r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15136
Expires: Thu, 02 Feb 2023 10:34:54 GMT
Date: Thu, 02 Feb 2023 06:22:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15785
Expires: Thu, 02 Feb 2023 10:45:43 GMT
Date: Thu, 02 Feb 2023 06:22:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9648
Expires: Thu, 02 Feb 2023 09:03:26 GMT
Date: Thu, 02 Feb 2023 06:22:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 05:43:28 GMT
content-type: application/json
age: 2350
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Kv6Tn1YMfq2g1GIyLJ8Eh/Ux8Bo7BSdlwJilU6yft3wlBkVmAtCOvKYOxEJqbE2lP8U1cbOtF7g=
x-amz-request-id: BQ1FFD6MNJJAMQGV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 05:51:51 GMT
age: 1847
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cee6b5e091d9dac25d331293626884c3
1c5e975651092cac0bbfbdc57842ef16383e3d75
9260141045b0d71353ec91c9b439d9bc7bd53ec8730ceda92235c396b088cef5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9260141045B0D71353EC91C9B439D9BC7BD53EC8730CEDA92235C396B088CEF5"
Last-Modified: Wed, 01 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 12:22:38 GMT
Date: Thu, 02 Feb 2023 06:22:38 GMT
Connection: keep-alive
v.ht/KoreaSexyMovies2023
69.61.26.123200 OK 1.5 kB IP 69.61.26.123:0
ASN #141518 Subhosting Innovations Pvt Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2898)
Hash 3ff140359c8ac52e4817df71dd3ad286
e3537d773b3662b1f24b3da71037069eacad1606
1fee8cbe339aea96f8f4c18608a7856ad078ccce175dbcc938391f677967512a
GET /KoreaSexyMovies2023 HTTP/1.1
Host: v.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: Hotcores.com
Date: Thu, 02 Feb 2023 06:18:02 GMT
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
I-AM: Gamma
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-31510493-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-31510493-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 15cd898d6a29127b1355b21c4772882e
d6d5e3aac632ea86292e3da798488b9bd0f2609d
8016dc3da71020e7842e03b93b13ff53a81ee3503327951b20c7ce437dcdfc2d
GET /gtag/js?id=UA-31510493-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 06:22:38 GMT
expires: Thu, 02 Feb 2023 06:22:38 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43938
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v.ht/favicon.ico
69.61.26.123200 OK 5.6 kB IP 69.61.26.123:0
ASN #141518 Subhosting Innovations Pvt Ltd
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash fefbb5bb6c09c6643e94990e6f962326
afaaadd8fb27276dd18d2787f866f9dab63bbbc6
a14802cebff30c079712ab95f415676e1160175808349d4f4eb899983ddf8b42
GET /favicon.ico HTTP/1.1
Host: v.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/KoreaSexyMovies2023
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Hotcores.com
Date: Thu, 02 Feb 2023 06:18:03 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 07 May 2013 07:26:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5188aca7-3aee"
Expires: Thu, 09 Feb 2023 06:18:03 GMT
Cache-Control: max-age=604800
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
www.googletagservices.com/tag/js/gpt.js
142.250.74.162200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (39375)
Hash 67ae3a7ee31967c6d5287dfe3cea5353
5b9268fa4445992d793816a10df4e0a79f37546f
52241b1165b4b2a79635da59c2a158a85d6587651d374c4b1bf2f026902962ac
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27561
date: Thu, 02 Feb 2023 06:22:38 GMT
expires: Thu, 02 Feb 2023 06:22:38 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1470 / 985 of 1000 / last-modified: 1675292875"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 05:41:43 GMT
age: 2455
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 05:45:20 GMT
expires: Thu, 02 Feb 2023 07:45:20 GMT
cache-control: public, max-age=7200
age: 2238
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
142.250.74.130200 OK 30 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8dd44e3a6add4ac996777d3aa1151797
9035ca2f86569250310c554647c7607f22b24018
6b7f41b1a8a921957acc463995e4942896a3ed0995765b36754ed19719db0fb5
GET /pagead/ppub_config?ippd=v.ht HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v.ht
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Thu, 02 Feb 2023 06:22:38 GMT
expires: Thu, 02 Feb 2023 06:22:38 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 30
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 06:37:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js
142.250.74.130200 OK 134 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 134 kB (133524 bytes)
Hash 9c93b9ff40ce76eec31a00d6f37be983
e61107e891bc0cc85d1ee5604a9124b57e487dcd
096ba462c6c3d33809551b9c74320441ff97dae9da3dc33d4f99f4d60d5dd934
GET /gpt/pubads_impl_2023012601.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 133524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:57:28 GMT
expires: Fri, 26 Jan 2024 16:57:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
content-type: text/javascript
age: 566710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15008
Expires: Thu, 02 Feb 2023 10:32:47 GMT
Date: Thu, 02 Feb 2023 06:22:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=v.ht
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=v.ht
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=v.ht HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 06:22:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=v.ht
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=v.ht
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=v.ht HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 06:22:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ffb9135ef9bed67cfc2928fd5937c4aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 ffb9135ef9bed67cfc2928fd5937c4aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: ffb9135ef9bed67cfc2928fd5937c4aa.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 02 Feb 2023 06:22:39 GMT
expires: Fri, 02 Feb 2024 06:22:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.153.123101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.153.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kgx8djPOlQde6GQakwb5Zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +58LKQITdOChCR41mA+qa7+Hhfk=
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
172.217.21.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 172.217.21.162:0
File type JSON data\012- , ASCII text, with very long lines (14678), with no line terminators
Hash 5b45a45df636598e064d2b6c3068661e
e0781e93056891c16182a3430c283779c51f819b
59e2882d5d6d27e80616d5bab3096a1f14052e8dc85d00f869daf50ad2c0437c
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v.ht
Connection: keep-alive
Referer: https://v.ht/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 02 Feb 2023 06:22:39 GMT
server: cafe
content-length: 11082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e40ba7fa4f64f264eac9ea93576f9f0
1422abfd3a9d1539c2ae1cabcfe31da577c66f82
9b030e5b07083eac1419ff16cafad1cfb46bc4d031212fd7717fc41e4d6c0674
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B030E5B07083EAC1419FF16CAFAD1CFB46BC4D031212FD7717FC41E4D6C0674"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Thu, 02 Feb 2023 08:04:14 GMT
Date: Thu, 02 Feb 2023 06:22:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dereferer.me/static/images/backgrounds/bg2.jpg
45.15.23.147200 OK 174 kB URL HTTP/2 dereferer.me/static/images/backgrounds/bg2.jpg
IP 45.15.23.147:0
ASN #203523 Virtono Networks SRL
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 1280x800, components 3\012- data
Size 174 kB (174529 bytes)
Hash 8455b98a457a2269ee74ac5e71015143
d23b31314660c21738b3fd664c0170fbdaebfa23
3f22aa88437099833d84b4e8cc12406282d33d7d1003db5f45f7cb637013f959
GET /static/images/backgrounds/bg2.jpg HTTP/1.1
Host: dereferer.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:39 GMT
content-type: image/jpeg
content-length: 174529
last-modified: Thu, 06 May 2021 20:45:14 GMT
server: Dereferer.me
x-powered-by: Layer7 Cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
dereferer.me/static/images/favicon.ico
45.15.23.147200 OK 1.2 kB URL HTTP/2 dereferer.me/static/images/favicon.ico
IP 45.15.23.147:0
ASN #203523 Virtono Networks SRL
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3565246ae36474ac91e7ba2ce459f97e
72be7c309e338663e62a1de40629dcfd6075aae5
21d4982d7da0b157eb6386127e5ecccf5aa21b8b3590eeee666678820868f1b2
GET /static/images/favicon.ico HTTP/1.1
Host: dereferer.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:39 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Thu, 06 May 2021 20:45:14 GMT
server: Dereferer.me
x-powered-by: Layer7 Cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15039
Expires: Thu, 02 Feb 2023 10:33:19 GMT
Date: Thu, 02 Feb 2023 06:22:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15039
Expires: Thu, 02 Feb 2023 10:33:19 GMT
Date: Thu, 02 Feb 2023 06:22:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kJt9M6jkAc3_ouNRDkJ76Njz9yKNesoJjBK_ja3dTcz5oiowk6LKbQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:10 GMT
age: 28650
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1d06527f75868ea84da730b7c8b5660
6c0cb65a477d6bc7d013529411d5735bd39e3d46
2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S012XKdrl7ID1qnfD-G2fcAxWoseP_mAnaDi12Y-UmdBW8yXgGlpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 29034
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 30974
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 30182
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4392f298c9e98515493f1235810838f
b89eebf2b8adac69487262100b07da8bc171ecf7
b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: 6723d22f-8b16-4fb2-af92-9b3257fc2a1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIHpRoAMFRYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-03b1c6646f63ba716a6298e1;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: alMHzjwJbGegz4F76t9-EhIhCUHgQngtgiZgMo2_MxAIrXqsNxWxBg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 08:16:33 GMT
age: 79567
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dereferer.me/?ohKA32WplvlWDn_5ExJlx6GZAL65-od99mvvW5RDPkeKprB
45.15.23.147200 OK 13 kB URL HTTP/2 dereferer.me/?ohKA32WplvlWDn_5ExJlx6GZAL65-od99mvvW5RDPkeKprB
IP 45.15.23.147:0
ASN #203523 Virtono Networks SRL
Hash 837ac059177e5548be25a8cf37a92597
2015b83139bbdcf8a5f1e61e8ee88911da22b280
2980d959f4983459a1de81eae42a50b13fafc63668d3c838b7cafef6bfcb6c5d
GET /?ohKA32WplvlWDn_5ExJlx6GZAL65-od99mvvW5RDPkeKprB HTTP/1.1
Host: dereferer.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.ht/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-location: https://pastelink.net/4ghiczgw
server: Dereferer.me
x-powered-by: Layer7 Cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 859c7a7aba3b389cb674b1465c97e3b5
82867d6f18e91c7f80031542e6e5cc3fb7f424a8
412a7751a007803d74979c72ea9b6e9de5bc65bd02e6e7cbbc2bf7cfa9e86717
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "412A7751A007803D74979C72EA9B6E9DE5BC65BD02E6E7CBBC2BF7CFA9E86717"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13977
Expires: Thu, 02 Feb 2023 10:15:40 GMT
Date: Thu, 02 Feb 2023 06:22:43 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
104.17.24.14200 OK 772 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (1709)
Hash 91f692d2d32ef5fc39a5994f2a495cbe
39a5b71891b6231ba8be70ba3db7c25ad301fd22
09b18fba62a344db39427fd21c1b6c70778785f1d5627a9e12eec740308d5a3c
GET /ajax/libs/js-cookie/latest/js.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 772
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec5-6d7"
last-modified: Mon, 04 May 2020 16:11:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4261836
expires: Tue, 23 Jan 2024 06:22:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra5a2Ns3GBDQZc1EcF%2FUJEO6gkjAhy0ECMfXpG4tqCspELLdYFCgDqyjsx5lahNN7NCUDy4jp5Yu5saNRIQWV7753IDWLQ2B%2BFjbAm5HayCkSBW6xjzNQ%2BkRm1wxYgYQ6547JHxs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7930d57fea81b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:43 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675318963.dop211.sk1.t,1675318963.cds254.sk1.hn,1675318963.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b3c7159eca35a443ef62336e8b2e20f
29dff39c01c1fff07c38f4d28973e7e8946702e3
7a0085d254de1b56fe5ead6c0ea720dc838774ce09c3ca9037c9c2358e2c7da3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Last-Modified: Thu, 02 Feb 2023 05:47:06 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 279
www.google.com/recaptcha/api.js?onload=captchaLoaded
216.58.207.228200 OK 574 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=captchaLoaded
IP 216.58.207.228:0
File type ASCII text, with very long lines (906), with no line terminators
Hash a199adf4db989e48463996548e16a51c
a987e02682b1473cae1540e841d67f740299eb35
da854278769a474036598be7c95bbd1ee2f3517fbcb1a7b2698fec922654adec
GET /recaptcha/api.js?onload=captchaLoaded HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 02 Feb 2023 06:22:43 GMT
date: Thu, 02 Feb 2023 06:22:43 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 574
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pastelink.net/4ghiczgw
89.35.29.15200 OK 129 kB IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
Size 129 kB (128951 bytes)
Hash 8dcff9389c628d57b4c939156e4f7d9e
5d92d3e1ffbe9bc25a1ecb79bdf959b883a11bc5
81d63149ae90b06f9dc63099e5e2ea488a358209c71cce0a0d0b7cbf8f8fad59
GET /4ghiczgw HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u; expires=Wed, 08-Mar-2023 23:42:42 GMT; Max-Age=2999999; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
pastelink.net/assets/js/script.min.js?q=35
89.35.29.15200 OK 42 kB URL HTTP/2 pastelink.net/assets/js/script.min.js?q=35
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (41470)
Hash 1ab8b6b5ef190e907e38c3c69b974620
7b07d4e94029f8c852492f1063a9bb6d39a8b429
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
GET /assets/js/script.min.js?q=35 HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/4ghiczgw
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: application/javascript
content-length: 41509
last-modified: Thu, 17 Nov 2022 12:00:15 GMT
etag: "6376224f-a225"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
IP 142.250.74.106:0
Hash 110815613e94d97eef03d687534f8240
ca1015e6752a010c69d5872a3758247438b8be52
4436265eb7b4d37e32d36ffb460d786c57bd0e3084dda735e9e3e929b9154568
GET /css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 06:22:43 GMT
date: Thu, 02 Feb 2023 06:22:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
142.250.74.168200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (12513)
Hash 9fdc1e212c85f0f5ea02faf0a908847a
a1d0beaa896c7554314da5465c170ae0525db175
fd55c668b50d825a6b55d6b57e44c7c9c9478c645c9bbce8dcbffb3cfd004708
GET /gtm.js?id=GTM-55WHPWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 06:22:43 GMT
expires: Thu, 02 Feb 2023 06:22:43 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b3c7159eca35a443ef62336e8b2e20f
29dff39c01c1fff07c38f4d28973e7e8946702e3
7a0085d254de1b56fe5ead6c0ea720dc838774ce09c3ca9037c9c2358e2c7da3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Last-Modified: Thu, 02 Feb 2023 05:47:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
pastelink.net/assets/images/debut_light.png
89.35.29.15200 OK 4.3 kB URL HTTP/2 pastelink.net/assets/images/debut_light.png
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type PNG image data, 200 x 200, 1-bit colormap, non-interlaced\012- data
Hash 83db941976fdd4753a7554508d5411c0
7aaf43f69e5368f6fd1c81ce4393b0e702937428
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
GET /assets/images/debut_light.png HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/png
content-length: 4296
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-10c8"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
pastelink.net/assets/images/logo/pastelink-logo.svg
89.35.29.15200 OK 3.4 kB URL HTTP/2 pastelink.net/assets/images/logo/pastelink-logo.svg
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f6f1ee95b8bf8efa95d7387c00ddef3c
b9e91cc91001b6c2b7487ab137a65b8bbdebe723
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
GET /assets/images/logo/pastelink-logo.svg HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/svg+xml
content-length: 3389
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-d3d"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
pastelink.net/assets/images/arrow-down-blue.svg
89.35.29.15200 OK 239 B URL HTTP/2 pastelink.net/assets/images/arrow-down-blue.svg
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e7b3d5bbb68e9eba2de85b37dd825c2e
86f58f498680390e6c96368bc851218fbbea8f87
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
GET /assets/images/arrow-down-blue.svg HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/svg+xml
content-length: 239
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-ef"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adligature.com/pl/prod/rules.js
104.21.93.14200 OK 5.5 kB URL HTTP/2 cdn.adligature.com/pl/prod/rules.js
IP 104.21.93.14:0
File type ASCII text, with very long lines (10359)
Hash ff078bf836721543698ec4cec877a737
8eb01b5f0b517f36738a99781b80d525e5aa0cf4
c8820ceda36666b2868ffe06c2a6a4b7b3329a973b4664e45a260d16dd3850dc
GET /pl/prod/rules.js HTTP/1.1
Host: cdn.adligature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: application/javascript
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
cf-bgj: minify
cf-polished: origSize=29775
etag: W/"d056be6a027ac96037775cb0ef442c8e"
expires: Thu, 02 Feb 2023 06:32:43 GMT
last-modified: Mon, 30 Jan 2023 21:40:11 GMT
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-guploader-uploadid: ADPycdt-gnl-RtAEzkoqHTm1Rdm5EM1yl3iOW7ys2BlGRV4SoT7I6QpvjH-0728A9BKimWVGo22o4LWyik-hhq7QKr3MaLgCnDLT
x-goog-generation: 1675114811074467
x-goog-hash: crc32c=wVZtCQ==, md5=0Fa+agJ6yWA3d1yw70Qsjg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 29775
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLlbjOSBo7Jd06Bzi2l%2B5PkfOPT%2FNRSXXG4U3tZNsfGKS1Xmsi0UnYS0U75S3KYib9IVmVeG%2FSdA64XK9Bal0LhkovmFl%2B%2FfjFjqXpuyRkQz0iuxVe6ygZrZn6Ks0wxTALgsC%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7930d5803a3db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pastelink.net/assets/images/public-black.svg
89.35.29.15200 OK 578 B URL HTTP/2 pastelink.net/assets/images/public-black.svg
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 5eb2017f382939b9d9b27991c55bc20f
2166371910e53a648e86f6060ceeadb402b64bcf
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
GET /assets/images/public-black.svg HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/svg+xml
content-length: 578
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-242"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adligature.com/rules.js/advally-5.6.0.js
104.21.93.14200 OK 58 kB URL HTTP/2 cdn.adligature.com/rules.js/advally-5.6.0.js
IP 104.21.93.14:0
File type ASCII text, with very long lines (4661)
Hash 3b04f6017d44f3ed80b01a2712449cc6
ea12ed67474dcea713d74bd00ed9a19c477c5bee
e1a6284926549daa1192d41c113e064036247932694b91ca18598e1066db6567
GET /rules.js/advally-5.6.0.js HTTP/1.1
Host: cdn.adligature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: application/javascript
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
cf-bgj: minify
cf-polished: origSize=178816
etag: W/"93d406c6937e7a8018d85789ad1193d5"
expires: Thu, 02 Feb 2023 08:08:42 GMT
last-modified: Wed, 14 Dec 2022 18:36:31 GMT
x-guploader-uploadid: ADPycduCsteMaGbGjIZ6EznUxufcVCir7EVjYaZR6ZXwGnBAQhu894amfFQhVE_EuKh08sDUOaeSI96IIxn8fkuKzUMS
x-goog-generation: 1671042991645353
x-goog-hash: crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 178816
cf-cache-status: HIT
age: 841
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY2CsXbsCtTQPBbdJQMXiHHBrX2qbSFAQ732aCoYmAOmuLWSx2zYXsQQ0zt9p6EEL5WGb17LHwMh%2FApweWBvBsc9g5iAN%2BJXTLbM7m88nV9qKgrztZpp472G1NcmfekyARiBhoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7930d5814b20b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pastelink.net/assets/images/logo-bg-90-tl.svg
89.35.29.15200 OK 2.4 kB URL HTTP/2 pastelink.net/assets/images/logo-bg-90-tl.svg
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d3f2a0fc012865e6bfd24a29a25c227e
d46ac4cad5c691194b4ec9cf429973d4a681d39d
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
GET /assets/images/logo-bg-90-tl.svg HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/svg+xml
content-length: 2355
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-933"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
pastelink.net/assets/images/logo/pastelink-logo-contrast.svg
89.35.29.15200 OK 3.6 kB URL HTTP/2 pastelink.net/assets/images/logo/pastelink-logo-contrast.svg
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d71a5d2e9babfa1502808cbf42e5bd67
51133c45d94fcdbb9c2af2577fa0c5f8767dc451
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
GET /assets/images/logo/pastelink-logo-contrast.svg HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/svg+xml
content-length: 3633
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-e31"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
pastelink.net/assets/images/logo-symbol-non-white-bg.svg
89.35.29.15200 OK 4.5 kB URL HTTP/2 pastelink.net/assets/images/logo-symbol-non-white-bg.svg
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 41d96a9c066d1755d3c98d7e81653614
4f4ab8ca5592b6ddff5410942060eb97daeff60b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
GET /assets/images/logo-symbol-non-white-bg.svg HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/assets/css/styles.css?q=35
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/svg+xml
content-length: 4544
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-11c0"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 267434
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 575302
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:55:53 GMT
expires: Fri, 02 Feb 2024 00:55:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
age: 19610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 186008
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.adligature.com/pl/prod/rules.css
104.21.93.14200 OK 625 B URL HTTP/2 cdn.adligature.com/pl/prod/rules.css
IP 104.21.93.14:0
File type ASCII text, with CRLF, LF line terminators
Hash d565015614ae45f2ee922b17adff52ab
988d826684c85b6844b25f2290af7a9357d41e3c
1c07c63eed45a8e077071290bbed5c772bb7f4d90c6b7eb82e26b59d7cf0f4ce
GET /pl/prod/rules.css HTTP/1.1
Host: cdn.adligature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: text/css
x-guploader-uploadid: ADPycdv5L2DRAxA-AMkmPVcWnOAYNqFpIqxBTck5uVli066479Xhz7DYrtr0a8yVFmVWppoR93PjLVlLIO5L8qVFsY3qJw
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
expires: Thu, 02 Feb 2023 06:32:43 GMT
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Mon, 30 Jan 2023 21:40:10 GMT
etag: W/"08ea8c3add92f19bdd3dc8ebabc350d9"
x-goog-generation: 1675114810025849
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 212
x-goog-hash: crc32c=ARUBlw==, md5=COqMOt2S8ZvdPcjrq8NQ2Q==
x-goog-storage-class: MULTI_REGIONAL
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s26wjpkr6SamlPBZDbMLTT1RpqkDx2rhvgoJrFuAkvM50pNpAnTr8rEzQc0%2BQcVtJx2nTuXnRR%2FZaQ9LZYglSQN0Zt3MYJ7NgWomuj%2FQ2j0ymDJ9Jn8g%2BP9XuKBP7jVjOhW5ko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7930d5814b22b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pastelink.net/pastelink.ico
89.35.29.15200 OK 1.2 kB URL HTTP/2 pastelink.net/pastelink.ico
IP 89.35.29.15:0
ASN #25369 Hydra Communications Ltd
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1f0d33605902de6d41c17d758e71ef33
ed4dcec498714ccf9d6ede0a12bfa158782206ba
a8c6250ba48b8d89665f7c01908a2ee96a97af2490d07a75df68f1ddcaba21c1
GET /pastelink.ico HTTP/1.1
Host: pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/4ghiczgw
Cookie: PHPSESSID=ib17d45hlm1h5re9io41eips8u; _gcl_au=1.1.155680805.1675318989; _ga_S3DKHVPF03=GS1.1.1675318988.1.0.1675318988.0.0.0; _ga=GA1.1.1658890894.1675318989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:22:43 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
etag: "6347f703-47e"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.207.227200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 220389
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 05:45:20 GMT
expires: Thu, 02 Feb 2023 07:45:20 GMT
cache-control: public, max-age=7200
age: 2243
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 138 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
Size 138 kB (138470 bytes)
Hash 51d5ee0e38427311d896c68af8ae1e72
3e1434c79e071338505899091bc43e0a71a29b74
d9d72ba53036835bb49233178381872677c0ca303f92e93aa4dc3c5259a17916
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27561
date: Thu, 02 Feb 2023 06:22:43 GMT
expires: Thu, 02 Feb 2023 06:22:43 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1470 / 96 of 1000 / last-modified: 1675292875"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 3080e3690edde3498ea5dc7dbcf33c7a
67962b28f10c69b5dc2dbcc22060f750e0db8172
75e8a78ee7663b0f16a3155f5a95fd0125f32832872e0dd21e620e2903bb88b0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 06:22:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 10:39:19 GMT
Expires: Wed, 08 Feb 2023 10:39:18 GMT
Etag: "67962b28f10c69b5dc2dbcc22060f750e0db8172"
Cache-Control: max-age=533194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7930d5824e4e1bfa-OSL
pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
51.77.64.70200 OK 53 B URL HTTP/1.1 pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
IP 51.77.64.70:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb962659bbcba6a7ff073653d1b9868
acd17cc76198913814219a4231967c32a9a893aa
bb22b26d14ab74890ca5067a89f75ab8b6698a298892484c96720899db5af5d5
GET /json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region HTTP/1.1
Host: pro.ip-api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Date: Thu, 02 Feb 2023 06:22:43 GMT
Content-Length: 53
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=pastelink.net
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=pastelink.net
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=pastelink.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 06:22:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=pastelink.net
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=pastelink.net
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=pastelink.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 06:22:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
172.217.21.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 172.217.21.162:0
File type JSON data\012- , ASCII text, with very long lines (14881), with no line terminators
Hash e7fd78df0fcddc6e2558a812d596779b
7990712b656798f94c03796b665622549d849a3b
e47337f50eb759f68615db9d1571f388bac78412e7c62a0136f56fa2420e9069
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 02 Feb 2023 06:22:44 GMT
server: cafe
content-length: 11233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03>m=2oe1u0&_p=17181291&cid=1658890894.1675318989&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675318988&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F4ghiczgw&dt=%E2%99%A5%20Korea%20Vids%20%E2%99%A5%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03>m=2oe1u0&_p=17181291&cid=1658890894.1675318989&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675318988&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F4ghiczgw&dt=%E2%99%A5%20Korea%20Vids%20%E2%99%A5%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-S3DKHVPF03>m=2oe1u0&_p=17181291&cid=1658890894.1675318989&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675318988&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F4ghiczgw&dt=%E2%99%A5%20Korea%20Vids%20%E2%99%A5%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://pastelink.net
date: Thu, 02 Feb 2023 06:22:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 02 Feb 2023 06:22:44 GMT
expires: Fri, 02 Feb 2024 06:22:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.97200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.97:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 02 Feb 2023 06:22:44 GMT
expires: Thu, 02 Feb 2023 06:22:44 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ36TvAhicgbPcATAB&v=APEucNXSO27fr78M_QWyfSlZdxRxgnXOfamKCxhFNoWqeKuvlgqOXrrHIuv2s8kKHFdAZxy9AH2mJowUOfjus8MkNv-M9D-3S4xh1KK8Er5d0sCcmEwYrHAFOwlDCOD0zqMY2cRKX1Wl8RcwRi7wSp1UqGixCRREbP_N9JIFeK0K9IH7fLe161Y
142.250.74.98200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ36TvAhicgbPcATAB&v=APEucNXSO27fr78M_QWyfSlZdxRxgnXOfamKCxhFNoWqeKuvlgqOXrrHIuv2s8kKHFdAZxy9AH2mJowUOfjus8MkNv-M9D-3S4xh1KK8Er5d0sCcmEwYrHAFOwlDCOD0zqMY2cRKX1Wl8RcwRi7wSp1UqGixCRREbP_N9JIFeK0K9IH7fLe161Y
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CMX_6gIQ36TvAhicgbPcATAB&v=APEucNXSO27fr78M_QWyfSlZdxRxgnXOfamKCxhFNoWqeKuvlgqOXrrHIuv2s8kKHFdAZxy9AH2mJowUOfjus8MkNv-M9D-3S4xh1KK8Er5d0sCcmEwYrHAFOwlDCOD0zqMY2cRKX1Wl8RcwRi7wSp1UqGixCRREbP_N9JIFeK0K9IH7fLe161Y HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 06:22:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 06:37:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 06:22:44 GMT
cache-control: private
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.162200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.162:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Thu, 02 Feb 2023 06:22:44 GMT
expires: Thu, 02 Feb 2023 06:22:44 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 05:58:24 GMT
expires: Fri, 03 Feb 2023 05:58:24 GMT
cache-control: public, max-age=86400
age: 1460
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pastelink.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 575304
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash c84202220125aee9bd368d2036235130
a18a7c9251c3bc1a5a96de74db84ed5af86ba618
f2f5cf1534589a8934ca4ac301eb38863fc89c48648da9a8807656a2d4a22b94
GET /rtv/012301181928000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pastelink.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61734
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "5b4f5406239652c8"
content-type: text/javascript; charset=UTF-8
age: 217088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 15dbec6a43680f6683938949e1b50562
fd479e89a3460ca0e48b5001aad0a2836df31dab
d08eefabc738f11545330db83c2d3e9a855add08db6b9d9217a15dd783c4f5c8
GET /rtv/012301181928000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pastelink.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f13d3e1d36b26a3d"
content-type: text/javascript; charset=UTF-8
age: 217088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 71f3ba24b0a01ade500d97ad0b8f3617
508b7affbf3e3c2b8bf4f46ebcb69ea29855bf9a
34c90f195073264a8f3e51bb9582b73665f65d7b053a031400c48bf627ca9d69
GET /rtv/012301181928000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pastelink.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28817
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "6eb387830c268337"
content-type: text/javascript; charset=UTF-8
age: 217088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBH3Wz9zSZRv5yHhE4Dtk12YHWqXXm0yeljUdRQcCfyZqaeN__39iBI7KgWkG84U1PRtjmzhEa_cUjNE5Tvy2IuggH0EXOfxpUJgb98dFB97HWWOz_drHzwfRudkmb35sKqzKdKSpcpxvP0lV8EOQgX-drrfHEiq2gwI-V_dYOiHb5KBLHOtE8CoiN7avxSDVBj6aMteHDkuvXSYcNIuFWrJ-hB63Z-sRFQXCgMIDMv5TQ-ehXIxqgyVJ8YB9KpelvhXiWXh_NbVqG8_6Y6AxEstsUNRqq0qT7N0563uyR_C1plKT3O73kT6Lpa5Hv3k0WoGz-JPP8kg3qzPCL3MYZQZFsoDFAZEaGJQZg1AyiehroWDxcic7mC-nfM1Cnw9uyc-wysVHugU920i6SsqxFwe_nBz2kryXBJo37Lx_vAQS-TAUQ-aBGZIz7laM8XV2IXWd3Q0uK-T10lUbjJQgibn5WmHyvQd6vT52IxixhgFd7SYCSh_DSwqi00Mk7fMVVJaZndz4x5evh3Ih-ZhfxYX10GOCm1A2i3w0jorwuIPXdAC_XPJ2RnmMnx9V1FAMy98ACRxSJBDdS9_I_6GD6r3qeknQyjglBa78GMXM0n55ik3TbUxTRV93B8AxWkPSnw7m5TQIx62rqCkV7_DHauyEwKkibGpmSB8fCPzQZXmJHio5zPr-XKbeNI3RHZkBukU-JCQllGtg_hfFtVQgb78h4aeg6G9s0OVfNyvR5m7hgApekNdW9lHQZrwO91QRe4VNztv2pBcwJi3-LhEJh6a7jL-SMxSxuSvhvGkx-zAszuTLGPdZHxgjTAK2mlG9nIctjLu6xMRMl8bx8BveEFRzTETI_NWjRej-DXsDwsWIZXbCC1c1NzQVPWB3wYA3gck9bHGoswOakOo_i2L9tHz6kGZs6YjSLGZyKf44iiG2JBoR6f8n_A-JDWIGwWiTfiYlt7UbLZ_26-IfGeqV2mVHNAAsdQ8Cs7XJd_YFu8nS2Wx2s5uTuOW_UlM69mHMyCB7K4WLya0PkYSfFMYLH5MAfoCoBKRAr60MPE7uS9MfblkwIk9e9qXm6E6BK-448Qg9P0jptUjfLKGukn8oK0QcxH64XLUxTRSdsKHHFpkjeTeXH4JzdnIa79NkoZgueNvyVs5wPKRRuascKYuEB_nPhq9Ekeewfvvq_24EKp2-qCkE-0w5kyy3ePaTrWIAs3AOFhQa2AKDr4u6RcmL6cbc8jNDIcWdC&sai=AMfl-YSARzeX2JCIV8QnpDg5NMWRLNadqXp8WymRK6GaQJlw8RfepoLZk5K0xWEjcXRcGnnUI103DMY6_yolF2MZRmtGv1htT8WijL_a1dgQZWAdIYaRzbnmueXgXCaMWTyqRI8qx6Kt_9UFa1t7EdKc9N6i9UaI66C9oq3PDD0kcUil24bpmSiQX1LceIzxTOVSddCUMUYi2rwCFt0ZJWaLUcRY1laR5UD6NO_QDegRhJkflwWdtibcCpiiT3bOO1VsnNIUEHY5vnnkGy4mKTMZv0b2mXGXOn2A3y-kRPoPTNteww&sig=Cg0ArKJSzD-RzjFK0gi8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=221&cisv=r20230131.97427&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBH3Wz9zSZRv5yHhE4Dtk12YHWqXXm0yeljUdRQcCfyZqaeN__39iBI7KgWkG84U1PRtjmzhEa_cUjNE5Tvy2IuggH0EXOfxpUJgb98dFB97HWWOz_drHzwfRudkmb35sKqzKdKSpcpxvP0lV8EOQgX-drrfHEiq2gwI-V_dYOiHb5KBLHOtE8CoiN7avxSDVBj6aMteHDkuvXSYcNIuFWrJ-hB63Z-sRFQXCgMIDMv5TQ-ehXIxqgyVJ8YB9KpelvhXiWXh_NbVqG8_6Y6AxEstsUNRqq0qT7N0563uyR_C1plKT3O73kT6Lpa5Hv3k0WoGz-JPP8kg3qzPCL3MYZQZFsoDFAZEaGJQZg1AyiehroWDxcic7mC-nfM1Cnw9uyc-wysVHugU920i6SsqxFwe_nBz2kryXBJo37Lx_vAQS-TAUQ-aBGZIz7laM8XV2IXWd3Q0uK-T10lUbjJQgibn5WmHyvQd6vT52IxixhgFd7SYCSh_DSwqi00Mk7fMVVJaZndz4x5evh3Ih-ZhfxYX10GOCm1A2i3w0jorwuIPXdAC_XPJ2RnmMnx9V1FAMy98ACRxSJBDdS9_I_6GD6r3qeknQyjglBa78GMXM0n55ik3TbUxTRV93B8AxWkPSnw7m5TQIx62rqCkV7_DHauyEwKkibGpmSB8fCPzQZXmJHio5zPr-XKbeNI3RHZkBukU-JCQllGtg_hfFtVQgb78h4aeg6G9s0OVfNyvR5m7hgApekNdW9lHQZrwO91QRe4VNztv2pBcwJi3-LhEJh6a7jL-SMxSxuSvhvGkx-zAszuTLGPdZHxgjTAK2mlG9nIctjLu6xMRMl8bx8BveEFRzTETI_NWjRej-DXsDwsWIZXbCC1c1NzQVPWB3wYA3gck9bHGoswOakOo_i2L9tHz6kGZs6YjSLGZyKf44iiG2JBoR6f8n_A-JDWIGwWiTfiYlt7UbLZ_26-IfGeqV2mVHNAAsdQ8Cs7XJd_YFu8nS2Wx2s5uTuOW_UlM69mHMyCB7K4WLya0PkYSfFMYLH5MAfoCoBKRAr60MPE7uS9MfblkwIk9e9qXm6E6BK-448Qg9P0jptUjfLKGukn8oK0QcxH64XLUxTRSdsKHHFpkjeTeXH4JzdnIa79NkoZgueNvyVs5wPKRRuascKYuEB_nPhq9Ekeewfvvq_24EKp2-qCkE-0w5kyy3ePaTrWIAs3AOFhQa2AKDr4u6RcmL6cbc8jNDIcWdC&sai=AMfl-YSARzeX2JCIV8QnpDg5NMWRLNadqXp8WymRK6GaQJlw8RfepoLZk5K0xWEjcXRcGnnUI103DMY6_yolF2MZRmtGv1htT8WijL_a1dgQZWAdIYaRzbnmueXgXCaMWTyqRI8qx6Kt_9UFa1t7EdKc9N6i9UaI66C9oq3PDD0kcUil24bpmSiQX1LceIzxTOVSddCUMUYi2rwCFt0ZJWaLUcRY1laR5UD6NO_QDegRhJkflwWdtibcCpiiT3bOO1VsnNIUEHY5vnnkGy4mKTMZv0b2mXGXOn2A3y-kRPoPTNteww&sig=Cg0ArKJSzD-RzjFK0gi8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=221&cisv=r20230131.97427&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuBH3Wz9zSZRv5yHhE4Dtk12YHWqXXm0yeljUdRQcCfyZqaeN__39iBI7KgWkG84U1PRtjmzhEa_cUjNE5Tvy2IuggH0EXOfxpUJgb98dFB97HWWOz_drHzwfRudkmb35sKqzKdKSpcpxvP0lV8EOQgX-drrfHEiq2gwI-V_dYOiHb5KBLHOtE8CoiN7avxSDVBj6aMteHDkuvXSYcNIuFWrJ-hB63Z-sRFQXCgMIDMv5TQ-ehXIxqgyVJ8YB9KpelvhXiWXh_NbVqG8_6Y6AxEstsUNRqq0qT7N0563uyR_C1plKT3O73kT6Lpa5Hv3k0WoGz-JPP8kg3qzPCL3MYZQZFsoDFAZEaGJQZg1AyiehroWDxcic7mC-nfM1Cnw9uyc-wysVHugU920i6SsqxFwe_nBz2kryXBJo37Lx_vAQS-TAUQ-aBGZIz7laM8XV2IXWd3Q0uK-T10lUbjJQgibn5WmHyvQd6vT52IxixhgFd7SYCSh_DSwqi00Mk7fMVVJaZndz4x5evh3Ih-ZhfxYX10GOCm1A2i3w0jorwuIPXdAC_XPJ2RnmMnx9V1FAMy98ACRxSJBDdS9_I_6GD6r3qeknQyjglBa78GMXM0n55ik3TbUxTRV93B8AxWkPSnw7m5TQIx62rqCkV7_DHauyEwKkibGpmSB8fCPzQZXmJHio5zPr-XKbeNI3RHZkBukU-JCQllGtg_hfFtVQgb78h4aeg6G9s0OVfNyvR5m7hgApekNdW9lHQZrwO91QRe4VNztv2pBcwJi3-LhEJh6a7jL-SMxSxuSvhvGkx-zAszuTLGPdZHxgjTAK2mlG9nIctjLu6xMRMl8bx8BveEFRzTETI_NWjRej-DXsDwsWIZXbCC1c1NzQVPWB3wYA3gck9bHGoswOakOo_i2L9tHz6kGZs6YjSLGZyKf44iiG2JBoR6f8n_A-JDWIGwWiTfiYlt7UbLZ_26-IfGeqV2mVHNAAsdQ8Cs7XJd_YFu8nS2Wx2s5uTuOW_UlM69mHMyCB7K4WLya0PkYSfFMYLH5MAfoCoBKRAr60MPE7uS9MfblkwIk9e9qXm6E6BK-448Qg9P0jptUjfLKGukn8oK0QcxH64XLUxTRSdsKHHFpkjeTeXH4JzdnIa79NkoZgueNvyVs5wPKRRuascKYuEB_nPhq9Ekeewfvvq_24EKp2-qCkE-0w5kyy3ePaTrWIAs3AOFhQa2AKDr4u6RcmL6cbc8jNDIcWdC&sai=AMfl-YSARzeX2JCIV8QnpDg5NMWRLNadqXp8WymRK6GaQJlw8RfepoLZk5K0xWEjcXRcGnnUI103DMY6_yolF2MZRmtGv1htT8WijL_a1dgQZWAdIYaRzbnmueXgXCaMWTyqRI8qx6Kt_9UFa1t7EdKc9N6i9UaI66C9oq3PDD0kcUil24bpmSiQX1LceIzxTOVSddCUMUYi2rwCFt0ZJWaLUcRY1laR5UD6NO_QDegRhJkflwWdtibcCpiiT3bOO1VsnNIUEHY5vnnkGy4mKTMZv0b2mXGXOn2A3y-kRPoPTNteww&sig=Cg0ArKJSzD-RzjFK0gi8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=221&cisv=r20230131.97427&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 06:22:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 06:37:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 06:22:45 GMT
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash d002971e2ddb3b4efd4dc02db13ee630
da135f871d06963e22f3dc6ec251cfbaed9740ad
a464154b965a79018453f4b97ffa8412a5059b0b521472bfc0e84df5c74d8fac
GET /rtv/012301181928000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pastelink.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12960
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f74ebce85e2cb18a"
content-type: text/javascript; charset=UTF-8
age: 217088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBH3Wz9zSZRv5yHhE4Dtk12YHWqXXm0yeljUdRQcCfyZqaeN__39iBI7KgWkG84U1PRtjmzhEa_cUjNE5Tvy2IuggH0EXOfxpUJgb98dFB97HWWOz_drHzwfRudkmb35sKqzKdKSpcpxvP0lV8EOQgX-drrfHEiq2gwI-V_dYOiHb5KBLHOtE8CoiN7avxSDVBj6aMteHDkuvXSYcNIuFWrJ-hB63Z-sRFQXCgMIDMv5TQ-ehXIxqgyVJ8YB9KpelvhXiWXh_NbVqG8_6Y6AxEstsUNRqq0qT7N0563uyR_C1plKT3O73kT6Lpa5Hv3k0WoGz-JPP8kg3qzPCL3MYZQZFsoDFAZEaGJQZg1AyiehroWDxcic7mC-nfM1Cnw9uyc-wysVHugU920i6SsqxFwe_nBz2kryXBJo37Lx_vAQS-TAUQ-aBGZIz7laM8XV2IXWd3Q0uK-T10lUbjJQgibn5WmHyvQd6vT52IxixhgFd7SYCSh_DSwqi00Mk7fMVVJaZndz4x5evh3Ih-ZhfxYX10GOCm1A2i3w0jorwuIPXdAC_XPJ2RnmMnx9V1FAMy98ACRxSJBDdS9_I_6GD6r3qeknQyjglBa78GMXM0n55ik3TbUxTRV93B8AxWkPSnw7m5TQIx62rqCkV7_DHauyEwKkibGpmSB8fCPzQZXmJHio5zPr-XKbeNI3RHZkBukU-JCQllGtg_hfFtVQgb78h4aeg6G9s0OVfNyvR5m7hgApekNdW9lHQZrwO91QRe4VNztv2pBcwJi3-LhEJh6a7jL-SMxSxuSvhvGkx-zAszuTLGPdZHxgjTAK2mlG9nIctjLu6xMRMl8bx8BveEFRzTETI_NWjRej-DXsDwsWIZXbCC1c1NzQVPWB3wYA3gck9bHGoswOakOo_i2L9tHz6kGZs6YjSLGZyKf44iiG2JBoR6f8n_A-JDWIGwWiTfiYlt7UbLZ_26-IfGeqV2mVHNAAsdQ8Cs7XJd_YFu8nS2Wx2s5uTuOW_UlM69mHMyCB7K4WLya0PkYSfFMYLH5MAfoCoBKRAr60MPE7uS9MfblkwIk9e9qXm6E6BK-448Qg9P0jptUjfLKGukn8oK0QcxH64XLUxTRSdsKHHFpkjeTeXH4JzdnIa79NkoZgueNvyVs5wPKRRuascKYuEB_nPhq9Ekeewfvvq_24EKp2-qCkE-0w5kyy3ePaTrWIAs3AOFhQa2AKDr4u6RcmL6cbc8jNDIcWdC&sai=AMfl-YSARzeX2JCIV8QnpDg5NMWRLNadqXp8WymRK6GaQJlw8RfepoLZk5K0xWEjcXRcGnnUI103DMY6_yolF2MZRmtGv1htT8WijL_a1dgQZWAdIYaRzbnmueXgXCaMWTyqRI8qx6Kt_9UFa1t7EdKc9N6i9UaI66C9oq3PDD0kcUil24bpmSiQX1LceIzxTOVSddCUMUYi2rwCFt0ZJWaLUcRY1laR5UD6NO_QDegRhJkflwWdtibcCpiiT3bOO1VsnNIUEHY5vnnkGy4mKTMZv0b2mXGXOn2A3y-kRPoPTNteww&sig=Cg0ArKJSzD-RzjFK0gi8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=274&dett=3&cstd=221&cisv=r20230131.97427&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBH3Wz9zSZRv5yHhE4Dtk12YHWqXXm0yeljUdRQcCfyZqaeN__39iBI7KgWkG84U1PRtjmzhEa_cUjNE5Tvy2IuggH0EXOfxpUJgb98dFB97HWWOz_drHzwfRudkmb35sKqzKdKSpcpxvP0lV8EOQgX-drrfHEiq2gwI-V_dYOiHb5KBLHOtE8CoiN7avxSDVBj6aMteHDkuvXSYcNIuFWrJ-hB63Z-sRFQXCgMIDMv5TQ-ehXIxqgyVJ8YB9KpelvhXiWXh_NbVqG8_6Y6AxEstsUNRqq0qT7N0563uyR_C1plKT3O73kT6Lpa5Hv3k0WoGz-JPP8kg3qzPCL3MYZQZFsoDFAZEaGJQZg1AyiehroWDxcic7mC-nfM1Cnw9uyc-wysVHugU920i6SsqxFwe_nBz2kryXBJo37Lx_vAQS-TAUQ-aBGZIz7laM8XV2IXWd3Q0uK-T10lUbjJQgibn5WmHyvQd6vT52IxixhgFd7SYCSh_DSwqi00Mk7fMVVJaZndz4x5evh3Ih-ZhfxYX10GOCm1A2i3w0jorwuIPXdAC_XPJ2RnmMnx9V1FAMy98ACRxSJBDdS9_I_6GD6r3qeknQyjglBa78GMXM0n55ik3TbUxTRV93B8AxWkPSnw7m5TQIx62rqCkV7_DHauyEwKkibGpmSB8fCPzQZXmJHio5zPr-XKbeNI3RHZkBukU-JCQllGtg_hfFtVQgb78h4aeg6G9s0OVfNyvR5m7hgApekNdW9lHQZrwO91QRe4VNztv2pBcwJi3-LhEJh6a7jL-SMxSxuSvhvGkx-zAszuTLGPdZHxgjTAK2mlG9nIctjLu6xMRMl8bx8BveEFRzTETI_NWjRej-DXsDwsWIZXbCC1c1NzQVPWB3wYA3gck9bHGoswOakOo_i2L9tHz6kGZs6YjSLGZyKf44iiG2JBoR6f8n_A-JDWIGwWiTfiYlt7UbLZ_26-IfGeqV2mVHNAAsdQ8Cs7XJd_YFu8nS2Wx2s5uTuOW_UlM69mHMyCB7K4WLya0PkYSfFMYLH5MAfoCoBKRAr60MPE7uS9MfblkwIk9e9qXm6E6BK-448Qg9P0jptUjfLKGukn8oK0QcxH64XLUxTRSdsKHHFpkjeTeXH4JzdnIa79NkoZgueNvyVs5wPKRRuascKYuEB_nPhq9Ekeewfvvq_24EKp2-qCkE-0w5kyy3ePaTrWIAs3AOFhQa2AKDr4u6RcmL6cbc8jNDIcWdC&sai=AMfl-YSARzeX2JCIV8QnpDg5NMWRLNadqXp8WymRK6GaQJlw8RfepoLZk5K0xWEjcXRcGnnUI103DMY6_yolF2MZRmtGv1htT8WijL_a1dgQZWAdIYaRzbnmueXgXCaMWTyqRI8qx6Kt_9UFa1t7EdKc9N6i9UaI66C9oq3PDD0kcUil24bpmSiQX1LceIzxTOVSddCUMUYi2rwCFt0ZJWaLUcRY1laR5UD6NO_QDegRhJkflwWdtibcCpiiT3bOO1VsnNIUEHY5vnnkGy4mKTMZv0b2mXGXOn2A3y-kRPoPTNteww&sig=Cg0ArKJSzD-RzjFK0gi8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=274&dett=3&cstd=221&cisv=r20230131.97427&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuBH3Wz9zSZRv5yHhE4Dtk12YHWqXXm0yeljUdRQcCfyZqaeN__39iBI7KgWkG84U1PRtjmzhEa_cUjNE5Tvy2IuggH0EXOfxpUJgb98dFB97HWWOz_drHzwfRudkmb35sKqzKdKSpcpxvP0lV8EOQgX-drrfHEiq2gwI-V_dYOiHb5KBLHOtE8CoiN7avxSDVBj6aMteHDkuvXSYcNIuFWrJ-hB63Z-sRFQXCgMIDMv5TQ-ehXIxqgyVJ8YB9KpelvhXiWXh_NbVqG8_6Y6AxEstsUNRqq0qT7N0563uyR_C1plKT3O73kT6Lpa5Hv3k0WoGz-JPP8kg3qzPCL3MYZQZFsoDFAZEaGJQZg1AyiehroWDxcic7mC-nfM1Cnw9uyc-wysVHugU920i6SsqxFwe_nBz2kryXBJo37Lx_vAQS-TAUQ-aBGZIz7laM8XV2IXWd3Q0uK-T10lUbjJQgibn5WmHyvQd6vT52IxixhgFd7SYCSh_DSwqi00Mk7fMVVJaZndz4x5evh3Ih-ZhfxYX10GOCm1A2i3w0jorwuIPXdAC_XPJ2RnmMnx9V1FAMy98ACRxSJBDdS9_I_6GD6r3qeknQyjglBa78GMXM0n55ik3TbUxTRV93B8AxWkPSnw7m5TQIx62rqCkV7_DHauyEwKkibGpmSB8fCPzQZXmJHio5zPr-XKbeNI3RHZkBukU-JCQllGtg_hfFtVQgb78h4aeg6G9s0OVfNyvR5m7hgApekNdW9lHQZrwO91QRe4VNztv2pBcwJi3-LhEJh6a7jL-SMxSxuSvhvGkx-zAszuTLGPdZHxgjTAK2mlG9nIctjLu6xMRMl8bx8BveEFRzTETI_NWjRej-DXsDwsWIZXbCC1c1NzQVPWB3wYA3gck9bHGoswOakOo_i2L9tHz6kGZs6YjSLGZyKf44iiG2JBoR6f8n_A-JDWIGwWiTfiYlt7UbLZ_26-IfGeqV2mVHNAAsdQ8Cs7XJd_YFu8nS2Wx2s5uTuOW_UlM69mHMyCB7K4WLya0PkYSfFMYLH5MAfoCoBKRAr60MPE7uS9MfblkwIk9e9qXm6E6BK-448Qg9P0jptUjfLKGukn8oK0QcxH64XLUxTRSdsKHHFpkjeTeXH4JzdnIa79NkoZgueNvyVs5wPKRRuascKYuEB_nPhq9Ekeewfvvq_24EKp2-qCkE-0w5kyy3ePaTrWIAs3AOFhQa2AKDr4u6RcmL6cbc8jNDIcWdC&sai=AMfl-YSARzeX2JCIV8QnpDg5NMWRLNadqXp8WymRK6GaQJlw8RfepoLZk5K0xWEjcXRcGnnUI103DMY6_yolF2MZRmtGv1htT8WijL_a1dgQZWAdIYaRzbnmueXgXCaMWTyqRI8qx6Kt_9UFa1t7EdKc9N6i9UaI66C9oq3PDD0kcUil24bpmSiQX1LceIzxTOVSddCUMUYi2rwCFt0ZJWaLUcRY1laR5UD6NO_QDegRhJkflwWdtibcCpiiT3bOO1VsnNIUEHY5vnnkGy4mKTMZv0b2mXGXOn2A3y-kRPoPTNteww&sig=Cg0ArKJSzD-RzjFK0gi8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=274&dett=3&cstd=221&cisv=r20230131.97427&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 06:22:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 06:37:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 06:22:45 GMT
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182808&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&turl=https://pastelink.net/4ghiczgw&DVP_PP_BUNDLE_ID=
23.33.119.16200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182808&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&turl=https://pastelink.net/4ghiczgw&DVP_PP_BUNDLE_ID=
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182808&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&turl=https://pastelink.net/4ghiczgw&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Thu, 02 Feb 2023 06:22:45 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&turl=https://pastelink.net/4ghiczgw&DVP_PP_BUNDLE_ID=
23.33.119.16200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&turl=https://pastelink.net/4ghiczgw&DVP_PP_BUNDLE_ID=
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&turl=https://pastelink.net/4ghiczgw&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Thu, 02 Feb 2023 06:22:45 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src_internal117.js
23.33.119.16200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Thu, 02 Feb 2023 06:22:45 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaZaPH7W5hzhzm4u90bm4MMyKNaUhPU4EodS3TRLwF8vaDTw4NKLsEwBTxvZiKTSFuWj5DkKKz2_XgcQiVPTckXlRJiCYeOErlGIdCXjYYMIEf1lBK4OboSi-SAB5mJBbhAI8QSQ&sai=AMfl-YTJjJDGPnu0tScqXqnMh5CK6eu8l1fBRkykSs4ABnYj1-9O8-igy185bjF7VBzvYpGiC_siqxO46CG7t-ZiXSZSnWhgJibm567BHvHayDo_spUdw7gf2c6MOISGsEoMHyPQf1dWn05q2AQATA&sig=Cg0ArKJSzA0kNNh48cJQEAE&cid=CAQSTADUE5ym912tI2zg9-uz3z2zsfckZYX91vy5T-Kgb_23lbp9lEF7K7-jkgOjVwxgeESbhy3ugbSqf3-iYqbBr1OvDYmC2mGkBXzT-9IYAQ&id=lidar2&mcvt=1000&p=844,270,934,998&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=759513158&rs=4&la=0&cr=0&vs=4&r=v&rst=1675318989538&rpt=400&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
172.217.21.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaZaPH7W5hzhzm4u90bm4MMyKNaUhPU4EodS3TRLwF8vaDTw4NKLsEwBTxvZiKTSFuWj5DkKKz2_XgcQiVPTckXlRJiCYeOErlGIdCXjYYMIEf1lBK4OboSi-SAB5mJBbhAI8QSQ&sai=AMfl-YTJjJDGPnu0tScqXqnMh5CK6eu8l1fBRkykSs4ABnYj1-9O8-igy185bjF7VBzvYpGiC_siqxO46CG7t-ZiXSZSnWhgJibm567BHvHayDo_spUdw7gf2c6MOISGsEoMHyPQf1dWn05q2AQATA&sig=Cg0ArKJSzA0kNNh48cJQEAE&cid=CAQSTADUE5ym912tI2zg9-uz3z2zsfckZYX91vy5T-Kgb_23lbp9lEF7K7-jkgOjVwxgeESbhy3ugbSqf3-iYqbBr1OvDYmC2mGkBXzT-9IYAQ&id=lidar2&mcvt=1000&p=844,270,934,998&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=759513158&rs=4&la=0&cr=0&vs=4&r=v&rst=1675318989538&rpt=400&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjssaZaPH7W5hzhzm4u90bm4MMyKNaUhPU4EodS3TRLwF8vaDTw4NKLsEwBTxvZiKTSFuWj5DkKKz2_XgcQiVPTckXlRJiCYeOErlGIdCXjYYMIEf1lBK4OboSi-SAB5mJBbhAI8QSQ&sai=AMfl-YTJjJDGPnu0tScqXqnMh5CK6eu8l1fBRkykSs4ABnYj1-9O8-igy185bjF7VBzvYpGiC_siqxO46CG7t-ZiXSZSnWhgJibm567BHvHayDo_spUdw7gf2c6MOISGsEoMHyPQf1dWn05q2AQATA&sig=Cg0ArKJSzA0kNNh48cJQEAE&cid=CAQSTADUE5ym912tI2zg9-uz3z2zsfckZYX91vy5T-Kgb_23lbp9lEF7K7-jkgOjVwxgeESbhy3ugbSqf3-iYqbBr1OvDYmC2mGkBXzT-9IYAQ&id=lidar2&mcvt=1000&p=844,270,934,998&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=759513158&rs=4&la=0&cr=0&vs=4&r=v&rst=1675318989538&rpt=400&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 02 Feb 2023 06:22:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash c37e7fcc4fb11ee997043d99b464fa23
068d742ef2391730d4f6839e222cf6175776aa5b
30917aaddec747005f35157115e4bd759bf324532502d884f455925d1e2896af
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 06:22:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 20:45:20 GMT
Expires: Thu, 02 Feb 2023 20:45:20 GMT
ETag: "068d742ef2391730d4f6839e222cf6175776aa5b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_537137231849&jsTagObjCallback=__tagObject_callback_537137231849&num=6&ctx=1828362&cmp=115750&plc=5182808&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=537137231849&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://pastelink.net/4ghiczgw&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=5&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauc89%3A4K8H&dvp_exetime=11.00&callbackName=__verify_callback_537137231849
34.149.12.213200 OK 265 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_537137231849&jsTagObjCallback=__tagObject_callback_537137231849&num=6&ctx=1828362&cmp=115750&plc=5182808&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=537137231849&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://pastelink.net/4ghiczgw&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=5&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauc89%3A4K8H&dvp_exetime=11.00&callbackName=__verify_callback_537137231849
IP 34.149.12.213:0
Hash 3358961214a1815a339ecc2438d5ef51
732f1cdc758f1aa96a2df0a2f85afeb92e09647d
9dd5950a38e7286bf92cb99e71ed0de1efe79bffe6b780376dfc3d12cde17f4c
GET /verify.js?flvr=0&jsCallback=__verify_callback_537137231849&jsTagObjCallback=__tagObject_callback_537137231849&num=6&ctx=1828362&cmp=115750&plc=5182808&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=537137231849&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://pastelink.net/4ghiczgw&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=5&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauc89%3A4K8H&dvp_exetime=11.00&callbackName=__verify_callback_537137231849 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 06:22:46 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/01/2023 06:22:46
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
cdn.doubleverify.com/dv-measurements3497.js
23.33.119.16200 OK 109 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3497.js
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109099 bytes)
Hash 4773cb5cfa2ad0e71d21f43c56c76ae3
39d66090c14e1b5d2f0f3413a34e087b5969d054
76206ee41bcfae347cef25b03589639e616747c9f77e2b3378387ee9e14f3a00
GET /dv-measurements3497.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 08:37:17 GMT
Accept-Ranges: bytes
ETag: "809cf641836d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 109099
Date: Thu, 02 Feb 2023 06:22:46 GMT
Connection: keep-alive
servedby.flashtalking.com/imp/8/115750;5182808;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedNODSKBAN160x600/?ftOBA=1&ft_domain=pastelink.net&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2F&us_privacy=${US_PRIVACY}&cachebuster=702389.3757108331&ft_dv=%5B%25ft_dv%25%5D
104.88.10.141200 OK 772 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182808;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedNODSKBAN160x600/?ftOBA=1&ft_domain=pastelink.net&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2F&us_privacy=${US_PRIVACY}&cachebuster=702389.3757108331&ft_dv=%5B%25ft_dv%25%5D
IP 104.88.10.141:0
File type ASCII text, with CRLF, CR, LF line terminators
Hash 1323b9a9db2f96eaf9bc2d5e7322fd08
0d37787d433bb89b131e1075505c97bd47b10548
c01e55c29d30e94349e1c05ec3f1c9158fe974c9b9673028f3015826395ea723
GET /imp/8/115750;5182808;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedNODSKBAN160x600/?ftOBA=1&ft_domain=pastelink.net&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fpastelink.net%2F&us_privacy=${US_PRIVACY}&cachebuster=702389.3757108331&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app9.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 02 Feb 2023 06:22:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 02 Feb 2023 06:22:46 GMT
Content-Length: 772
Connection: keep-alive
Strict-Transport-Security: max-age=86400
cdn.flashtalking.com/xre/518/5182808/4069573/js/j-5182808-4069573.js
23.38.200.44200 OK 17 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182808/4069573/js/j-5182808-4069573.js
IP 23.38.200.44:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash 1bc37e35f65512a287c5206571724ad2
d4f1118a849a28df6df2f5f18524c24e4c028ee9
224a1656ada14fa0d0be149cee0f8faa660d6d30d86835ebce806033fd26ca1e
GET /xre/518/5182808/4069573/js/j-5182808-4069573.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 05 Oct 2022 19:24:45 GMT
Content-Type: text/javascript; charset=utf-8
ETag: W/"d196e0c33d657c171ee6cc69131ab9e1"
X-Varnish: 264985839
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1008
Expires: Thu, 02 Feb 2023 06:39:34 GMT
Date: Thu, 02 Feb 2023 06:22:46 GMT
Content-Length: 17007
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.flashtalking.com/116327/4069573/index.html
23.38.200.44200 OK 19 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069573/index.html
IP 23.38.200.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1404), with CRLF, LF line terminators
Hash 8aa0bfe0eb723431fa3f4cf938afd083
04ae7cdc97a746b8ae717354264b6a490b792135
6ef1121252fb772eeae51fd4d929362ad2c57831e39b501f866d9821d96ffc5b
GET /116327/4069573/index.html HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 29 Sep 2022 00:27:02 GMT
Content-Type: text/html
ETag: W/"1a6ac31a95fb9c4323f4bbe45dd2c55f"
X-Varnish: 723367659
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1009
Expires: Thu, 02 Feb 2023 06:39:35 GMT
Date: Thu, 02 Feb 2023 06:22:46 GMT
Content-Length: 19067
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182808&num=&adid=&advid=&adsrv=29&btreg=5182808&btadsrv=flashtalking&crt=4069573&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=FD02AC90-835F-CBB4-F0D5-556741E34DDE&auevent=&455764788
23.33.119.16200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182808&num=&adid=&advid=&adsrv=29&btreg=5182808&btadsrv=flashtalking&crt=4069573&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=FD02AC90-835F-CBB4-F0D5-556741E34DDE&auevent=&455764788
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182808&num=&adid=&advid=&adsrv=29&btreg=5182808&btadsrv=flashtalking&crt=4069573&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=FD02AC90-835F-CBB4-F0D5-556741E34DDE&auevent=&455764788 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Thu, 02 Feb 2023 06:22:46 GMT
Connection: keep-alive
secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
23.38.200.44200 OK 1.3 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
IP 23.38.200.44:0
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash db320ef6f3c45ab5c90887ef618de2bb
7d4bd175166545ea775fcb69b406eba11f7fa3ec
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
GET /oba/icon/iconc.png?EDAA_icon=y HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Content-Type: image/png
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 440713868 434560932
Accept-Ranges: bytes
Content-Length: 1308
Cache-Control: max-age=1825953
Expires: Thu, 23 Feb 2023 09:35:19 GMT
Date: Thu, 02 Feb 2023 06:22:46 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 6aa61c2f7961066158ee3b1537a806af
f01a83d223be0cad40ae1cb3b663ffed8734abcb
ed2b283b141fcb7b9ddb2652da075941532ac0ea976215fd46eddb97081529a3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 06:22:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 02 Feb 2023 02:57:34 GMT
Expires: Fri, 03 Feb 2023 02:57:34 GMT
ETag: "f01a83d223be0cad40ae1cb3b663ffed8734abcb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=210&ttfrms=37&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauc89%3A4K8H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675318991567407&jsCallback=dvCallback_1675318991567598&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=5&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://pastelink.net/4ghiczgw&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2023034622.7794387&dvp_tukv=1050010044.173692&dvp_tuid=78012249385&jurtd=1301956874
213.254.244.25200 OK 679 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=210&ttfrms=37&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauc89%3A4K8H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675318991567407&jsCallback=dvCallback_1675318991567598&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=5&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://pastelink.net/4ghiczgw&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2023034622.7794387&dvp_tukv=1050010044.173692&dvp_tuid=78012249385&jurtd=1301956874
IP 213.254.244.25:0
File type ASCII text, with very long lines (1184), with no line terminators
Hash e84cdf0065e99b1dcb0d6ff0a9742199
2515ca92f3701918d1e2825e2cd2cedce2a871ba
2a62d270e33063d287dda329db88635fd0ab33e4ebdf6f8345a1069df6e9a45e
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=210&ttfrms=37&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauA2DE6%3D%3A%3F%3C%5D%3F6ETauc89%3A4K8H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675318991567407&jsCallback=dvCallback_1675318991567598&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=5&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://pastelink.net/4ghiczgw&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hat8UVDWVTeZjsORmrbkLn&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396437023&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=201491245482&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2023034622.7794387&dvp_tukv=1050010044.173692&dvp_tuid=78012249385&jurtd=1301956874 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 06:22:44 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/01/2023 06:22:47
Pragma: no-cache
Vary: Accept-Encoding
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
23.38.200.44200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP 23.38.200.44:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f7c9fc683a265b4f52d150be227c844a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 721542519 721664610
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=783
Expires: Thu, 02 Feb 2023 06:35:50 GMT
Date: Thu, 02 Feb 2023 06:22:47 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
code.createjs.com/1.0.0/createjs.min.js
95.101.10.40200 OK 0 B URL HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP 95.101.10.40:0
ASN #20940 Akamai International B.V.
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Thu, 02 Feb 2023 06:37:47 GMT
date: Thu, 02 Feb 2023 06:22:47 GMT
x-n: S
X-Firefox-Spdy: h2