BCDLQZiJsA9akddW9M=
x-amz-request-id: 61ZRHZ3YEPG2VEBJ
x-amz-version-id: CEV3Tan4ka3OXxMe.PiN70EP3G_de3Fu
cf-cache-status: HIT
age: 2209
expires: Wed, 07 Sep 2022 21:56:33 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=LgZlD0Cd3Hglr9r3TCMO.K6KLY.QGMUUsc.YVU5Wimc-1662576993-0-AQQ3Ko4s2FahuZuXAgwsRPe4SOmo2/WuPXs3IQGD3UJFIcH8/Lqq516QYs+gtVAHa3phSX7ZCPUFx9crSFV3IGU=; path=/; expires=Wed, 07-Sep-22 19:26:33 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa415d9b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75436cdc325123495e77c041e17c1ae8
4ae5436b9df6d4f5da29438a38d2929f0cb79a80
0ab51508056ce096f379e1c2ac2bbc393e782241537812ef29d2aa8df3d194a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Last-Modified: Wed, 07 Sep 2022 17:37:34 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 71197b4712e4edf2289cb1a1cb9fc849
8c8bfa79c980d59941d2a6988be233e5bc82b741
8153020f9daff1d643c29a6d1dd321aeb8a2d271f98c1a41e571ed797958bc3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: max-age=138764
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Etag: "6318580c-1d7"
Expires: Fri, 09 Sep 2022 09:29:17 GMT
Last-Modified: Wed, 07 Sep 2022 08:36:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75436cdc325123495e77c041e17c1ae8
4ae5436b9df6d4f5da29438a38d2929f0cb79a80
0ab51508056ce096f379e1c2ac2bbc393e782241537812ef29d2aa8df3d194a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5546
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:33 GMT
Last-Modified: Wed, 07 Sep 2022 17:24:07 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 868
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: max-age=0, private, must-revalidate
date: Wed, 07 Sep 2022 18:56:32 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 904
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: max-age=0, private, must-revalidate
date: Wed, 07 Sep 2022 18:56:33 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25204 No Content 77 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash ad4e00a8034b9acd606442916b46f285
08fa3fedbddb66d47a713c13c5f802160458027f
3f6670d3eb13550efbf36d51f40a1a9862fae00a6299430c08bb5d9075578ab1
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 676
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 673
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: 9237a85b-3c5b-44ac-917e-26a5cd01d71b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
hbopenbid.pubmatic.com/translator?source=prebid-client
198.47.127.22204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 198.47.127.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 977
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: no-cache, no-store, must-revalidate
date: Wed, 07 Sep 2022 18:56:33 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c3a56564dc0d4102a6d653a157919a81
6f3055b7e86b876c13c09ad189bb6566cd62445c
88d874427c7105080cee2db782aef54b8708f323b94efce91f590ce8c247c127
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 725
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: 2f8577c2-532a-4a2d-9f57-ab6980735595
Set-Cookie: icu=ChgIis9gEAoYASABKAEw4dLjmAY4AUABSAEQ4dLjmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6835294314811956849; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
onetag-sys.com/prebid-request
51.89.9.252200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.252:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1030
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.252200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.252:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1102
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 724
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: c7057835-9f70-4df1-b119-3da3663f48d6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 64 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash afde3f7c8cf7e1fe070c7e958bef2b80
5e37543a448907834ab6d4cbc52ba6f6bcb30c82
a2a0a80848f7afab78ca6a9ea4f9326c7c800137673c66fbd0560ad5c1b11b28
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 376
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 720
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
uber-trace-id: 000000000000000009c44e854e299789:b7f6c0bcc970e94f:0:0
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 710
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6e658b651f06c4b1c8b3150b1d5bc0cb
e0cc3452bf1cca9c408a180e8ac54fba90da7f07
9f23cb3352b2b5855062fb853b8dee66c8b02c3b7e6723e2623c1c198ec654aa
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Sep 2022 17:53:47 GMT
ETag: "e0cc3452bf1cca9c408a180e8ac54fba90da7f07"
Last-Modified: Wed, 07 Sep 2022 17:53:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 32
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471aa439f701bfe-OSL
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.4 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash 6e658b651f06c4b1c8b3150b1d5bc0cb
e0cc3452bf1cca9c408a180e8ac54fba90da7f07
9f23cb3352b2b5855062fb853b8dee66c8b02c3b7e6723e2623c1c198ec654aa
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cy1.sabadosnegros.org/
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
89.207.16.146204 No Content 0 B URL HTTP/2 web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
IP 89.207.16.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cvx/client/hb/ortb/25 HTTP/1.1
Host: web.hb.ad.cpe.dotomi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 593
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
cache-control: no-cache
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
89.207.16.146204 No Content 0 B URL HTTP/2 web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
IP 89.207.16.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cvx/client/hb/ortb/25 HTTP/1.1
Host: web.hb.ad.cpe.dotomi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 559
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
cache-control: no-cache
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3235
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3235
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3235
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3235
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:56:33 GMT
Connection: keep-alive
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 567 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash a5d355d5c2009c4020b186c0cff14f89
6e471838a1cb286e3470d60a87509ece866abe49
3dae47a91c678b42379433b945a843e210e5824a6ad5b8b7861c96622ab0431d
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 224
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 76511
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 73057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 75909
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6tTqfG7yRrMw0cMwiQFlu9XuRzxlK7uzTXL-cAMFmrrDrKL9Rd3zqA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:20 GMT
age: 76513
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 49590
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 31a6c427-a073-4c25-88b1-6ba40a48c359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvyGg6oAMFhDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-36dd49416c62f3811167173d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hNtG651fpAOKjZluawZlbXYFfBUojeSyqB9UMRsAg1Ooxc95mudq7A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:27 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 75906
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5e9c7b7f0fe88278d8b818eaad26c15
62ad6e7762a8c9755dc02889711dd2139a17a465
b5e9a93d1437dd1a67a208bc87e5aa0694080f8da2190989e6209c1549aa828c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 672
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: 32aaf9c2-269b-463b-b38a-0e159034f1d4
Set-Cookie: icu=ChgIis9gEAoYASABKAEw4dLjmAY4AUABSAEQ4dLjmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2391508196829635243; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 902 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
Hash 224f3e89d13e1a632d998a725abdc75e
323cc1e7f48fb3b2100067d439d1d4ea15b1b535
eaa5f5287724fe7a4758598e495d1ce61f850eb8b919568d12a28e5882048db2
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 727
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: 6e948f7d-f864-4958-806e-803ca241990b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 685
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:34 GMT
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
198.47.127.22204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 198.47.127.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1012
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: no-cache, no-store, must-revalidate
date: Wed, 07 Sep 2022 18:56:33 GMT
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 712
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
89.207.16.146204 No Content 0 B URL HTTP/2 web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
IP 89.207.16.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cvx/client/hb/ortb/25 HTTP/1.1
Host: web.hb.ad.cpe.dotomi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 595
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
cache-control: no-cache
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 908
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: max-age=0, private, must-revalidate
date: Wed, 07 Sep 2022 18:56:33 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
198.47.127.22204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 198.47.127.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1010
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: no-cache, no-store, must-revalidate
date: Wed, 07 Sep 2022 18:56:32 GMT
X-Firefox-Spdy: h2
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
89.207.16.146204 No Content 0 B URL HTTP/2 web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
IP 89.207.16.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cvx/client/hb/ortb/25 HTTP/1.1
Host: web.hb.ad.cpe.dotomi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 591
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
cache-control: no-cache
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 905
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
cache-control: max-age=0, private, must-revalidate
date: Wed, 07 Sep 2022 18:56:33 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:34 GMT
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 725
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: f06875bf-5963-4f3c-8264-1c7f19f6f564
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f3e3477f8e8898aa0cd3e4b80e99ea70
7d9b7718f89902d87465a88d21432bda265b5c5f
9b48d49fd02d3046782dcf33449f4946aeda5e51fd8fc80ef622b4b92fec00d2
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 725
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: 423b021b-b03b-4784-9398-ad28ccd2b50d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
onetag-sys.com/prebid-request
51.89.9.252200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.252:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1101
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 723
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
uber-trace-id: 0000000000000000e1539149b458ca44:89779cca31e5855b:0:0
vary: Origin
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 720
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
uber-trace-id: 00000000000000008c7a6754530330df:660c3acbdbfc305f:0:0
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 710
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.22200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0bd9cd6428f5c08d988fcfc170fb9687
d6bb372830bdccde2d40e0c2778439ab42bfaa19
a4001b81d9fbc33905e84b417b584f72f852b84410b971328b9a797e401fa2ae
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 726
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
AN-X-Request-Uuid: b1a66f86-2296-48ae-aa0b-1fe925459342
Set-Cookie: icu=ChgIis9gEAoYASABKAEw4tLjmAY4AUABSAEQ4tLjmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4142119773534424908; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
useast.quantumdex.io/auction/apacdex
104.22.36.96500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP 104.22.36.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 811
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 07 Sep 2022 18:56:34 GMT
content-length: 0
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, sabadosnegros.org != strephonsays.com
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Fri, 07 Oct 2022 18:56:34 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa45794615f4-ARN
X-Firefox-Spdy: h2
useast.quantumdex.io/auction/apacdex
104.22.36.96500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP 104.22.36.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 807
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 07 Sep 2022 18:56:34 GMT
content-length: 0
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, sabadosnegros.org != strephonsays.com
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Fri, 07 Oct 2022 18:56:34 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa45895a15f4-ARN
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Sep 2022 18:56:34 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Wed, 07 Sep 2022 19:56:34 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b544c4d2427305f830d70cd40f2e5263
f8d3fbf9d368742f894816ea71d8cc9016078d1f
6f5bb81b798a2bb4ba854703b03d71c3cb1b0c0adb437f6ff863f1f7774c3005
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=cy1.sabadosnegros.org
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cy1.sabadosnegros.org
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cy1.sabadosnegros.org HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:56:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=cy1.sabadosnegros.org
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cy1.sabadosnegros.org
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cy1.sabadosnegros.org HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:56:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35bebda821efbdb6fec21090c26fcff0
5371b373af16c80121ad475bfbd377aadb9001b5
f10eb86a8452f13e8e9c9215e9a5b0c68bf9ddfa1979b9c7e1ad7acd8bb4dd9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/65400583/1?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 426 B URL HTTP/2 mc.yandex.ru/watch/65400583/1?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash c0078ffc5ed9b468f48bbacac771027b
0ee4cbdb00fb448b0a2db990a4e8eab619729c56
0a12fde99268d422cfcaf80bed3b4a862cdb9a75a9b7e510366c0fc4ca85c315
GET /watch/65400583/1?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 426
date: Wed, 07 Sep 2022 18:56:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:56:34 GMT
last-modified: Wed, 07-Sep-2022 18:56:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 07 Sep 2022 18:56:34 GMT
expires: Thu, 07 Sep 2023 18:56:34 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s-img.mgid.com/g/12578219/492x277/0x39x564x317/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1662576994-JGuG0SPltUDZ4YJzdgyp5PIjqN4Bpazmv6rA3ykW06g
104.19.135.78200 OK 26 kB URL HTTP/2 s-img.mgid.com/g/12578219/492x277/0x39x564x317/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1662576994-JGuG0SPltUDZ4YJzdgyp5PIjqN4Bpazmv6rA3ykW06g
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad2c6870b0d4c0b7dfcc4746df9646d7
071e449abb42830ae2c57e007eb95c6dba57917e
59b7657466a2d5efc420f33a998992c184f0adfe6ce2b63dad5c928968c1314d
GET /g/12578219/492x277/0x39x564x317/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1662576994-JGuG0SPltUDZ4YJzdgyp5PIjqN4Bpazmv6rA3ykW06g HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: image/webp
content-length: 25660
x-mg-request-uuid: 50376775-a792-4871-a011-11aefbe1d32d
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
last-modified: Tue, 12 Jul 2022 08:29:32 GMT
cf-cache-status: HIT
age: 4874852
accept-ranges: bytes
set-cookie: __cf_bm=olngwSv4Urn6MpK5QTHEeft9p_Ww0eS7LsYpBakAi0U-1662576994-0-AU1mHNoCuDCOczhwPvzKSSyb7dgvNFWST7YXJsZqQnYd9Ph0fbzjjhbhAezh04EsnSQqvutuGw0OjP1LiUwqV28=; path=/; expires=Wed, 07-Sep-22 19:26:34 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa496fd41bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/11533299/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzdkZDY5MjQwN2NmMjlmOWJlNDllZmVlYWJlYTVhMDEuanBlZw.webp?v=1662576994-u0LkVazh3GjaUmaPNbcsxalodisSbh4MSn3zTSenJJ8
104.19.135.78200 OK 9.8 kB URL HTTP/2 s-img.mgid.com/g/11533299/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzdkZDY5MjQwN2NmMjlmOWJlNDllZmVlYWJlYTVhMDEuanBlZw.webp?v=1662576994-u0LkVazh3GjaUmaPNbcsxalodisSbh4MSn3zTSenJJ8
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 641913e2bd13e05567c2608f0a503cd8
f17136015023e2be24789a25e5b20b51207fe43c
774a47a3274b099c44adc9b26b1dd0e70515553b36c9ae0e2012b9ec475fae5d
GET /g/11533299/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzdkZDY5MjQwN2NmMjlmOWJlNDllZmVlYWJlYTVhMDEuanBlZw.webp?v=1662576994-u0LkVazh3GjaUmaPNbcsxalodisSbh4MSn3zTSenJJ8 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: image/webp
content-length: 9806
x-mg-request-uuid: 3f6b79b0-d8d5-4ec0-aef6-b223b04255d4
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
last-modified: Wed, 01 Dec 2021 12:23:56 GMT
cf-cache-status: HIT
age: 10405756
accept-ranges: bytes
set-cookie: __cf_bm=QI5.BfhoBAeTqBjTMbkbZ2nk0lGuyy2uJ1iT2HFovkA-1662576994-0-AQUZCnViI+nzKrbGNYDAiQTx0EyU7XAIPqZyABanYc1GR8yxf4+cPYUVAXeQI/L6c/i6M5ZDIMhr8IG7B62b0Ag=; path=/; expires=Wed, 07-Sep-22 19:26:34 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa496fe01bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/3859217/492x277/39x0x1096x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzAzMmNlMDBhYzU3NzNjMDRjMzZiNjVkNmIxMTZjMTJjLmpwZWc.webp?v=1662576994-ad_-1sVgSgu_zhtzw07oY3iFRYGnVj8DQtHMe_rOGDY
104.19.135.78200 OK 17 kB URL HTTP/2 s-img.mgid.com/g/3859217/492x277/39x0x1096x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzAzMmNlMDBhYzU3NzNjMDRjMzZiNjVkNmIxMTZjMTJjLmpwZWc.webp?v=1662576994-ad_-1sVgSgu_zhtzw07oY3iFRYGnVj8DQtHMe_rOGDY
IP 104.19.135.78:0
Hash 8d26687e3cc1aec290087687375279ee
4709966f4a234e2b6debe00f92dab3e3c67932e2
9be893a520e2b14cb5b0e3058cf91b6af0e1a155f2974e6d24c65a122a0eec60
GET /g/3859217/492x277/39x0x1096x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzAzMmNlMDBhYzU3NzNjMDRjMzZiNjVkNmIxMTZjMTJjLmpwZWc.webp?v=1662576994-ad_-1sVgSgu_zhtzw07oY3iFRYGnVj8DQtHMe_rOGDY HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: image/webp
content-length: 15826
x-mg-request-uuid: c672771a-a6ba-4918-bb53-67a67d5748b7
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
last-modified: Tue, 12 Jul 2022 08:38:39 GMT
cf-cache-status: HIT
age: 4874898
accept-ranges: bytes
set-cookie: __cf_bm=tEzQQGhhVKZj5pDwZxtZXsYLV6lsDlsPns.1CSGbGhY-1662576994-0-AX6dYsgnvs8CHX9OkTex/6TGLiMBjJNvpCm191HHfnY3ozmwXKF5vF04AhBNVQ+rJovDv+NBw02OkQ+WlsDURpU=; path=/; expires=Wed, 07-Sep-22 19:26:34 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa496fde1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/3805572/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZw.webp?v=1662576994-Z4Nxv6H5NmxjrVCJ3jbcW36QU9Y-ZvVmMRkTNU2r5Ls
104.19.135.78200 OK 17 kB URL HTTP/2 s-img.mgid.com/g/3805572/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZw.webp?v=1662576994-Z4Nxv6H5NmxjrVCJ3jbcW36QU9Y-ZvVmMRkTNU2r5Ls
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 04611748071a0cd4210428a72a056dcc
5c3d9f42aee7f7aad33cd969d831c791877c07bc
7ca321186a3504c2fb077d4202111f55ad4fae1686cee38ede350200e4834e3c
GET /g/3805572/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZw.webp?v=1662576994-Z4Nxv6H5NmxjrVCJ3jbcW36QU9Y-ZvVmMRkTNU2r5Ls HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: image/webp
content-length: 16976
x-mg-request-uuid: 199e39db-32aa-4a3f-b7fc-60d33a30c0fa
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
last-modified: Tue, 12 Jul 2022 08:38:44 GMT
cf-cache-status: HIT
age: 4961869
accept-ranges: bytes
set-cookie: __cf_bm=V4exDqMKb5BjH5gLsh2gJmfU3OkZH.uQ1aGXNdU4t6M-1662576994-0-AQtVIGQ6wpesHzHH0008V+95cF8slL5ZMxBm7c4gwCdLu4OePEa0Nb8uSplNSSCIVCTAVUUcCWcsiVEbCd0wK4U=; path=/; expires=Wed, 07-Sep-22 19:26:34 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa495fcf1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/11533304/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyYjZhMmI5NGZhNDc3MzFhZTcuanBlZw.webp?v=1662576994-yXqQPUejA7Ct3o_pzHF2V3aa90CPoLDDDbtX6f3icWo
104.19.135.78200 OK 18 kB URL HTTP/2 s-img.mgid.com/g/11533304/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyYjZhMmI5NGZhNDc3MzFhZTcuanBlZw.webp?v=1662576994-yXqQPUejA7Ct3o_pzHF2V3aa90CPoLDDDbtX6f3icWo
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7901501620ec393ecd4335facae4913
27e862130b2ebbc9205b64b52b0c2b748175aff8
962ad038354035ffa7514c00b09391bb845c71748414018801d8b0710e5a13a7
GET /g/11533304/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyYjZhMmI5NGZhNDc3MzFhZTcuanBlZw.webp?v=1662576994-yXqQPUejA7Ct3o_pzHF2V3aa90CPoLDDDbtX6f3icWo HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: image/webp
content-length: 17780
x-mg-request-uuid: ccf0c51b-73b2-4eb3-a6d4-5412f5073b65
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
last-modified: Wed, 01 Dec 2021 12:24:04 GMT
cf-cache-status: HIT
age: 10405758
accept-ranges: bytes
set-cookie: __cf_bm=ZAAEn7dBg1JmIkrQX2ndUnBoXz4uT.4ZVKzNg7yegCc-1662576994-0-AaNMmKFJ7NiaxYLGVnL1xlfszLWOnteXYCjh5xgpD8GgWAV1e63ZxQSG0+PFemU1ik6rixwdvrjXrCyq6TX7x6E=; path=/; expires=Wed, 07-Sep-22 19:26:34 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa496fdf1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13054682/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvYmQ2OWJjMmRlZWIzMDM2NDFiNTE3NzNmNjU5MGFjYmEuZ2lm.gif?v=1662576994-yQRag8M5sfgZ24Qmofxd8suGUY9elyWv363SdNHpBqs
104.19.135.78200 OK 2.9 MB URL HTTP/2 s-img.mgid.com/g/13054682/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvYmQ2OWJjMmRlZWIzMDM2NDFiNTE3NzNmNjU5MGFjYmEuZ2lm.gif?v=1662576994-yQRag8M5sfgZ24Qmofxd8suGUY9elyWv363SdNHpBqs
IP 104.19.135.78:0
File type GIF image data, version 89a, 492 x 277\012- data
Size 2.9 MB (2903188 bytes)
Hash 5b67d088ba1cb46d70ad741ace231add
0f7f261400ecdef76e1004c0c5e068a937a272b7
974654a1cd5506b322e491967dd13f41840ef8211c9b2c6d9897f22be5d102c1
GET /g/13054682/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvYmQ2OWJjMmRlZWIzMDM2NDFiNTE3NzNmNjU5MGFjYmEuZ2lm.gif?v=1662576994-yQRag8M5sfgZ24Qmofxd8suGUY9elyWv363SdNHpBqs HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: image/gif
content-length: 2903188
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
last-modified: Wed, 25 May 2022 11:34:44 GMT
x-mg-request-uuid: 5d8fe4f2-cbf9-4007-a34f-15c6c58bd779
cf-cache-status: HIT
age: 8026028
accept-ranges: bytes
set-cookie: __cf_bm=OlSg2.rBiNA2UEXgIgPW13JHP1FAWjZ2wtoV9sSCWa8-1662576994-0-AS+zX7fwqs1seH/iD0zRFvq7xZacDBmI4QrIqLtmK/zvHe4dwhwe+7R7hEAcsEaLr2PcbohIvy5jizAWNLeUoUw=; path=/; expires=Wed, 07-Sep-22 19:26:34 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa498fff1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.connectad.io/api/v2
104.22.54.206200 OK 8.4 kB IP 104.22.54.206:0
Hash 21806ba31eefab1860e1a1c03183625b
eff1943662442dbd875bdc4996014189c2d9e0c3
1e3f4a53f7d530d63656910470b832fd3ffb1f1566b84c1d8c1b2aa7aaa42ddb
POST /api/v2 HTTP/1.1
Host: i.connectad.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 983
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa421ee9b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
op04.biz/?te=gbtgkmzvha5ha3ddf4ztgnrz
185.177.94.108200 OK 256 kB URL HTTP/2 op04.biz/?te=gbtgkmzvha5ha3ddf4ztgnrz
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Size 256 kB (255700 bytes)
Hash d797e9dec17e883da43619d91fb83b37
ba59231646f1f2d73fed492a3c4466fefd16054e
08ea2c4a4a658dff1212ddda0ea822dc78a937619655aa568bc1a2bd46b58e83
Analyzer Verdict Alert quad9 Sinkholed
GET /?te=gbtgkmzvha5ha3ddf4ztgnrz HTTP/1.1
Host: op04.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:31 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=89cb7b90-e35e-4e3a-a577-5ca49d5c00f5; expires=Fri, 07-Oct-2022 18:56:31 GMT; Max-Age=2592000; path=/; SameSite=None; domain=op04.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 4.7 kB URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash d5014dd27890cdc8265c955f13c77074
c92524360dface9da5c4b7eff75df3f7503c5970
345f6b7e9055528a4ed5aa6cf7ff330fe28434ca3a8a249af35e277e5b1bf728
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 221
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
cm.idealmedia.io/setmuidn/?muidf=m87yzdnjQDUb
104.16.221.74200 OK 0 B URL HTTP/2 cm.idealmedia.io/setmuidn/?muidf=m87yzdnjQDUb
IP 104.16.221.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setmuidn/?muidf=m87yzdnjQDUb HTTP/1.1
Host: cm.idealmedia.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: image/gif
content-length: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa4c3f38b50f-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 61bc9667657b3a703dab8dd07ec0f8e8
bf77904e43a62994c8299cb970255c0cc85a14e0
62f4f140c127f4cde3f7621ab0d7ea0942684eeb9ab19d774a44788d0402b307
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 11:37:55 GMT
Expires: Wed, 14 Sep 2022 11:37:54 GMT
Etag: "bf77904e43a62994c8299cb970255c0cc85a14e0"
Cache-Control: max-age=577878,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa4cacfd0b49-OSL
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 15a014c42bffc4ad2a9bbb51db5d5fee
19b3729965b64caf8e135492d16081ca76a057a4
0f9e53b701da4f59b4faf86b70e8ee5f25c0aab106873b29263b0f0db7bc6fda
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Sep 2022 21:48:24 GMT
Expires: Wed, 07 Sep 2022 21:48:24 GMT
ETag: "19b3729965b64caf8e135492d16081ca76a057a4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash e28ca36fd0136b615ed34e1b7ee1c8d6
58aca3a4cc68d36a6b623313735ff30e29f571a5
1672a71607a830f4a4afc41d946e04c75633275b7f52c1a69d77ae3e9cdf5b44
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 01:18:01 GMT
Expires: Wed, 14 Sep 2022 01:18:00 GMT
Etag: "58aca3a4cc68d36a6b623313735ff30e29f571a5"
Cache-Control: max-age=540684,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa4cb96f0b3d-OSL
creativecdn.com/cm-notify?pi=mgid
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/cm-notify?pi=mgid
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm-notify?pi=mgid HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:56:35 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=sYNrfaRB8ClAW0CQYsoa;Path=/;Domain=.creativecdn.com;Expires=Thu, 07-Sep-2023 18:56:35 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1662576995;Path=/;Domain=.creativecdn.com;Expires=Thu, 07-Sep-2023 18:56:35 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/cm-notify?pi=mgid&tc=1
content-length: 0
X-Firefox-Spdy: h2
creativecdn.com/cm-notify?pi=mgid&tc=1
185.184.8.90200 OK 42 B URL HTTP/2 creativecdn.com/cm-notify?pi=mgid&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm-notify?pi=mgid&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: image/gif
content-length: 42
X-Firefox-Spdy: h2
s.adtelligent.com/sync.html?aid=754484
185.83.69.226200 OK 1.2 kB URL HTTP/1.1 s.adtelligent.com/sync.html?aid=754484
IP 185.83.69.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3314), with no line terminators
Hash d30e3ee26ce1bbeba0ad15dd2e8e354f
3080fd9cca6c41f48f0c21eb4309ee3537a76faa
b7e1af4f567bac1b19fe2aeb16a8da7d6b4b046f6cbba6e6dc5660c70a2710c2
GET /sync.html?aid=754484 HTTP/1.1
Host: s.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1202
Access-Control-Allow-Origin: https://cy1.sabadosnegros.org
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
23.38.200.201200 OK 68 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c486343ee4c10598f90221bcd11429b2
2cb8a96e1902c35bfb0de435976d4825988453aa
57d80318fc1f90d0132ad5a686e9b76d0976496c3df1ec993082c321024f5113
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 68097
cache-control: max-age=74402
expires: Thu, 08 Sep 2022 15:36:37 GMT
date: Wed, 07 Sep 2022 18:56:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 7d0472cbfcc189eb332eef13a54aa6be
bcfe874ffeea3c66be3b780c37c345523f04dd6e
6e6e232aa443ea63ded6f0ea6f3b36e44a0cf9abb2e38cc071341f0fb6f90b8a
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Sep 2022 16:09:21 GMT
ETag: "bcfe874ffeea3c66be3b780c37c345523f04dd6e"
Last-Modified: Wed, 07 Sep 2022 16:09:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3409
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471aa4ecfc41bfe-OSL
cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
80.77.87.161302 Found 0 B URL HTTP/1.1 cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
IP 80.77.87.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Sep 2022 18:56:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=04866961-cccf-4cf7-9c43-f261a3fc362c; path=/; domain=.admanmedia.com; expires=Wed, 21 Sep 2022 18:56:35 GMT;SameSite=None;Secure
ac_r=CS77; path=/; domain=.admanmedia.com; expires=Wed, 21 Sep 2022 18:56:35 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://cm.mgid.com/m?cdsp=675043&c=04866961-cccf-4cf7-9c43-f261a3fc362c
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: DENY
ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171910
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e4da8ee3fe4e12b76f8a3e565a24507d
842cd0b26ecb5c0e3afdb0b090d7b64f1f6fb6dc
67b939b2219cc27818aa93fef82ad86470f75ac656be70bdd01b155830d45ac5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6114
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:35 GMT
Last-Modified: Wed, 07 Sep 2022 17:14:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14389), with no line terminators
Hash 5d870bc1846a4487dd2380f8bbaf1538
7006508dfa4ccdb964c371544ea898ba07eae479
ebd9537776d411afefdc8737e69f64bd4a2f770b5665b3a457469b33e460dbed
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:56:35 GMT
server: cafe
cache-control: private
content-length: 10929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=59a18369e249bfb
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=59a18369e249bfb
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=59a18369e249bfb HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
s.adtelligent.com/sync.html?aid=651796
185.83.69.226200 OK 783 B URL HTTP/1.1 s.adtelligent.com/sync.html?aid=651796
IP 185.83.69.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1458), with no line terminators
Hash 1bd5f309eed4e1bd83af414f7f6a1bc0
b2323b06ed00bfaa4fb7b6e6521e457591b44c90
c06b81d73e167e1c01f71298c5fbe5a5d865e0bd6d0b28c62451bbdb4bf746df
GET /sync.html?aid=651796 HTTP/1.1
Host: s.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 783
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
pixel.rubiconproject.com/exchange/sync.php?p=mgid
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=mgid
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=mgid HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID
198.47.127.18302 Found 630 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID
IP 198.47.127.18:0
File type HTML document, ASCII text, with very long lines (628)
Hash 126c0b49a0e457b98577eb3c38cc3365
84732e736cecc324afebc68d01dfe9f3f8402238
1fc9e1f6c8479c8aa90838bfd6ec8279d7b8abd50ecbad298d08cd5d9c64864f
GET /AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Wed, 07 Sep 2022 18:56:34 GMT
content-length: 630
X-Firefox-Spdy: h2
csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
104.19.172.108307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
IP 104.19.172.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Wed, 07 Sep 2022 18:56:35 GMT
content-length: 0
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=52735a9f-dac4-4950-98ce-1429916531bd
set-cookie: viewer_token=52735a9f-dac4-4950-98ce-1429916531bd; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Wed, 07-Dec-2022 18:56:35 GMT; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa4f5f68b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4367176eae5e442c2c2d6014d44eb5bd
fbdb37f6e05d8bbcf62240e3eddd8b8c87abf184
9903e343618003f5a7655fc8e2fcb4537357395addb7d585dbf9c6e9ec9387df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9903E343618003F5A7655FC8E2FCB4537357395ADDB7D585DBF9C6E9EC9387DF"
Last-Modified: Wed, 07 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6383
Expires: Wed, 07 Sep 2022 20:42:58 GMT
Date: Wed, 07 Sep 2022 18:56:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash fb5c0d2c111510682a289283403eaf49
bad58d54a91cac8e2b19d051f9a04288141365b3
9e21ea2a32aa1c20d5a3518e16cad06c5906a8cc56a94b185459060bd08d90ec
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 18:56:35 GMT
Last-Modified: Wed, 07 Sep 2022 17:53:23 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aQuKOAumBuO6ZYPz9TXofPN-zbs2D_a_AA_RFbsu1zOl7jycT_c0tQ==
Age: 3792
ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
46.249.52.248302 Found 786 B URL HTTP/2 ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
IP 46.249.52.248:0
ASN #50673 Serverius Holding B.V.
Hash cfb199a2c73fd86a9e5e6400715cc3d0
04f1e319d4986690d65216d624c4d3710080a1d8
7ea29d8ed073a5c1c753025a31b1fedeeef03de280ad2848b825f9ff8106bebb
GET /uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP/1.1
Host: ads.us.e-planning.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
x-sid: AMS-745
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7ddc6e0c8998c6173816250da95b0ee5
9153739906c8c8124460d3361e0403c1f85a313a
6799eb82f783dc511ba82cc08b9e182469e99a7f67f85073fd88c110930f26b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5393
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:35 GMT
Last-Modified: Wed, 07 Sep 2022 17:26:42 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m87yzdnjQDUb
109.206.161.21302 Found 0 B URL HTTP/1.1 sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m87yzdnjQDUb
IP 109.206.161.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m87yzdnjQDUb HTTP/1.1
Host: sync.e-volution.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Sep 2022 18:56:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: v_usr=0b09d100-0cc2-4a7e-85ba-096dd468b4d6; path=/; domain=.e-volution.ai; expires=Wed, 21 Sep 2022 18:56:35 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7ddc6e0c8998c6173816250da95b0ee5
9153739906c8c8124460d3361e0403c1f85a313a
6799eb82f783dc511ba82cc08b9e182469e99a7f67f85073fd88c110930f26b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:35 GMT
Last-Modified: Wed, 07 Sep 2022 17:26:43 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
46.249.52.248200 OK 13 B URL HTTP/2 ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
IP 46.249.52.248:0
ASN #50673 Serverius Holding B.V.
File type HTML document, ASCII text, with no line terminators
Hash c83301425b2ad1d496473a5ff3d9ecca
941efb7368e46b27b937d34b07fc4d41da01b002
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
GET /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP/1.1
Host: ads.us.e-planning.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: text/html
content-length: 13
x-sid: AMS-745
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 44b3b73dc542468e212e4eb1474bb750
439a4192ef32e15b2fd5829b29bb1ed468a7f3f2
a666be3157b316a845cbdf81892fdfe1fbf55fe289ca9accffad95c4524da66f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 13:56:50 GMT
Expires: Tue, 13 Sep 2022 13:56:49 GMT
Etag: "439a4192ef32e15b2fd5829b29bb1ed468a7f3f2"
Cache-Control: max-age=499813,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa4ef83b0b49-OSL
ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
52.29.144.41302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
IP 52.29.144.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=cec53155-84c6-4bbd-a7c2-2346f20bd134; Expires=Tue, 06 Dec 2022 18:56:35 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1662576995; Expires=Tue, 06 Dec 2022 18:56:35 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=mgid
52.58.8.248302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?ssp=mgid
IP 52.58.8.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=mgid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 07 Sep 2022 18:56:35 GMT
Location: https://x.bidswitch.net/ul_cb/sync?ssp=mgid
Set-Cookie: tuuid=0f8ebe1a-223a-4116-a63b-2d01644dccf4; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1662576995; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1662576995; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1662576995; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
51.83.220.94302 Found 166 B URL HTTP/2 a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
IP 51.83.220.94:0
Hash 9d83c97d3d097e345b1aa4cca8185d91
0484209488d517e5dd2460c637657e739a04f9b1
f09b53849ee619f35d3f9a682bf5cb2f63e76b72fd9602266a97a5c70c7c84c9
GET /ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: text/html; charset=utf-8
content-length: 166
location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b367d3af-04c4-479a-82b3-a432a3dee8e2
set-cookie: apuid=b367d3af-04c4-479a-82b3-a432a3dee8e2; Path=/; Expires=Sun, 06 Nov 2022 18:56:35 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 44b3b73dc542468e212e4eb1474bb750
439a4192ef32e15b2fd5829b29bb1ed468a7f3f2
a666be3157b316a845cbdf81892fdfe1fbf55fe289ca9accffad95c4524da66f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 13:56:50 GMT
Expires: Tue, 13 Sep 2022 13:56:49 GMT
Etag: "439a4192ef32e15b2fd5829b29bb1ed468a7f3f2"
Cache-Control: max-age=499813,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa4f0c89b4f3-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash add1bb1f28ab2f97f5307386547f6681
f0005c059bce7b1489b45243af1dda0b11937fc9
cb580011e799dc6af6273da74567d7c9ea60185aacf69b2cd75796e1686f1cc1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 00:29:47 GMT
Expires: Wed, 14 Sep 2022 00:29:46 GMT
Etag: "f0005c059bce7b1489b45243af1dda0b11937fc9"
Cache-Control: max-age=537790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa506a1a0b49-OSL
ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171910
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=303&user_id=m87yzdnjQDUb
52.58.8.248302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=303&user_id=m87yzdnjQDUb
IP 52.58.8.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=303&user_id=m87yzdnjQDUb HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 07 Sep 2022 18:56:35 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m87yzdnjQDUb
Set-Cookie: tuuid=f57025fd-b636-478a-864b-73fe0abed6df; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1662576995; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1662576995; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1662576995; path=/; expires=Thu, 07-Sep-2023 18:56:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
onetag-sys.com/usync/?pubId=75a1922f904cc20
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=75a1922f904cc20
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=75a1922f904cc20 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash a8bb329e8861b4a14987cfededf21362
17ea0d6f0b41e641dd39811ac5d32eb3be13920d
ec89a267e4e07431a321856d51b20a327c2da56e76e7f773fc27b1ca63873810
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 06:38:41 GMT
Expires: Wed, 14 Sep 2022 06:38:40 GMT
Etag: "17ea0d6f0b41e641dd39811ac5d32eb3be13920d"
Cache-Control: max-age=559924,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa50ba840b49-OSL
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
104.85.187.217301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
IP 104.85.187.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=17184-d HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=17184-d
date: Wed, 07 Sep 2022 18:56:36 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 07 Sep 2022 18:56:36 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash a8bb329e8861b4a14987cfededf21362
17ea0d6f0b41e641dd39811ac5d32eb3be13920d
ec89a267e4e07431a321856d51b20a327c2da56e76e7f773fc27b1ca63873810
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 06:38:41 GMT
Expires: Wed, 14 Sep 2022 06:38:40 GMT
Etag: "17ea0d6f0b41e641dd39811ac5d32eb3be13920d"
Cache-Control: max-age=559923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa507ef40b3d-OSL
ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
52.29.144.41200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
IP 52.29.144.41:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
198.47.127.18200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
IP 198.47.127.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:34 GMT
content-length: 0
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=mgid
52.58.8.248200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?ssp=mgid
IP 52.58.8.248:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=mgid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Length: 43
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m87yzdnjQDUb
52.58.8.248302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m87yzdnjQDUb
IP 52.58.8.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=303&user_id=m87yzdnjQDUb HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 07 Sep 2022 18:56:36 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=m87yzdnjQDUb&seat_key=303&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
eus.rubiconproject.com/usync.html?p=17184-d
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=17184-d
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=17184-d HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13f32c51522de1520845381e8a9fc8a9
80cd3229bfb73e07bf3325b2a1049f69680f037c
1f7c1f756fb00ac9d27963e2f3fefc12c0c8326d5b0155613daa51cdd95601b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (2228)
Hash 5e6f20aab50c7ded3cf750de7af3cf44
409ec574caaecbcfdad3125b7f26e566816f0b14
82403f266bf5091d75d7e16617626e0d06955997fa0b814f84294dd466bc6606
GET /pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7602
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:43:31 GMT
expires: Wed, 21 Sep 2022 18:43:31 GMT
cache-control: public, max-age=1209600
etag: 8484125879011292595
content-type: text/javascript; charset=UTF-8
age: 785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?t=a&ep=319130&extuid=52735a9f-dac4-4950-98ce-1429916531bd
62.149.1.122200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=319130&extuid=52735a9f-dac4-4950-98ce-1429916531bd
IP 62.149.1.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=319130&extuid=52735a9f-dac4-4950-98ce-1429916531bd HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Length: 0
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a319130=52735a9f-dac4-4950-98ce-1429916531bd; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
62.149.1.122302 Found 0 B URL HTTP/1.1 sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
IP 62.149.1.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Length: 0
Etag: 4b3cfa6d7509c455
Location: https://cm.mgid.com/m?cdsp=617666&c=4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
sync.adtelligent.com/csync?redir=
62.149.1.122200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?redir=
IP 62.149.1.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?redir= HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 64 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 1c0ba1131641a25606fe5f6300012eb0
d943cbc7440bec95c9edadf8d26869990a6de901
65f33fafc288ef88a8ce00fb72c7f39ddb4664453f78e18d028d2dec97c15cf3
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 221
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a4f39f62d1d46ce4980aba317a5bc0c5
9e17ffde2113580d5763d0f82cfb917009f3e3b3
ee7e9f37e61ff516e842e8450087df52496a96381f00595a6c265e69dc0a7703
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:36 GMT
Last-Modified: Wed, 07 Sep 2022 18:13:00 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 07 Sep 2022 18:56:36 GMT
expires: Wed, 07 Sep 2022 18:56:36 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
AN-X-Request-Uuid: d2f3fe0e-c441-435f-ac46-a0859ef93522
Set-Cookie: uuid2=2251748158475472309; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
AN-X-Request-Uuid: d92819c1-4760-4daa-8198-8f9b4839b749
Set-Cookie: uuid2=427310310254356299; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
178.250.2.146200 OK 298 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (340), with no line terminators
Hash d690a57d866ea1fcaeb9873342bd3131
22def828a3d50b00679e19e5b27bb2864736116b
8b56152334784674fa3737e8b305c1d60e618f07934ade105bbc304259092b20
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 589245
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81cf474e858af13fabf947aad85cd813
c488d0f7bfe8880f9aa8f69900d4b8f8cf9957c2
4f4297675fa3738957e95262ba1c06d3981f173744465485189bd74be7ed0261
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F4297675FA3738957E95262BA1C06D3981F173744465485189BD74BE7ED0261"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Wed, 07 Sep 2022 20:37:52 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81cf474e858af13fabf947aad85cd813
c488d0f7bfe8880f9aa8f69900d4b8f8cf9957c2
4f4297675fa3738957e95262ba1c06d3981f173744465485189bd74be7ed0261
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F4297675FA3738957E95262BA1C06D3981F173744465485189BD74BE7ED0261"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Wed, 07 Sep 2022 20:37:52 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81cf474e858af13fabf947aad85cd813
c488d0f7bfe8880f9aa8f69900d4b8f8cf9957c2
4f4297675fa3738957e95262ba1c06d3981f173744465485189bd74be7ed0261
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F4297675FA3738957E95262BA1C06D3981F173744465485189BD74BE7ED0261"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Wed, 07 Sep 2022 20:37:52 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 9.4 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (17571)
Hash d7f4920c92271a0201ab111efe8a3b01
fffa95478e9715da307880fc91ce9b96eea5883a
3a00bdfd2f4cf862b611f0a9cfdf1da2aaa288cab21e4abba114656f0478bccb
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Content-Encoding: gzip
Content-Length: 9380
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=76958
Expires: Thu, 08 Sep 2022 16:19:14 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81cf474e858af13fabf947aad85cd813
c488d0f7bfe8880f9aa8f69900d4b8f8cf9957c2
4f4297675fa3738957e95262ba1c06d3981f173744465485189bd74be7ed0261
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F4297675FA3738957E95262BA1C06D3981F173744465485189BD74BE7ED0261"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Wed, 07 Sep 2022 20:37:52 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81cf474e858af13fabf947aad85cd813
c488d0f7bfe8880f9aa8f69900d4b8f8cf9957c2
4f4297675fa3738957e95262ba1c06d3981f173744465485189bd74be7ed0261
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F4297675FA3738957E95262BA1C06D3981F173744465485189BD74BE7ED0261"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Wed, 07 Sep 2022 20:37:52 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
sync.adtelligent.com/csync?t=a&ep=307558&extuid=b367d3af-04c4-479a-82b3-a432a3dee8e2
62.149.1.122200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=307558&extuid=b367d3af-04c4-479a-82b3-a432a3dee8e2
IP 62.149.1.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=307558&extuid=b367d3af-04c4-479a-82b3-a432a3dee8e2 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:35 GMT
Content-Length: 0
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a307558=b367d3af-04c4-479a-82b3-a432a3dee8e2; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
198.47.127.19200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 198.47.127.19:0
File type ASCII text, with no line terminators
Hash 1295036e588eaf7dc419755912c738f4
2f80a8ec41805fedf17b0d21ed151b3d00a08003
348eeb34724f9d0c2144f66f02371220b563ac84c2d3f5f53d424b84479b9626
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Tue, 6 Dec 2022 09:59:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 07 Sep 2022 18:56:36 GMT
content-length: 60
X-Firefox-Spdy: h2
ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
185.86.139.102302 Found 0 B URL HTTP/1.1 ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: ssbsync.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Wed, 07 Sep 2022 18:56:36 GMT
location: https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6069462313496015014&gdpr=0&gdpr_consent=
set-cookie: pid=6069462313496015014; expires=Sun, 08 Oct 2023 18:55:36 GMT; domain=smartadserver.com; path=/; secure; samesite=none
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.7 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1621)
Hash 684efa5255e2dd2260f82007dc0e1aa8
fc1638ff8c5ae05bf069e8de71bcee7cd0760e0b
3e59d94ef5aea48c9c27740fbb2e77e04d253b1df5e7dfbddc26e5ddd84129e1
GET /pagead/js/r20220901/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9663
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:19:43 GMT
expires: Wed, 21 Sep 2022 18:19:43 GMT
cache-control: public, max-age=1209600
etag: 5256006603266553849
content-type: text/javascript; charset=UTF-8
age: 2213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
141.95.98.68200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dc0813319d84d641ba07962b8d727eca
5ce3bc1877a90a52a095a2b01231b0b23f884230
671004fded5cc97d36346a421ba0169a532d3b9c6a37aa2bd39b6ebc63c84a43
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:35 GMT
lb.eu-1-id5-sync.com/lb/v1
141.95.98.68200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0a734a62d49fd0992f5c06385c93e876
49a2156c47de6edda20c5d3bdf2c7e71dfddf8fb
910758bd9ec66e5bfc64efb15bad8dc93a40222e06f0466c12c841d42a6c77f6
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:35 GMT
lb.eu-1-id5-sync.com/lb/v1
141.95.98.68200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d717ce866ccc258817d1dde7256aee19
d5fa70b11c0fd72c9693074ed74f62e0f6e5fa52
5a165e7baeb38c0801d13cd89c767f9e29ca5fc9234d69cd49e12e6467d82375
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:35 GMT
lb.eu-1-id5-sync.com/lb/v1
141.95.98.68200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b30cfbcd6a9cee7a742d8e033aeeda38
3134edf5dad72c08407431bb988ceaf7c23b8038
73c91aafaa6d74eb6161597adb1f32dafefda36505c8ac10ca5b8ea7eafdbd12
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:35 GMT
lb.eu-1-id5-sync.com/lb/v1
141.95.98.68200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bc831ccf708a95bfb7dc6cb6573224f
e563f18a2028c85f22171399f392047dbe52bd98
a9775ffaae82dc053be6ccd86adea1bb661ea405f0cf4af0064f32c96be2abef
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:36 GMT
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
178.250.2.146200 OK 782 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
IP 178.250.2.146:0
Hash 7b21197ba9ddc262b4631d1ce77495a8
1cb7eba946f09d8b37893da296ddd07ce859a185
611ac722f19e6f804d31f2c2f07141f7b9b45b7a525c2d575a672cd9fff2a5fd
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 1301253
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 2058da3ddc4a0be72fe05ccb2f7a91d4
f6e7a72dc52dc58e2bf0da525730174330215bcc
f3136132ab2819820ae94fdefc2ca3d3039b297e09bec5e0943e3a8ef34f0fcc
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Sep 2022 22:07:58 GMT
Expires: Wed, 07 Sep 2022 22:07:58 GMT
ETag: "f6e7a72dc52dc58e2bf0da525730174330215bcc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
pixel.rubiconproject.com/exchange/sync.php?p=17184-d
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=17184-d
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=17184-d HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
35.186.253.211302 Found 0 B URL HTTP/2 rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
IP 35.186.253.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP/1.1
Host: rtb.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-origin: null
access-control-expose-headers:
cache-control: private, max-age=0, no-cache, must-revalidate
content-length: 0
date: Wed, 07 Sep 2022 18:56:35 GMT
location: https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: Cowboy
set-cookie: i=bce018e8-1e11-4c0a-add0-77f118ab9f65|1662576996; path=/; domain=.openx.net; expires=Thu, 07 Sep 2023 18:56:36 GMT; max-age=31536000
vary: Origin
x-request-id: ad7oi7r4pq6uu1g1l9d1fqum35i015i2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
72.251.249.13204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
IP 72.251.249.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 07 Sep 2022 18:56:36 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap2ams1
sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6069462313496015014&gdpr=0&gdpr_consent=
109.206.161.21302 Found 0 B URL HTTP/1.1 sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6069462313496015014&gdpr=0&gdpr_consent=
IP 109.206.161.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a02d62607dea0c97e41ff36ebd422945.gif?puid=6069462313496015014&gdpr=0&gdpr_consent= HTTP/1.1
Host: sync.e-volution.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Cookie: v_usr=0b09d100-0cc2-4a7e-85ba-096dd468b4d6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Sep 2022 18:56:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: v_usr=0b09d100-0cc2-4a7e-85ba-096dd468b4d6; path=/; domain=.e-volution.ai; expires=Wed, 21 Sep 2022 18:56:36 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 57102a568e41b9482fdb01c30f6cfed7
84f9caee3744ef547d85a5acdc193d38da7731bc
758ccb382c1c8e6da00ed47ebdcb072bbeacb177d41786abda58695541db2a60
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 18:56:36 GMT
Last-Modified: Wed, 07 Sep 2022 17:28:05 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sPOHysLYJp7x_FgiSON_QzXSjXgu6EKgYrJJdMIkFIZl6njnDwCj2Q==
Age: 5311
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5021aea40b812d54cdaff10e97223fa9
46a7781ba8bd4774b1a534c2c5b8363ca22aaae5
65cd1267ec422990068c4a90d557916db10108f12af797c82711ecbe1d6cd9f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65CD1267EC422990068C4A90D557916DB10108F12AF797C82711ECBE1D6CD9F8"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Wed, 07 Sep 2022 20:46:08 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5021aea40b812d54cdaff10e97223fa9
46a7781ba8bd4774b1a534c2c5b8363ca22aaae5
65cd1267ec422990068c4a90d557916db10108f12af797c82711ecbe1d6cd9f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65CD1267EC422990068C4A90D557916DB10108F12AF797C82711ECBE1D6CD9F8"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Wed, 07 Sep 2022 20:46:08 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5021aea40b812d54cdaff10e97223fa9
46a7781ba8bd4774b1a534c2c5b8363ca22aaae5
65cd1267ec422990068c4a90d557916db10108f12af797c82711ecbe1d6cd9f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65CD1267EC422990068C4A90D557916DB10108F12AF797C82711ECBE1D6CD9F8"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Wed, 07 Sep 2022 20:46:08 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
37.252.173.22302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
AN-X-Request-Uuid: 36a6d4a5-ed9b-4171-bd9f-8159ab85453a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
52.29.144.41200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
IP 52.29.144.41:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 6ebaf21fe6c11a48e2e3179637716432
e3ebe3752d9d493394f52212f9bc5bfee390dbc7
1f8a34880d4f7b6d8c5e0fe8f7ff517d3c15e25f767a88f8426bed5d4fa9cea7
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 21:12:12 GMT
Expires: Sun, 11 Sep 2022 21:12:11 GMT
Etag: "e3ebe3752d9d493394f52212f9bc5bfee390dbc7"
Cache-Control: max-age=353134,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa540f250b49-OSL
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=m87yzdnjQDUb&seat_key=303&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.43.144204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=m87yzdnjQDUb&seat_key=303&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.43.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=m87yzdnjQDUb&seat_key=303&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:36 GMT
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5ea1dc8537a2a81a33434edf3bb1af20
3d3c2626d287a4e35fd97131b18775b9f8ba57bc
92758fe27eb0c811bfd83c347a2f6dea3545916824866e39128f6e0ac0056866
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5766
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:36 GMT
Last-Modified: Wed, 07 Sep 2022 17:20:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 634428868929976434ab5892380e152e
14d320704d20c7727a88bae65e597b68a4e75e8e
2bc1bbaf3a15b255c6acc33a41ef375a79440c13765ed9aeeec53c571e7a40d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BC1BBAF3A15B255C6ACC33A41EF375A79440C13765ED9AEEEC53C571E7A40D4"
Last-Modified: Tue, 06 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Wed, 07 Sep 2022 21:00:29 GMT
Date: Wed, 07 Sep 2022 18:56:36 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
142.250.74.10200 OK 813 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 142.250.74.10:0
Hash 4eab06ddaa9ffac5cad935766fae3c12
fa06c9e7cc1c69fb275e07be4ca7f384449dc0e5
20593f70c2161f67d7f0e57a567f7ea134646afd9596b13b3856257463ff167b
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 18:56:36 GMT
date: Wed, 07 Sep 2022 18:56:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id5-sync.com/g/v2/231.json
141.95.33.111200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with very long lines (1268), with no line terminators
Hash f20fe6b398a42824269b8c870254461a
eb1f84af2e204b74798f8c0219816932cf7a6999
c2ce21ee30a395fe0a228c25ec2a0e136da6ca9a0b351375932223c69d7dab3b
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 757
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=a9f0275d-06ed-408d-b48a-bf34f4f7b7ee#1662576996543#1; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with very long lines (1268), with no line terminators
Hash e6b9c964117330dc97e282bf328cb2ae
d25f84e8c9b471d8ccfadeec0293a2bd322e5b48
6ec29de5c7d2dbfc01d4d4fc40bd9e86138cb9edb6e874098f6c818eec2bb541
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 757
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=793cb807-276a-4be5-9ff7-a74f838710c2#1662576996545#1; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with very long lines (1267), with no line terminators
Hash f6addb17f4acfa5e3ea3eb54c513fc99
1ece3b1ac58136373b24874f0f2e055b445449aa
254ba5eeb48e80a5e375d5211819dec7daef99467ec17f198e68f642f13a0869
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 757
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=bd36f891-c586-4e77-9edb-e2c5bd4257f4#1662576996550#1; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with very long lines (1268), with no line terminators
Hash 856a58eac8b866897385477f42f6f64f
bbafa06ad87b1d0f280ba46993c91e73183bc7bb
10bd3f88758f8823d3b69b87742a4020d6d7738cc6cb25376ecd8fda6531ea48
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 757
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=a319e852-ef6c-4924-a20e-33aaf299ec73#1662576996550#1; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with very long lines (1268), with no line terminators
Hash a7d4d3787c063434eb6253c48614c560
36e523a2603c52beaaeecbda79a48cfefa5ce335
f0036bbd4858e499cd83b0fe09f807c88def262f17f4cceb85c7748977fd78d0
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 757
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=a414296a-c50d-41c2-880f-d3c82d03408d#1662576996560#1; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:36 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
37.252.173.22302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
AN-X-Request-Uuid: cf979b6c-1c4e-4b29-a74d-d4945e62f276
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 9.3 kB URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14865)
Hash 1eb6b1b688f73c52f35af948c3f9bd6d
08c78ebdea1709086830c30c6b7c3679e3d6327a
8bf15e073439cc5024958b979264a0a27b27c5459d90dbd31d513870c6c0bc79
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 327
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D
144.76.238.55200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D
IP 144.76.238.55:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1697), with CRLF line terminators
Hash b40affeda211c39dcc60611c4c1e6a22
33cd6d6aad49f008954a781fa9878acffa9bffa0
d5ec016393742e0771d80f5d45d6124316ef1604ca65593c0d3f16f92ae08cce
GET /zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:36 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4110
Connection: close
Content-Type: text/html; charset=UTF-8
pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
62.149.1.122200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
IP 62.149.1.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=297253&extuid=0 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Cookie: vmuid=4b3cfa6d7509c455; a319130=52735a9f-dac4-4950-98ce-1429916531bd; a307558=b367d3af-04c4-479a-82b3-a432a3dee8e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
sync.adtelligent.com/csync?t=a&ep=281178&extuid=PM_UID
62.149.1.122200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=281178&extuid=PM_UID
IP 62.149.1.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=281178&extuid=PM_UID HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.pubmatic.com/
Connection: keep-alive
Cookie: vmuid=4b3cfa6d7509c455; a319130=52735a9f-dac4-4950-98ce-1429916531bd; a307558=b367d3af-04c4-479a-82b3-a432a3dee8e2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Length: 0
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a281178=PM_UID; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
www.youtube.com/embed/asidl7Z8Isc
142.250.74.46200 OK 28 kB URL HTTP/2 www.youtube.com/embed/asidl7Z8Isc
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60018)
Hash 1ecaba3b5c6a2e0c9021fbcb108659a3
47b6194b7f93cd30bb312399fa8f79ddf01101c4
8a19e1319f7bc358143cb0a38efcc6ebf5ba78e099c22bebe8a082ae87088e3d
GET /embed/asidl7Z8Isc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Sep 2022 18:56:31 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=gBBdeEfcPEQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=w9turPLFygk; Domain=.youtube.com; Expires=Mon, 06-Mar-2023 18:56:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+688; expires=Fri, 06-Sep-2024 18:56:31 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
62.149.1.122200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
IP 62.149.1.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=584890&extuid=0 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Cookie: vmuid=4b3cfa6d7509c455; a319130=52735a9f-dac4-4950-98ce-1429916531bd; a307558=b367d3af-04c4-479a-82b3-a432a3dee8e2; a281178=PM_UID
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
sync.adtelligent.com/csync?t=a&ep=309255&extuid=
62.149.1.122200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=309255&extuid=
IP 62.149.1.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=309255&extuid= HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Cookie: vmuid=4b3cfa6d7509c455; a319130=52735a9f-dac4-4950-98ce-1429916531bd; a307558=b367d3af-04c4-479a-82b3-a432a3dee8e2; a281178=PM_UID
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 4b3cfa6d7509c455
Set-Cookie: vmuid=4b3cfa6d7509c455; expires=Tue, 08 Nov 2022 18:56:36 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
hal900022.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
144.76.104.53302 Found 0 B URL HTTP/1.1 hal900022.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 144.76.104.53:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900022.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 07 Sep 2022 18:56:36 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Sep 2022 19:56:36 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=44db9ea6d91f6db7; expires=Tue, 06-Dec-2022 18:56:36 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
s.console.adtarget.com.tr/sync.html?aid=755289
185.239.173.186200 OK 699 B URL HTTP/1.1 s.console.adtarget.com.tr/sync.html?aid=755289
IP 185.239.173.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1307), with no line terminators
Hash 0ba33109fbd5dcd5ccc940f833af8606
eda5fc97ef11e8f99e6a8b2a8765feb2c69af743
905ce46d60753dd8f3c39982e3846fcac91cceeaf28d102819df552c79caa62a
GET /sync.html?aid=755289 HTTP/1.1
Host: s.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 07 Sep 2022 18:56:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 699
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
216.58.211.6200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 12:29:23 GMT
expires: Thu, 08 Sep 2022 12:29:23 GMT
cache-control: public, max-age=86400
age: 23234
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900022.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
144.76.104.53200 OK 513 B URL HTTP/1.1 hal900022.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 144.76.104.53:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 0109fa3484ea10867b7a0b37df09ff6e
cb78dac1e1e0465da6231b0afcb16880883abc07
946221ba20b1e96766c34a286f5f820b39a6f851c9d404582285edffdaae8d83
GET /request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=a6a8100976&subid=&uid=42755125ead51ed6&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtRFzY-kYY5_gIY78ywW1zIuoCcm5opxpzLzNztUP8C4QASCqgMMiYMOEgICYGMgBCakC02dQwOqdsD6oAwGqBI0CT9CxjVO1rKVWcgKMwIWlxUKQe9iZyv4LqSJj8qequDzwAjVhS4ffB66ATZ2DY6jatJ-ZylumktM-GnyMeb-bg9nNaeLRdEaZlVauZqZt_GbrDVUTPPw476Wld7yewoUBm0AkNMOml9LUgRo5Tl6QDKr1ciMD_D5q9vMXHpvRvzJYoN65voayAvm3EewF6O0OLkcMykaXmbB7WDbNNcMhfsRGSguavBcE3LUVaUXyvfebQaHhpv98ixHTOVM2ZhJNO_jxWyJJ84cuXy8mosz9HtOHb-QWKHa8iMP73Qp2gtP9S3xyQMg_MZaht4w6px0rbU9diHV0r21ul4Fbe2DTK3T8UZZcknSQAfDwMFDABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggTCIjhgBAQARgdMgOqggE6A4DAA_IIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48%26sig%3DAOD64_09OqUZbOOgsufoWhVppAtA7iP2HQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Dz-IH1Hk5iJXa6J2N99kLpjuhm8t99kOER7iG14nC0qHHraE8HsCX_ZmWo45i5Qp3rwYFEmVd6l_jG_pDqchCnthivPan_lDEDGrwue3juQ51-uQxC9RZ6pu7Jh7_zmBCjcqbLEx2UR29fqxA5dH0d87ZCew%26cry%3D1%26dbm_d%3DAKAmf-CL_UmCQDceXwQcmgW-RLLAqteLdVR15InKtHMu56L90WQ_FbqA1jTRb4hWp0N-4nmVvZvGihswE6zaeWyPeymTDpxhTQiSEd132WdsE0-gAIuXDqUloXf1T1_MGzRddV7ymTM5GzL5sr9KSigGgR4TZtB-WR1IHXRDBfdhNRP1qfVnvU1jqv7--PkcYGYa10rzTM6wGGou9adtjCYzCZUx6Dohqwn2lscTGQgbOa6JrY23NMP4lXVqp65zJJffuBBvxWzgl1h41Mmf5pJ8juhGdY5C_YfnSbPETKebGkff9anflUHHksz9k5k0BfefUnX2K16epPBbuzn088A4TRVCWytJzNoTp0k_H_Ydml2_bWLsFZ-xRTcyyQLKO2cNi_nHicErICL2IalsbfkGOJXAZ_GX-WJDaBEYq3alpHDNFTecoS0W_qcLZEMiL8qITDQCMArkDIOX3oDvlc7yUiwkjZltfuOOqPpVeunDXjaBugeTHzEim83v33CJWB21oAzeuSpWcRpcNeJbuwO_6t746e7LmMLGONANkbpyNoxz4PExS2woCqjD4gWh6Qg0xE4Mv84j%26adurl%3D&documentReferer=https%3A%2F%2Fcy1.sabadosnegros.org%2F&ancestorOrigins=null&random=6730097660435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900022.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=44db9ea6d91f6db7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:37 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Sep 2022 19:56:37 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=44db9ea6d91f6db7; expires=Tue, 06-Dec-2022 18:56:37 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 75625300165360104438340012075022
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 513
Connection: close
Content-Type: application/x-javascript; charset=utf-8
match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 59c81ba671e2145e140d0e5d5565132c
b995c5b813a0334e66a4c2e33402244ea561768e
c8ac0a4e80446ad53767428212ba7ff854efba0d74b5e6e43c33bb8158664e18
GET /track/rid?ttd_pid=prebid&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Fri, 07 Oct 2022 18:56:37 GMT
vary: Origin
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
185.76.9.26200 OK 18 kB URL HTTP/2 vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (50563)
Hash a32e136414d3acdbe673fe31245aeb8e
b9a814624c116770d729b526a70e12295227de65
3bbf75bb6a3ee5f96ecdfcddbe66810d2d565fe5a6e7a54bdd3f1c8cb1f738d3
GET /sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: text/html
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
etag: W/"61c991db-c5bc"
access-control-allow-origin: *
x-accel-expires: @1662635106
server: CDN77-Turbo
x-77-nzt: AblMCRRNeqf/Ae8OAA
x-77-nzt-ray: pXdRFvjz/r4
x-cache: HIT
x-age: 978689
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
visitanalytics.userreport.com/hit.gif?event=iv-supported&t=OMDdcm-c28418195-p343990532&env=j&i=no&aid=535739283&pid=343990532&cid=176437708&sid=5830252&rid=176605521&rnd=fe7d7rydm9&v=1b&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&med=https%3A%2F%2Fee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
143.204.55.51200 OK 43 B URL HTTP/2 visitanalytics.userreport.com/hit.gif?event=iv-supported&t=OMDdcm-c28418195-p343990532&env=j&i=no&aid=535739283&pid=343990532&cid=176437708&sid=5830252&rid=176605521&rnd=fe7d7rydm9&v=1b&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&med=https%3A%2F%2Fee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
IP 143.204.55.51:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit.gif?event=iv-supported&t=OMDdcm-c28418195-p343990532&env=j&i=no&aid=535739283&pid=343990532&cid=176437708&sid=5830252&rid=176605521&rnd=fe7d7rydm9&v=1b&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&med=https%3A%2F%2Fee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross HTTP/1.1
Host: visitanalytics.userreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 01:39:39 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zs09suaZs5rrJgfxg2Ggyt1eHW2iUNgs1ERzQF4_Mt3YcIwMfERqfQ==
age: 62220
X-Firefox-Spdy: h2
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
37.157.4.23200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
IP 37.157.4.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1662576987443&gdpr=0
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1662576987443&gdpr=0
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1662576987443&gdpr=0 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 317 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash afe52e17bcde46806510dbc175696c7d
4cd6fceafca3603eee6e28dae5d8ba4e0f29ed10
d3e0c724f47aea0157a94559613b531cdc89dc093fe8e87cc43bc833e2c13421
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:37 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 06:46:47 GMT
Expires: Wed, 14 Sep 2022 06:46:46 GMT
Etag: "4cd6fceafca3603eee6e28dae5d8ba4e0f29ed10"
Cache-Control: max-age=560408,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa5a6ffa0b49-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
178.250.2.146200 OK 5.6 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (15846), with no line terminators
Hash ea742f424a01a1f5a34a14d20187aaea
1b0daff72b5fef33000e432e954dabc5e8a205c3
1c47e99ba58c8a6d30f8d303b2444e7ff45aec4448897a795d7fe08ce7b7d26b
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cy1.sabadosnegros.org/
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 501422
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 08 Sep 2022 18:56:39 GMT
Date: Wed, 07 Sep 2022 18:56:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171908
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 10:00:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171908
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171908
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 08 Sep 2022 18:56:39 GMT
Date: Wed, 07 Sep 2022 18:56:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 08 Sep 2022 18:56:39 GMT
Date: Wed, 07 Sep 2022 18:56:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
onetag-sys.com/usync/?cb=1662576987357&gdpr=0
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1662576987357&gdpr=0
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1662576987357&gdpr=0 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 08 Sep 2022 18:56:39 GMT
Date: Wed, 07 Sep 2022 18:56:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
adx.adform.net/adx/openrtb
37.157.4.25200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cy1.sabadosnegros.org/
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1662576987346&gdpr=0
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1662576987346&gdpr=0
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1662576987346&gdpr=0 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
content.zeotap.com/sdk/idp.min.js
104.22.25.87200 OK 19 kB URL HTTP/2 content.zeotap.com/sdk/idp.min.js
IP 104.22.25.87:0
File type Unicode text, UTF-8 text, with very long lines (46246), with LF, NEL line terminators
Hash 27909bb8de2eefcad87bafe15d000ce6
687373f5d62b50dbdda398496ea584a9e346731d
43fc40d4c89a364a0ef60211216d4fab011678454d5247585d5d5cd4c41dbedc
GET /sdk/idp.min.js HTTP/1.1
Host: content.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdviCACMYcvEBxGeF20KWNYK-cxq4nhgDNqHL7CSyWMlkZfwM63M4rIQYbBuDLyUw8w6dk9BbypX0dhIviA-Bss4OIyCNMMu
x-goog-generation: 1645001943546675
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56329
x-goog-hash: crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
age: 2310
last-modified: Wed, 16 Feb 2022 08:59:03 GMT
etag: W/"ab1a346bb1160bca58c151a07ab8582b"
cache-control: public,max-age=3600
cf-cache-status: HIT
server: cloudflare
cf-ray: 7471aa50ab55b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&cw=1&lsw=1
178.250.2.146200 OK 303 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (350), with no line terminators
Hash a086930a6d0eabe5cc5c561933cb8446
3330168b58e338cb08f8d637beba1698a432c7ce
cef85935e7fc5dd7d1afdcb299497ca90f4405330755eed7a0b46fdffdf1b1b2
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 498715
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 10:00:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 10:00:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 10:00:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
video.seenthis.se/v2/player/85/player.js
151.101.86.133200 OK 11 kB URL HTTP/2 video.seenthis.se/v2/player/85/player.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (33911)
Hash d885d656e58a2eb12eb2de31d66a02d3
8330f75ca066b478e1fd9dbeccaeedf38d0231c3
ffc9b4e94a6a9fd923e0a4be9d0ba4a810ea7b8d823c6eada16f37dc7ed50063
GET /v2/player/85/player.js HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6bMJ3+0Al0ulxxQGVQ/6oRTSx+lmKPLiOfUjCBfdbqoEa6pDZMJmIMf54ItN/Uqaap2+29e3834=
x-amz-request-id: QNZ03DXWX73S9BW3
last-modified: Tue, 14 Jun 2022 07:42:49 GMT
etag: "07a21107d5fec71dbdd632b7033ba8f9"
x-amz-server-side-encryption: AES256
x-amz-version-id: MLVzSewT5zhe0PZZdDyeh9DJylEUlkFZ
content-type: text/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:37 GMT
age: 6769258
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19274-LCY, cache-bma1676-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 31669
x-timer: S1662576998.753074,VS0,VE0
vary: Accept-Encoding
content-length: 11226
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/12/3?_=1662576990723
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/12/3?_=1662576990723
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/12/3?_=1662576990723 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 953ec33235d719831a6e6956b5e5bb7a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Zzbb2vE_0cuost6RltyXyrIOzc_xOZa6tHBniuxHP5m52Qwd1X3s9g==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:37 GMT
age: 0
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-timer: S1662576998.759785,VS0,VE2
content-length: 43
X-Firefox-Spdy: h2
video.seenthis.se/v2/ads/AA37fFDMXO/poster.jpeg
151.101.86.133200 OK 25 kB URL HTTP/2 video.seenthis.se/v2/ads/AA37fFDMXO/poster.jpeg
IP 151.101.86.133:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x600, components 3\012- data
Hash 8ff1e767a63310cfdc73c5a2c4c79583
1dc82d10dd04977d7fa10f2500ba9bbb4dd60c60
2cd96d0fff5e08ae168558622d95b028a9e50ec4b3fd37f3a2ee2b5f66fa847c
GET /v2/ads/AA37fFDMXO/poster.jpeg HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: c8OTEdlNY/QKMGgrWzE++llNNym3+I1s1C5FwFrML/ivMAAPrnL3l4ihrR+NZvJjVpwR5GBmhEU=
x-amz-request-id: M5BYN8508P57356B
last-modified: Wed, 17 Aug 2022 08:42:35 GMT
etag: "8ff1e767a63310cfdc73c5a2c4c79583"
x-amz-server-side-encryption: AES256
x-amz-version-id: fUWxyax_Dy14lrYceKSQ2Fyg3HQTDZsU
content-type: image/jpeg
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:37 GMT
age: 1245816
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19283-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662576998.760096,VS0,VE1
content-length: 25401
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/1200/3?_=1662576990724
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/1200/3?_=1662576990724
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/1200/3?_=1662576990724 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:37 GMT
age: 1517
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33712
x-timer: S1662576998.765444,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 9509c91a-c919-428f-8756-9c803ce1ad08
Set-Cookie: uuid2=4525239612293131330; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 64 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash a75471d56f4e871883bebbd7fa775b2f
11e872dbacb03fe667a07dd2d306241687cb42f2
d0d72214f35e80819428e62a21676b1b19a742b0ee0fcf05a14515f0239502d6
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 224
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 18f6dcd08e437377ee8bed3c578c8a00
cf354adb22691e74af8256907058ae2b154a88fc
18d377384124900c7767e95b7047565c17f8b58cf5cb864d85ddd8efdfce9590
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 18:56:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Sep 2022 23:53:02 GMT
Expires: Wed, 07 Sep 2022 23:53:02 GMT
ETag: "cf354adb22691e74af8256907058ae2b154a88fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
143.204.55.106302 Found 650 B URL HTTP/2 s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
IP 143.204.55.106:0
File type gzip compressed data, from Unix\012- data
Hash d8a97449880933bb894845bbd5291bca
1a675af6566b5ce4191185586f74e27935e6a9f7
4c2dacd603354841d25cf635473afdc94d49e5e69aa2defd5633009d8b63f554
GET /c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: CloudFront
date: Wed, 07 Sep 2022 18:56:38 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=83f9ab59
set-cookie: SCM=83f9ab59; Expires=Wed, 28 Sep 2022 18:56:38 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
SCMp=83f9ab59; Expires=Sun, 18 Sep 2022 06:56:38 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LwtkTAd12TB3z1GjDztb1HXsafj3dX1cyMTk842bmdbh2YM3pjXr4A==
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171907
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
18.203.72.119200 OK 63 B URL HTTP/2 id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
IP 18.203.72.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cefd38b5ec1a3fbed5f93a95af67888c
405022275a53ef1b7efb1ef0ef16f78921c07f22
b2716616872bc0df3a09d39d066ce88a5e07201f9911f581c67457a3fd09595a
GET /id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.122
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
104.22.36.96200 OK 857 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP 104.22.36.96:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (3306), with no line terminators
Hash e84307370f37340e574bc126ca4c00c1
e12ce6316d0439e21b61319fc7101594b49d6377
9be58c9adf5e8672c0033be57af802651b6b51068695a32aca14d07efacf251f
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Sat, 17 Sep 2022 18:56:37 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa5bdbac15f4-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
18.203.72.119200 OK 63 B URL HTTP/2 id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
IP 18.203.72.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 05d473fabe993a9c319e0bd4a07b85e5
2c5f8a25813b8f9c479da9147ae2c93a7f187a7a
4ea0f949945bafb8ab595b63d008de02d864ee648f9922ea2c49100d663aeeee
GET /id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.16.225
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
video.seenthis.se/delivery/stream/nmRXBG5N7/playlist.mpd?tid=12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku&tech=fallback
151.101.86.133200 OK 1.7 kB URL HTTP/2 video.seenthis.se/delivery/stream/nmRXBG5N7/playlist.mpd?tid=12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku&tech=fallback
IP 151.101.86.133:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (406)
Hash e6aefd4b3789d2b229bb7669e4c1f8ab
cd5fff8788c13661b0b9625b33596d06fd4b70fe
b9f6ebf4b15b6c603866d32242fa9eb3c959ea0480368ef2bf54169f05b250c6
GET /delivery/stream/nmRXBG5N7/playlist.mpd?tid=12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku&tech=fallback HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ZNSFj+lsYI6a4J4i88o41RrERFN/rWFacjgzQ7Xl1gygzH+mpqHOmsL9BJb6lHz8mYC+QA/u2nw=
x-amz-request-id: YY7WGWWHJ6RE355B
last-modified: Tue, 16 Aug 2022 10:20:50 GMT
etag: "3d6708a3b65aa31f4cac9cc09d5f5f39"
x-amz-server-side-encryption: AES256
x-amz-version-id: NRQ1KLaZDNMgdOSz2G.GPz5QCq93It1S
content-type: application/octet-stream
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 655946
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19245-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1662576998.081446,VS0,VE0
vary: Accept-Encoding
content-length: 1678
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171907
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 5.5 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
File type gzip compressed data, from Unix\012- data
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/1/3?_=1662576991162
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/1/3?_=1662576991162
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/1/3?_=1662576991162 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1518
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33723
x-timer: S1662576998.090218,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
video.seenthis.se/v2/validation/tracker/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku
151.101.86.133200 OK 24 B URL HTTP/2 video.seenthis.se/v2/validation/tracker/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku
IP 151.101.86.133:0
File type ASCII text, with no line terminators
Hash 01e9a6bdf6f882e64253608f6b3d65f3
b25d1264aeffa89799841518a2bccbb408b4437b
5191dd01952ad22c138d1fb8b253c4ba28ed0b823ac46648b4c033c605983ab9
GET /v2/validation/tracker/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: text/plain
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=86400
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 53399
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19281-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 0, 2
x-timer: S1662576998.094447,VS0,VE0
vary: Accept-Encoding
content-length: 24
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=171907
expires: Fri, 09 Sep 2022 18:41:45 GMT
date: Wed, 07 Sep 2022 18:56:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
video.seenthis.se/v2/creatives/pl4YkzY6L/script.js
151.101.86.133200 OK 173 B URL HTTP/2 video.seenthis.se/v2/creatives/pl4YkzY6L/script.js
IP 151.101.86.133:0
Hash 94b02ddc060b9b8af16bc0983439b381
856ed0732384aea7fada530f274dd84d14c875e7
187fd61c82b4126f2d923b2a4548e6ae3b49982249d587e209224a566fe7b95e
GET /v2/creatives/pl4YkzY6L/script.js HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PjxSUirXmHJ/eRFL52GXwhDYk3kuAb3BDyuzx0FDc7xnyVaTe9C6aujHFilCxQ0H1Z3tj8FUj6o=
x-amz-request-id: 586QBGPQE46181Y8
last-modified: Wed, 17 Aug 2022 08:42:20 GMT
etag: "57dce4f75ef8cdb21f92d09e97b60446"
x-amz-server-side-encryption: AES256
x-amz-version-id: 96GtgdMhU3zSv6Uatz_.12qdQvsmvZqu
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 804168
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19243-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1662576998.097568,VS0,VE1
vary: Accept-Encoding
content-length: 173
X-Firefox-Spdy: h2
id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
18.203.72.119200 OK 63 B URL HTTP/2 id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
IP 18.203.72.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4438cd0868229fb7fed1bbd42d7ce57d
d49074a7c289a87f124d844f0b678eda4a3cc8c8
9607a3cb2a288faa591ecb8b74bb89cbe794a1ffdcf3a829ceb8c2d703a7f8de
GET /id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.3.13
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/65/3?_=1662576991163
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/65/3?_=1662576991163
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/65/3?_=1662576991163 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1518
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33724
x-timer: S1662576998.096311,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
video.seenthis.se/v2/creatives/pl4YkzY6L/style.css
151.101.86.133200 OK 487 B URL HTTP/2 video.seenthis.se/v2/creatives/pl4YkzY6L/style.css
IP 151.101.86.133:0
Hash 9c57134098d5dbf214a5ebc6df94b47a
2570c6796df1e141e7d9f773d711c9f1081221e7
7343dd663ae139f87720e9c259d36504b954c4df09aa007caa7f9142f4df2743
GET /v2/creatives/pl4YkzY6L/style.css HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: XnRgwU2lbuFoukoNhqAqs1K1DLzz3T7HCce050P7wHxfzU4U6pKRtx0Tu3q6clOWmKUx5VjY15M=
x-amz-request-id: E703KJNEYZ2YVMAV
last-modified: Wed, 17 Aug 2022 08:42:20 GMT
etag: "937f8953db2046efcae959e5ba1f275a"
x-amz-server-side-encryption: AES256
x-amz-version-id: oqQHj5h9tR9t44N5d_Ktl6PFT6.TJB0q
content-type: text/css
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 140140
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19230-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662576998.098837,VS0,VE1
vary: Accept-Encoding
content-length: 487
X-Firefox-Spdy: h2
video.seenthis.se/v2/creatives/pl4YkzY6L/index.html
151.101.86.133200 OK 182 B URL HTTP/2 video.seenthis.se/v2/creatives/pl4YkzY6L/index.html
IP 151.101.86.133:0
Hash 334ecdaad98b0154118c09de84f2e6dd
938646314c8bd973064e15adc3af6a4bec2f6e36
41ec7a3e31a249aec111b8b21d05c496110e3e36bb73a54ae45cbc44df1002e4
GET /v2/creatives/pl4YkzY6L/index.html HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: pJ2sd4hPyXjhXoMV21KahKUt4FxCmXK7e1kshGFvpbKcD8ES8EHIranIM1cV0vQlz8ZCPKkPFAE=
x-amz-request-id: 8J29HWPMD3AJXMDM
last-modified: Wed, 17 Aug 2022 08:42:20 GMT
etag: "f7ec84e2a555811258a87c6e317dca28"
x-amz-server-side-encryption: AES256
x-amz-version-id: WrEbguiex3yW3cLVMxKlRzj4uOUps6co
content-type: text/html
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 726367
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19264-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1662576998.108910,VS0,VE0
vary: Accept-Encoding
content-length: 182
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 810411ca-19b0-400b-8e00-10776bfe9c30
Set-Cookie: uuid2=1863559542570415302; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 7922314f-5781-4f8d-8482-1662a1c33d34
Set-Cookie: uuid2=2697423028913554571; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
18.203.72.119200 OK 63 B URL HTTP/2 id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
IP 18.203.72.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b3f3c2e249506f18404c34484dbc292
10db090c378e48a25f03458075b7583648cf1459
d8f6210709fc5ae35fe898f7d71c578c3da979b0273823de36c32ecd4fa565c9
GET /id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.2.35
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/19/1?_=1662576991212
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/19/1?_=1662576991212
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/19/1?_=1662576991212 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1518
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33725
x-timer: S1662576998.153053,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c1fae251-48b8-4135-8d17-066fd5c030e6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5bd9e418e877bd63dd6a119049fe58a3
db62074e95ff07c902cd5d3b7135805b774bf382
58fbf110f58d1dd7fb13d978b3b4db3a781ed0986d62822c90d548add669b905
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 11:23:20 GMT
Expires: Mon, 12 Sep 2022 11:23:19 GMT
Etag: "db62074e95ff07c902cd5d3b7135805b774bf382"
Cache-Control: max-age=404200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa5e68a6b4f3-OSL
video.seenthis.se/v2/creatives/pl4YkzY6L/assets/Nx5-rkUn9.png
151.101.86.133200 OK 12 kB URL HTTP/2 video.seenthis.se/v2/creatives/pl4YkzY6L/assets/Nx5-rkUn9.png
IP 151.101.86.133:0
File type PNG image data, 500 x 91, 8-bit/color RGBA, non-interlaced\012- data
Hash 78b313621cf5e894ecbeb845308dc576
dfcf18a2ffca418747f80377a447f4ea6b4cc063
fa0c414e2af0a788ada20294f58b4317ee81a97cc156672857ac0b12cfb3221c
GET /v2/creatives/pl4YkzY6L/assets/Nx5-rkUn9.png HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: /SrBGVekFjZcm/D3xaWDtWe4LACCLwNhT1pp+W0J0wvxZuW4CsH1iQglOuQoRPi8oiOZZNpWYZk=
x-amz-request-id: 31RRCWGP241VBBW8
last-modified: Wed, 17 Aug 2022 08:42:20 GMT
etag: "78b313621cf5e894ecbeb845308dc576"
x-amz-server-side-encryption: AES256
x-amz-version-id: txO53z8XnCt8.HkKrYTLyueKxdf1DiLe
content-type: image/png
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 140143
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19250-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 361
x-timer: S1662576998.213370,VS0,VE0
content-length: 11457
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/51/1?_=1662576991363
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/51/1?_=1662576991363
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/51/1?_=1662576991363 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1518
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33729
x-timer: S1662576998.219208,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 28e932c2-2645-4a41-8344-3eb26a635229
Set-Cookie: uuid2=85301402883087960; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5bd9e418e877bd63dd6a119049fe58a3
db62074e95ff07c902cd5d3b7135805b774bf382
58fbf110f58d1dd7fb13d978b3b4db3a781ed0986d62822c90d548add669b905
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 11:23:20 GMT
Expires: Mon, 12 Sep 2022 11:23:19 GMT
Etag: "db62074e95ff07c902cd5d3b7135805b774bf382"
Cache-Control: max-age=404200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa5ebd810b49-OSL
simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 650 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
File type gzip compressed data, from Unix\012- data
Hash d8a97449880933bb894845bbd5291bca
1a675af6566b5ce4191185586f74e27935e6a9f7
4c2dacd603354841d25cf635473afdc94d49e5e69aa2defd5633009d8b63f554
GET /AdServer/SPug?o=1&p=160120&sc=1&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 09:46:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5bd9e418e877bd63dd6a119049fe58a3
db62074e95ff07c902cd5d3b7135805b774bf382
58fbf110f58d1dd7fb13d978b3b4db3a781ed0986d62822c90d548add669b905
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 11:23:20 GMT
Expires: Mon, 12 Sep 2022 11:23:19 GMT
Etag: "db62074e95ff07c902cd5d3b7135805b774bf382"
Cache-Control: max-age=404200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa5eb943b4f3-OSL
id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
18.203.72.119200 OK 63 B URL HTTP/2 id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
IP 18.203.72.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ed0ded4e487065651c71ddf856dab2df
e8bbaab6aaed18759339e48513d427c6df7c3803
a0438cbbce9c527da9863614023de04d60093d88e3a4e80beec58debc2073591
GET /id?gdpr_applies=true&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.21.84
access-control-allow-credentials: true
access-control-allow-origin: https://cy1.sabadosnegros.org
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5bd9e418e877bd63dd6a119049fe58a3
db62074e95ff07c902cd5d3b7135805b774bf382
58fbf110f58d1dd7fb13d978b3b4db3a781ed0986d62822c90d548add669b905
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 11:23:20 GMT
Expires: Mon, 12 Sep 2022 11:23:19 GMT
Etag: "db62074e95ff07c902cd5d3b7135805b774bf382"
Cache-Control: max-age=404200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7471aa5ec92ab4ff-OSL
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 975 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash d805f4300b35d292c2c87fe99c352b0c
4b463e2a7bf48083c671db4469ecb5e6249c9882
232b0277975d0302a5f742788edd3c9910ca93e8b15ce7adc1f5d30c23f6cac2
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 224
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
72.251.249.13204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP 72.251.249.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 07 Sep 2022 18:56:38 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap2ams1
match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
52.29.43.144204 No Content 0 B URL HTTP/2 match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
IP 52.29.43.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:38 GMT
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.45204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:38 GMT
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.45204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:38 GMT
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.45204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:38 GMT
X-Firefox-Spdy: h2
id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
141.95.33.111200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
IP 141.95.33.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Wed, 07-Sep-2022 19:01:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Wed, 07-Sep-2022 19:01:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Wed, 07-Sep-2022 19:01:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Wed, 07-Sep-2022 19:01:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Wed, 07-Sep-2022 19:01:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Wed, 07-Sep-2022 19:01:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Sep 2022 18:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
sync.quantumdex.io/setuid?bidder=smaato&uid=83f9ab59
104.22.36.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=smaato&uid=83f9ab59
IP 104.22.36.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=smaato&uid=83f9ab59 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa5eae6d15f4-ARN
X-Firefox-Spdy: h2
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
23.38.200.22302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Thu, 07 Sep 2023 18:56:38 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 18:56:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Sep 2022 18:56:38 GMT
X-Firefox-Spdy: h2
hal900022.redintelligence.net/request_content.php?s=75625300165360104438340012075022&a=847d1a75
144.76.104.53200 OK 1.4 kB URL HTTP/1.1 hal900022.redintelligence.net/request_content.php?s=75625300165360104438340012075022&a=847d1a75
IP 144.76.104.53:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ab51fc0d8cb26b0ac36b34cc4bee59b1
c48103c2c0a3b8970fab31485f1a29a6f38c69ab
7644ac710c48e904db5b7c6e80182ed941bad42ac304f7a5c98b3a0248ed86f5
GET /request_content.php?s=75625300165360104438340012075022&a=847d1a75 HTTP/1.1
Host: hal900022.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=44db9ea6d91f6db7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Sep 2022 19:56:38 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1413
Connection: close
Content-Type: text/html; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c9021c27b2490ca5808bc7df34f26e76
1758b2168ab1323b70fa57eb30f664d04d0119d6
a1858ec88c92c4de54167c2d0c50ddb343bcca35ec995ec5b0d40e9730cce4af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:56:38 GMT
Last-Modified: Wed, 07 Sep 2022 17:28:42 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
video.seenthis.se/v2/creatives/pl4YkzY6L/assets/xyUlFtan_.woff
151.101.86.133200 OK 144 kB URL HTTP/2 video.seenthis.se/v2/creatives/pl4YkzY6L/assets/xyUlFtan_.woff
IP 151.101.86.133:0
File type Web Open Font Format, CFF, length 143868, version 0.0\012- data
Size 144 kB (143868 bytes)
Hash 007fba271e63831498177fd6f3ea97c4
ad9f8b0d3ce4336d550bd9d2fc4ca9d505ad2cc1
3f2d5fa246de5c72ad18e85250ff626146a967b0b1dd4a924baf6b8b1a58b36a
GET /v2/creatives/pl4YkzY6L/assets/xyUlFtan_.woff HTTP/1.1
Host: video.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://video.seenthis.se/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Y+AEbIUpDuwlF1NrfNPEih0OeeQq+LeejZNQ5q6L7JxPdUJg1L6S+LKDG08sP3Cg2oNQ/aDXsqU=
x-amz-request-id: 0MK5W8NEAGD93677
last-modified: Wed, 17 Aug 2022 08:42:20 GMT
etag: "007fba271e63831498177fd6f3ea97c4"
x-amz-server-side-encryption: AES256
x-amz-version-id: gOp2uPQ_q06GbXiW3kXLiDLQThCDwFVQ
content-type: font/woff
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1246436
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-served-by: cache-lcy19233-LCY, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1662576998.330983,VS0,VE0
content-length: 143868
X-Firefox-Spdy: h2
std.wpcdn.pl/wpjslib6/wpjslib-sync.js
212.77.98.32200 OK 17 kB URL HTTP/2 std.wpcdn.pl/wpjslib6/wpjslib-sync.js
IP 212.77.98.32:0
ASN #12827 Wirtualna Polska Media S.A.
File type ASCII text, with very long lines (46031), with no line terminators
Hash b7635eafada0eac1c40111bb5fd4628f
6a34562cf5581542460e338566b436c696609fc8
bf67c5b3f200ecfe43cb38a407089e8fb0d4fc2385608581c2d2566833f63c59
GET /wpjslib6/wpjslib-sync.js HTTP/1.1
Host: std.wpcdn.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ssp.wp.pl
Connection: keep-alive
Referer: https://ssp.wp.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 09:45:40 GMT
x-rgw-object-type: Normal
etag: W/"aa245c034d68961273f2d25ced8b2099"
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 300
timing-allow-origin: *
X-Firefox-Spdy: h2
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/4/1?_=1662576991547
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/4/1?_=1662576991547
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/4/1?_=1662576991547 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1518
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33733
x-timer: S1662576998.405119,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: fc5d7a0d-a935-4aa9-88c2-3710128b1f74
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ups.analytics.yahoo.com/ups/58424/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:56:38 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGbpGGMCENDHF5FUMSM-P5sOY_5-ATcFEgEBAQE6GmMiYwAAAAAA_eMAAA&S=AQAAAvANqfYw-ZD8NEjwEzC6lUU; Expires=Fri, 8 Sep 2023 00:56:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:56:38 GMT; Path=/; Domain=.betweendigital.com
tuuid=1bf9fde7-336b-52fa-ab78-9957c8607031; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:56:38 GMT; Path=/; Domain=.betweendigital.com
ut=YxjpZgAGFpjLupNkokh3V4Qa-mRkYpan88Qujg==; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:56:38 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 1599caad-3d23-403b-aa38-5bb365889d6d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/31/1?_=1662576991547
151.101.86.133200 OK 75 kB URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/31/1?_=1662576991547
IP 151.101.86.133:0
Hash e2b8a1c9c31874792b322d03fbde934a
ea8131ea086d653d928cccbaa6d1e4e5b5abb9cc
84e6d07e19412c10f59b16914740451dfd0d07f8d2e6d8681a6397a64668339b
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/31/1?_=1662576991547 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:38 GMT
age: 1518
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33734
x-timer: S1662576998.416535,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 37197099-68f5-466a-8854-498688bde9e0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
37.252.173.22302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=0
AN-X-Request-Uuid: b786ed89-cc8a-4fc2-a473-18ba8f4a63c0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusjaUDFdDEYcTVRb0DhXBxV7sWvUUUKmXTfgFzr9hS3GTs64F8WM9FmmYi9MEbTCLH2YjgmsgeI3rKGuihbDZ_QaydqQpBRLNJUvTMUWO-ihwoicinVabdv82vm2g&sai=AMfl-YQRGMURwLFTohMC2dBQdne4aPp74ov4pZLs6wZHeWuFSwhChxwtiQB8lfcAliIjij-qHBj56iXbAc-0HuWmFEW7FhlBgl-edPz0errNJhIIe5qbRTeg82JtAH7ts3dI&sig=Cg0ArKJSzIrWvDG6h_txEAE&cid=CAASKORoVPY4a3KpU0N4uASMsp8LtOQGeErwtfPolwhq2sjuTo3RGdNCht4&id=lidar2&mcvt=1183&p=643,1186,683,1227&mtos=1183,1183,1183,1183,1183&tos=1183,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2113879434&rs=4&la=0&cr=0&vs=4&r=v&rst=1662576989820&rpt=528&isd=0&lsd=0&met=ie&wmsd=0
142.250.74.130200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusjaUDFdDEYcTVRb0DhXBxV7sWvUUUKmXTfgFzr9hS3GTs64F8WM9FmmYi9MEbTCLH2YjgmsgeI3rKGuihbDZ_QaydqQpBRLNJUvTMUWO-ihwoicinVabdv82vm2g&sai=AMfl-YQRGMURwLFTohMC2dBQdne4aPp74ov4pZLs6wZHeWuFSwhChxwtiQB8lfcAliIjij-qHBj56iXbAc-0HuWmFEW7FhlBgl-edPz0errNJhIIe5qbRTeg82JtAH7ts3dI&sig=Cg0ArKJSzIrWvDG6h_txEAE&cid=CAASKORoVPY4a3KpU0N4uASMsp8LtOQGeErwtfPolwhq2sjuTo3RGdNCht4&id=lidar2&mcvt=1183&p=643,1186,683,1227&mtos=1183,1183,1183,1183,1183&tos=1183,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2113879434&rs=4&la=0&cr=0&vs=4&r=v&rst=1662576989820&rpt=528&isd=0&lsd=0&met=ie&wmsd=0
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsusjaUDFdDEYcTVRb0DhXBxV7sWvUUUKmXTfgFzr9hS3GTs64F8WM9FmmYi9MEbTCLH2YjgmsgeI3rKGuihbDZ_QaydqQpBRLNJUvTMUWO-ihwoicinVabdv82vm2g&sai=AMfl-YQRGMURwLFTohMC2dBQdne4aPp74ov4pZLs6wZHeWuFSwhChxwtiQB8lfcAliIjij-qHBj56iXbAc-0HuWmFEW7FhlBgl-edPz0errNJhIIe5qbRTeg82JtAH7ts3dI&sig=Cg0ArKJSzIrWvDG6h_txEAE&cid=CAASKORoVPY4a3KpU0N4uASMsp8LtOQGeErwtfPolwhq2sjuTo3RGdNCht4&id=lidar2&mcvt=1183&p=643,1186,683,1227&mtos=1183,1183,1183,1183,1183&tos=1183,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2113879434&rs=4&la=0&cr=0&vs=4&r=v&rst=1662576989820&rpt=528&isd=0&lsd=0&met=ie&wmsd=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 07 Sep 2022 18:56:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58424/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:56:38 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGbpGGMCEMqkdQMNW5IOZGf7-TlOXCUFEgEBAQE6GmMiYwAAAAAA_eMAAA&S=AQAAAvZZ3f8qdXmkJIgDBThdO4I; Expires=Fri, 8 Sep 2023 00:56:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.19.126200 OK 174 B URL HTTP/2 r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.19.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 32c89aff84f798a5bf5c9b9a02bf0fd2
e03e4cae6eb485751626864d7ce9d0e63e094be0
7b784fcfabeba04b16dcbdc07ba68eba890d8ade3f1bbebb4201a03fd6f1bd3b
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: text/html
cf-ray: 7471aa5fbf4a0b02-OSL
cache-control: no-cache
expires: 0
vary: Is-Traffic-Usersync, Accept-Encoding
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOaEyi3VbCGHtdC2pkNldBDnhAHqeLJ6LHx4r0WNAZHmCgAleaAsFk%2Flsn4Cs7Xk86SXGPJjrAu8TFhlBzNCTMdGPm38VGAve1FCbCP5fTYamLckvzzU7B5%2FwSIOkQrbSRiP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash fd21a8de7f4dd104ba524f11900c8f02
64059987fa42110c03c5234fc1fa8675e5774772
86076026f5acc0f4ba32c3e544f3ffb1925583abccee8d230f91272952d19160
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95373
Date: Wed, 07 Sep 2022 18:56:38 GMT
Etag: "6317b0b1-1d7"
Expires: Thu, 08 Sep 2022 21:26:11 GMT
Last-Modified: Tue, 06 Sep 2022 20:42:25 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 94PsOLKVELKfyZYHa9im4wEQ33XMPB2yp-fg9oSqNG8gSDN87Go9tg==
Age: 2626
r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.19.126200 OK 146 B URL HTTP/2 r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.19.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 18eca68e5850c428dadee5169ada4b0e
c4b630b72e7b0b8d20d0e4d0702a99160479104b
d62cf77e8c3d4cf9c153000a9782afa57609d8f3935a533e94bce8116ecc14ea
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: text/html
cf-ray: 7471aa5f2eab0b02-OSL
cache-control: no-cache
expires: 0
vary: Is-Traffic-Usersync, Accept-Encoding
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh4B4lnn%2FgVrfIQCvHSKaCB6iXdv0MOvclzel9hjG6SfAd5Sx37Sn%2BJyXnKppR%2BxFIdyviRiLMq6aat6Pop0BHxu5gdoTXFQFhXPS85%2F%2BND%2B0biwf5GiC5E7cu4DWjbGo6qV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGypsg_CK1_6ZZ6tf59CSg2pyqdBtB5i-U3yit-JvI4Jw5OT-HwIMFDHzzwf9t740Bj-9jhua3Mh7Njr0NACEzTJIRmH3PPwBz8Nv80AtjJ0JlH1FrpolAeDLNoy8&sai=AMfl-YQQHhfnQJ9s8hLV-8GcAgH9TBFNpXbVFTQnSKe20t0o8qyM4Ol4SxYlWYK1Xov8unMVBkAmktTLCfvzWTZirLxkV9j5vMJqQN3EDFvGw1aeymMn2TemNWKshITFY77W&sig=Cg0ArKJSzMaWUxYGnsobEAE&cid=CAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48&id=lidar2&mcvt=1057&p=172,909,452,1245&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1369999010&rs=4&la=0&cr=0&vs=4&r=v&rst=1662576989051&rpt=1621&isd=0&lsd=0&met=mue&wmsd=0
142.250.74.130200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGypsg_CK1_6ZZ6tf59CSg2pyqdBtB5i-U3yit-JvI4Jw5OT-HwIMFDHzzwf9t740Bj-9jhua3Mh7Njr0NACEzTJIRmH3PPwBz8Nv80AtjJ0JlH1FrpolAeDLNoy8&sai=AMfl-YQQHhfnQJ9s8hLV-8GcAgH9TBFNpXbVFTQnSKe20t0o8qyM4Ol4SxYlWYK1Xov8unMVBkAmktTLCfvzWTZirLxkV9j5vMJqQN3EDFvGw1aeymMn2TemNWKshITFY77W&sig=Cg0ArKJSzMaWUxYGnsobEAE&cid=CAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48&id=lidar2&mcvt=1057&p=172,909,452,1245&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1369999010&rs=4&la=0&cr=0&vs=4&r=v&rst=1662576989051&rpt=1621&isd=0&lsd=0&met=mue&wmsd=0
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvGypsg_CK1_6ZZ6tf59CSg2pyqdBtB5i-U3yit-JvI4Jw5OT-HwIMFDHzzwf9t740Bj-9jhua3Mh7Njr0NACEzTJIRmH3PPwBz8Nv80AtjJ0JlH1FrpolAeDLNoy8&sai=AMfl-YQQHhfnQJ9s8hLV-8GcAgH9TBFNpXbVFTQnSKe20t0o8qyM4Ol4SxYlWYK1Xov8unMVBkAmktTLCfvzWTZirLxkV9j5vMJqQN3EDFvGw1aeymMn2TemNWKshITFY77W&sig=Cg0ArKJSzMaWUxYGnsobEAE&cid=CAASKORov2_bYFeHoYg7JE3it5slVrYb5A1Z1K5EdDqgp5W2D2xUnprfY48&id=lidar2&mcvt=1057&p=172,909,452,1245&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1369999010&rs=4&la=0&cr=0&vs=4&r=v&rst=1662576989051&rpt=1621&isd=0&lsd=0&met=mue&wmsd=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 07 Sep 2022 18:56:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900022.redintelligence.net/viewability?s=75625300165360104438340012075022&a=00ba8397&vb=m
144.76.104.53200 OK 0 B URL HTTP/1.1 hal900022.redintelligence.net/viewability?s=75625300165360104438340012075022&a=00ba8397&vb=m
IP 144.76.104.53:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=75625300165360104438340012075022&a=00ba8397&vb=m HTTP/1.1
Host: hal900022.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900022.redintelligence.net/request_content.php?s=75625300165360104438340012075022&a=847d1a75
Cookie: 8lcfmzhxc8d6_uid=44db9ea6d91f6db7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:38 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
sync.quantumdex.io/setuid?bidder=ix&uid=0
104.22.36.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=ix&uid=0
IP 104.22.36.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.casalemedia.com/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa60e95a15f4-ARN
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=appnexus&uid=0
104.22.36.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=appnexus&uid=0
IP 104.22.36.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=appnexus&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa60e97815f4-ARN
X-Firefox-Spdy: h2
visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=OMDdcm-c28418195-p343990532&env=j&i=no&aid=535739283&pid=343990532&cid=176437708&sid=5830252&rid=176605521&rnd=tq1zk2si8i&v=1b&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&med=https%3A%2F%2Fee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
143.204.55.51200 OK 43 B URL HTTP/2 visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=OMDdcm-c28418195-p343990532&env=j&i=no&aid=535739283&pid=343990532&cid=176437708&sid=5830252&rid=176605521&rnd=tq1zk2si8i&v=1b&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&med=https%3A%2F%2Fee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross
IP 143.204.55.51:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit.gif?event=iv-inview&f=yes&t=OMDdcm-c28418195-p343990532&env=j&i=no&aid=535739283&pid=343990532&cid=176437708&sid=5830252&rid=176605521&rnd=tq1zk2si8i&v=1b&gdpr=1&gdpr_consent=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&med=https%3A%2F%2Fee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&m=cross HTTP/1.1
Host: visitanalytics.userreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 01:39:39 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DZRPftv_WP3pBe2kPfW2n_0PahTO3jA_UqZJo4X1rrSW7zJ9OIyZ7A==
age: 62221
X-Firefox-Spdy: h2
ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
54.147.206.141302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
IP 54.147.206.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:56:38 GMT
content-length: 0
location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:56:38 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.19.126200 OK 79 kB URL HTTP/2 r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.19.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 6c3854defac06e64703ac5cfbea32507
a2dbb5bd2765c21b0a8594b22e89da2672d4a1bb
ed77252f98465bce35a0ac6e3d6fd056f5c0c465ad4f60b3a284cce5a59076aa
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: text/html
cf-ray: 7471aa5fbf480b02-OSL
cache-control: no-cache
expires: 0
vary: Is-Traffic-Usersync, Accept-Encoding
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kca03J44jzXV1pEXsghZgBdpWhrTU4NVCIju1%2BekSynab7n3LXuGx1sgZPZZvlldd2C%2BFBC5Q%2B%2BdDz44rO6yC5Xn1Vdu4eO1JUFk%2Bsji44%2BoBgr3n7JZc4aqCXdhChQk3LrK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: eb9eae10-8df8-413d-b8a3-e54bc68aca1b
Set-Cookie: uuid2=5704764666701595707; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 92778e78-4ca4-41da-9a27-4453c453559d
Set-Cookie: uuid2=92246596730359845; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 4c094291-1faa-42d5-9427-30e58113af17
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 0cbaf48c-d409-40f3-8124-d8a7f7c709b8
Set-Cookie: uuid2=3674680245479118026; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 9ce13264-52e5-4906-a9ed-b65a0ef1e22c
Set-Cookie: uuid2=2348517138069864088; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 06-Dec-2022 18:56:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5b7a64e5-11cf-4e09-b497-fb44f2e43ece
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908
104.22.36.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908
IP 104.22.36.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa627b5815f4-ARN
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: ff8947e3-25ca-43b0-aca7-759ec174eb0e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Sep 2022 18:56:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 8b6e81f4-eb1d-4078-b95f-0cf81ff60807
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/66/1?_=1662576992503
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/66/1?_=1662576992503
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/66/1?_=1662576992503 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Nsrva0YLnfvCmwV1yxDJuWmlb7t7LEIAVxc_QuSSp7yBxWVxlEJMfA==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:39 GMT
age: 0
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-timer: S1662576999.372407,VS0,VE2
content-length: 43
X-Firefox-Spdy: h2
hal900022.redintelligence.net/viewability?s=75625300165360104438340012075022&a=00ba8397&vb=v
144.76.104.53200 OK 0 B URL HTTP/1.1 hal900022.redintelligence.net/viewability?s=75625300165360104438340012075022&a=00ba8397&vb=v
IP 144.76.104.53:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=75625300165360104438340012075022&a=00ba8397&vb=v HTTP/1.1
Host: hal900022.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900022.redintelligence.net/request_content.php?s=75625300165360104438340012075022&a=847d1a75
Cookie: 8lcfmzhxc8d6_uid=44db9ea6d91f6db7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:56:39 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/67/1?_=1662576993521
151.101.86.133200 OK 43 B URL HTTP/2 t.seenthis.se/v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/67/1?_=1662576993521
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /v3/12hmaprzj2269t9rd93krn8if8y42hmaprzj53sa4phxw616xtepsy735rgniab8fue313g491mthfizaaenrra95pb3ngx4iatc1wey4cqsdpwd3iiaee2ddjijguf3332f02rg12rc6uqmh2s735vnz21ku/67/1?_=1662576993521 HTTP/1.1
Host: t.seenthis.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
server: AmazonS3
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3h8GC2SGEZC0LW4hKoYW1bs9OgE0ZiUP5g6_Q4hBeY-kWgOifldSYQ==
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:56:40 GMT
age: 1520
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
x-served-by: cache-bma1632-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 33777
x-timer: S1662577000.481103,VS0,VE0
content-length: 43
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/javascript
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
cf-cache-status: HIT
age: 2613399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gowO1jsf86I7PLG6i%2FsVC86mSe4vmOz0IXGy9AOehdsRB5JrDV5A0jN%2Bx4yOUk3lzme2SLtjiip0lQ%2BDRypmPhCs5O9K31OsqJYRCREyrewNjRKjLprLFyzwdHt3zzQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa41bc5e0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 221
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156813&sc=1&pr=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID&umc=PM_UID&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81302 Found 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156813&sc=1&pr=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID&umc=PM_UID&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=156813&sc=1&pr=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID&umc=PM_UID&u=AD80E806-AE7E-474C-B960-4546B201FFF9&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:56:36 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=PM_UID
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 221
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:34 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.52.86:0
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: ZUddLZ7O1OXf5c7mbsWs7TcoRwu0BI4ksS03RiIChmRO18bIYMRt5FOdSTEoWZMKdnrBtFadaeE=
x-amz-request-id: 5NBR7FENRJFAM1VR
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3011
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7471aa4e79d9b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 589556
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 1441756
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
143.204.55.94200 OK 0 B URL HTTP/2 get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
IP 143.204.55.94:0
GET /sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 11:27:48 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Sep 2022 18:01:04 GMT
cache-control: public, max-age=3600
etag: W/"1189c5a8ecdf7c98ae5c3cd6f9e52fee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x25xxP6hjXClgq-PpUYu2XAmfSMNoWv3azEts0USDghMiaCG1BgxcQ==
age: 3328
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cy1.sabadosnegros.org/
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 421429
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
IP 104.18.19.126:0
GET /usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: text/html; charset=iso-8859-1
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
cf-ray: 7471aa5dac69b4eb-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YxjpZsZu4-JXSDpBfgZKmwAA;domain=casalemedia.com;path=/;expires=Thu, 07 Sep 2023 18:56:38 GMT
CMPS=4506;domain=casalemedia.com;path=/;expires=Tue, 06 Dec 2022 18:56:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqA4cbyqPPGlFdN%2BeRFu9xUM%2BI0L7yMpCzNvIAeRBx3Vul8Thz9Zb4snWLOSGxKv8uFKxi09v3%2Bznk%2FdiuopuGu2Q9mPVnZdSw4%2Fx1Xklt0B0yytaMqkWPTAH3Gx12PgsAhSuVti4jhp2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
46.4.104.244200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 46.4.104.244:0
ASN #24940 Hetzner Online GmbH
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 224
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
i.connectad.io/api/v2
104.22.54.206200 OK 0 B IP 104.22.54.206:0
POST /api/v2 HTTP/1.1
Host: i.connectad.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1001
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: https://cy1.sabadosnegros.org
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa421eebb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
104.22.36.96200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP 104.22.36.96:0
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Sat, 17 Sep 2022 18:56:37 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa5bdba815f4-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.10:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 18:56:36 GMT
date: Wed, 07 Sep 2022 18:56:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
104.22.36.96200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP 104.22.36.96:0
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Sat, 17 Sep 2022 18:56:37 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa5ada9215f4-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241200 OK 0 B IP 172.67.75.241:0
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cy1.sabadosnegros.org/
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:33 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx8f96abf3ffca4f6b87bcc-006318e961
access-control-allow-credentials: true
x-amz-request-id: tx8f96abf3ffca4f6b87bcc-006318e961
last-modified: Tue, 10 May 2022 09:57:31 GMT
etag: W/"2430496689c00115831347992a974246"
cache-control: public, max-age=1800
x-amz-version-id: 1652176651393042
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otWNULxfl00K%2FVn1tRQ85eY%2Ff5UGNq4UITXcgebPd1NMRmqK9DtZMNZhVVuNQX%2FliQci7BMWVQuz2Gp0b2XGpQbAyK7VnVEriWhVdIqR5Prwg%2FH%2F2Z56LVed3Tj38tor"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471aa433922b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/interstitial_ad_frame_fy2021.js
142.250.74.33200 OK 0 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP 142.250.74.33:0
GET /pagead/js/r20220901/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ee02627a6a5961532cdf8d8378a1999c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 8323
x-xss-protection: 0
date: Wed, 07 Sep 2022 17:45:08 GMT
expires: Wed, 21 Sep 2022 17:45:08 GMT
cache-control: public, max-age=1209600
etag: 7491863130654952680
content-type: text/javascript; charset=UTF-8
age: 4288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fcy1.sabadosnegros.org%2F&domain=cy1.sabadosnegros.org&gdprString=CPe-R2OPe-R2OAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://cy1.sabadosnegros.org
server-processing-duration-in-ticks: 969155
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cy1.sabadosnegros.org/Auf-ein-Tattoo-vorbereiten-2073
172.67.164.48200 OK 0 B URL HTTP/2 cy1.sabadosnegros.org/Auf-ein-Tattoo-vorbereiten-2073
IP 172.67.164.48:0
GET /Auf-ein-Tattoo-vorbereiten-2073 HTTP/1.1
Host: cy1.sabadosnegros.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.15
cache-control: max-age=86400
expires: Thu, 08 Sep 2022 18:56:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coO2CN%2BFX6PnO74%2F254N2Xm3X55wFsmzzBrWF7VOef4oAdGtYMqXe%2Bvz2sNWygKNpZBmWYiOq0uLT9bg4JlgEDveawha5MMPtPpySl0M%2BkpgMjXeA53MHZBv9jOQ2DUQgCvSPcQYKkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7471aa34bdb60b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
104.22.36.96200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP 104.22.36.96:0
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:37 GMT
content-type: text/html
set-cookie: uid=141b7fb1-9bf5-4d18-8624-117251f70760; expires=Sat, 17 Sep 2022 18:56:37 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7471aa5bdbaa15f4-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/65400583?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/65400583?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
GET /watch/65400583?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cy1.sabadosnegros.org
Connection: keep-alive
Referer: https://cy1.sabadosnegros.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/65400583/1?wmode=7&page-url=https%3A%2F%2Fcy1.sabadosnegros.org%2FAuf-ein-Tattoo-vorbereiten-2073&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93nlmgz5gl4o%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A623828633793%3Ahid%3A26671566%3Az%3A0%3Ai%3A20220907185626%3Aet%3A1662576987%3Ac%3A1%3Arn%3A910263680%3Arqn%3A1%3Au%3A1662576987218710611%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576984312%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C36%2C66%2C0%2C251%2C0%2C%2C69%2C3%2C1825%2C1825%2C6%2C643%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576987%3At%3AParatowch%20ar%20gyfer%20tat%C5%B5%20-%20Hawgrymiadau%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 07 Sep 2022 18:56:34 GMT
access-control-allow-origin: https://cy1.sabadosnegros.org
set-cookie: yandexuid=4734235411662576994; Expires=Thu, 07-Sep-2023 18:56:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4734235411662576994; Expires=Thu, 07-Sep-2023 18:56:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=578904491662576994; Path=/; SameSite=None; Secure
i=kCp74H8Nq/r+FLzt3OQLnFD3xE30aaC9x7Ve7072gUrtzb++lKOZMyUu6IT26YKnWqkT7wMMDf+8/dJ1spgiqoQ0A4g=; Expires=Sat, 04-Sep-2032 18:56:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694112994.yrts.1662576994#1694112994.yrtsi.1662576994; Expires=Thu, 07-Sep-2023 18:56:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:56:34 GMT
last-modified: Wed, 07-Sep-2022 18:56:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.19.126200 OK 0 B URL HTTP/2 r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.19.126:0
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:56:38 GMT
content-type: text/html
cf-ray: 7471aa5fbf530b02-OSL
cache-control: no-cache
expires: 0
vary: Is-Traffic-Usersync, Accept-Encoding
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGWQRZzjKWUQanpVipte4ecwzdifxhHUh5izgohmzHZXd%2F6dLjaoXyYVPgFGqwSmEjgzyv6SGLvOvUBJMVQj0spB3uF7nJRe5LUHn0wi7udIj%2BQi0%2Flf58%2FbXVhYdceuT3b1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2