acclaimupdatephone.online/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
172.67.208.3301 Moved Permanently 0 B URL HTTP/1.1 acclaimupdatephone.online/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 172.67.208.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: acclaimupdatephone.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Oct 2022 01:44:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 12 Oct 2022 02:44:46 GMT
Location: https://acclaimupdatephone.online/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16mQrhC401%2Bf81Gg4DYwVsj3e7JzeA4O1t4cSZ0GPB%2BEQC7pQ7XzTGP%2FNn6TO81PEv%2B2kq%2BulymXjSIcgBU1XYAinEoLP%2Fzbs%2BKktor0kAzskdRTwiRyRl7CycpRvgLrx%2FjE3e5DSiKTyPZD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758c26fadeed0b45-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 00:49:06 GMT
Expires: Wed, 12 Oct 2022 01:30:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GH6YgC9zDv26GXN83U4vHJy3WaP-JkxJsF6DyIPolPG46VBI1_lvuQ==
Age: 3339
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15414
Expires: Wed, 12 Oct 2022 06:01:40 GMT
Date: Wed, 12 Oct 2022 01:44:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf115053c2c98937c2d3c1bba367d815
dfcf225bde5123f0476e6b319823136fa77537f6
e5748cb4844096548cf4c2d8d5bee9e245035c4632ae1a59bfd3b2d99bd4cd9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5748CB4844096548CF4C2D8D5BEE9E245035C4632AE1A59BFD3B2D99BD4CD9B"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9920
Expires: Wed, 12 Oct 2022 04:30:06 GMT
Date: Wed, 12 Oct 2022 01:44:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4TfLmLPJfRtUP2acbz0NDWt+g82jW9Eh9nJm4iJ8BsI51ebchzx6EB0CBAi4+C7wPhlVQYfUrgA=
x-amz-request-id: GTZM61ZG03VDKPSZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 01:33:09 GMT
age: 697
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 12 Oct 2022 01:29:41 GMT
Cache-Control: max-age=3600
Expires: Wed, 12 Oct 2022 01:42:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FTzkQgLXjGwlBJgZkG5tCO0GFniWc0GTFfOKdPq7We8BqPQ3Ai6ngw==
Age: 906
ocsp.digicert.com/
93.184.220.29200 OK 1.8 kB IP 93.184.220.29:0
Hash a1136230644194da6507fb174125ccc0
931dbfb52ad6788a07ae681b2081d644c2bdc138
81a65fa208c99c459600410690002abb96ffcae32c01fcf256fa3c3588133f90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3778
Cache-Control: max-age=113101
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:47 GMT
Etag: "6345241a-1d7"
Expires: Thu, 13 Oct 2022 09:09:48 GMT
Last-Modified: Tue, 11 Oct 2022 08:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b118be24bf7965cb04efa2312990c243
a2797a3b1d9a7b4f845d3d0c565be6d7b833ff19
7d77ea40183bb082f430e48f8c4cfb9c39e15ee043804078dfadb2e3cfe3b4b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 01:44:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 06:25:19 GMT
Expires: Mon, 17 Oct 2022 06:25:18 GMT
Etag: "a2797a3b1d9a7b4f845d3d0c565be6d7b833ff19"
Cache-Control: max-age=448230,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758c27009b49b518-OSL
my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
IP 139.45.195.8:0
Hash 7e1da03b7d5254f7b1d93874c8f85ce4
c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:47 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba443d69d8e3d4a7f87c20d96879a815
f597d8f50402829830dae094769adc671cbbdd6a
027eef47c1d3edccb3f9c689b1f5606ca4b7b4220be3ab90ed122e33ec3bb0a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "027EEF47C1D3EDCCB3F9C689B1F5606CA4B7B4220BE3AB90ED122E33EC3BB0A5"
Last-Modified: Tue, 11 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19067
Expires: Wed, 12 Oct 2022 07:02:34 GMT
Date: Wed, 12 Oct 2022 01:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 01922736cae9cd76c58f082e96167514
3189f7c22dce5ea4c005de373935a282ae3b6ce6
b52f9e1268157fe12bcdee79d9345dd26085d284c835d0de730da132efb26e84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52F9E1268157FE12BCDEE79D9345DD26085D284C835D0DE730DA132EFB26E84"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Wed, 12 Oct 2022 07:44:17 GMT
Date: Wed, 12 Oct 2022 01:44:47 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a3e5f741f0ba4ef1a8531c93dd0a19f1
e9683879e0bf815948b6d21dc25ced3c58ca4725
edc3db55f4c0e7b34fe55566b55f18da5d29607c8724bdbe7666846bbd32411a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154150
Date: Wed, 12 Oct 2022 01:44:47 GMT
Etag: "6345bc15-1d7"
Expires: Thu, 13 Oct 2022 20:33:57 GMT
Last-Modified: Tue, 11 Oct 2022 18:55:17 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tO8qImb18fxgeG6ANf-OwgoK2jCyt1iXGKv0rI4LzzJaYbMRnDJhzQ==
Age: 5920
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uESx8uOwOGLsFnyoiR6PMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8iL404ice/UebUdNXcksOf/DuoE=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00fdbb10549de9b0a8d0f670c6471be4
8298f0d543bf1e4df4b1769d1fc27858da1e6e74
1d161eaab9fb85da47bb04765efb759b8f59cce20d2f489ef0a26d10cbfcdfd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D161EAAB9FB85DA47BB04765EFB759B8F59CCE20D2F489EF0A26D10CBFCDFD3"
Last-Modified: Tue, 11 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Wed, 12 Oct 2022 07:44:13 GMT
Date: Wed, 12 Oct 2022 01:44:47 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a3e5f741f0ba4ef1a8531c93dd0a19f1
e9683879e0bf815948b6d21dc25ced3c58ca4725
edc3db55f4c0e7b34fe55566b55f18da5d29607c8724bdbe7666846bbd32411a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153773
Date: Wed, 12 Oct 2022 01:44:47 GMT
Etag: "6345bc15-1d7"
Expires: Thu, 13 Oct 2022 20:27:40 GMT
Last-Modified: Tue, 11 Oct 2022 18:55:17 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A8OT9GG7PjTIwCsbAh-0q2KzMhb1ivfnAtOleLTDW-uOWuEfTFoaWQ==
Age: 5543
overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}
167.99.158.7200 OK 43 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}
IP 167.99.158.7:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Oct 2022 01:44:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Thu, 12 Oct 2023 01:44:47 GMT; Secure; SameSite=None
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
167.99.158.7200 OK 8 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP 167.99.158.7:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://acclaimupdatephone.online/
Origin: https://acclaimupdatephone.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Oct 2022 01:44:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=rv:96.0
54.208.186.182200 OK 1.3 kB URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=rv:96.0
IP 54.208.186.182:0
Hash 80f2d5ca03f3dd45382c32777abccb04
94ca2276a93b85e648110047defa9147d38f124e
912a3018d1efce52a1a178179ebb1a0a9bd70d9b387afa813eb538a907cea6d1
OPTIONS /device_by_model?model=rv:96.0 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://acclaimupdatephone.online/
Origin: https://acclaimupdatephone.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 12 Oct 2022 01:44:47 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3516bfeeaaab025022e1fc65c6e2eee9
5c3af72df097a0ad7a5ea5882a00e998ae5cd47b
28f1e2ea9adb97075685d1f1fc48da5057f9ad226a71a70fc7d1af3ce13a5389
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221012014447E092B9201DFB8791FFE0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb3db49c777b53f0869cfbbab6a47b28ffd06e92190f961869482c0231389f2c25b114a61f1be38d7f08fc90956d46b566341b2efc91ed7a86a7207d4366b79591
content-encoding: gzip
content-length: 30975
x-origin-response-time: 13,23.218.220.146
x-akamai-request-id: 305141cb.1ccf940f
expires: Wed, 12 Oct 2022 01:44:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 Oct 2022 01:44:47 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=168, origin; dur=13, inner; dur=3
x-parent-response-time: 181,23.36.79.28
X-Firefox-Spdy: h2
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
167.99.158.7200 OK 126 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP 167.99.158.7:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash c8f85db18fe8f89306f6c0819c67036d
7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://acclaimupdatephone.online
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Oct 2022 01:44:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Facclaimupdatephone.online%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
139.45.195.8200 OK 186 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Facclaimupdatephone.online%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
IP 139.45.195.8:0
Hash 3936319965217cb033e844d0af67ead5
9a0ec0667dbc153ea21fdcf5e8976b7f1116f1a5
88dbbc95fbc27e2c50394ef3a8b8f3039e0eb63d1e1391313572fa8381d66144
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Facclaimupdatephone.online%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:48 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dac0c49c6aef4f0098ba5d6311d926c5; expires=Thu, 12 Oct 2023 01:44:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=rv:96.0
54.208.186.182200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=rv:96.0
IP 54.208.186.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=rv:96.0 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://acclaimupdatephone.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 12 Oct 2022 01:44:48 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
r3.o.lencr.org/
23.36.76.226200 OK 2.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e17ba59b11a95c58eee5e30b02ba64e
453365d184a64d67b97c6c39f21cbd9e85700909
9574470b878bb866746e69a0cb2afa03d503b5a8cdf86db96947646120b63894
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A910415AD7EB6825B6FD365B765B2387F99BC2FA0513A3BC4B3E0586279007A"
Last-Modified: Mon, 10 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6005
Expires: Wed, 12 Oct 2022 03:24:53 GMT
Date: Wed, 12 Oct 2022 01:44:48 GMT
Connection: keep-alive
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 845
Origin: https://acclaimupdatephone.online
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Cookie: _ttp=2G0x1XGTQvmcYsQzrrAPgsrIWGA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202210120144479EB8E36206DD1A95CF90
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60d78171413f71ac7f621bddf9de079e3d51f43711ec84686b18a498e1137fa36f4dcf3612ae58e50df8af650a2889f2e8dd8b5191a2e0a5f30cc0facfaf7d5c535f8b9071b8c6bed365d54391ecf9da1f
x-origin-response-time: 161,23.36.66.10
x-akamai-request-id: 35ca4918.1ccf945e
expires: Wed, 12 Oct 2022 01:44:48 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 Oct 2022 01:44:48 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-cache-remote: TCP_MISS from a23-36-66-10.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=161, inner; dur=13
x-parent-response-time: 257,23.36.79.28
X-Firefox-Spdy: h2
track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
18.192.108.151200 OK 724 B URL HTTP/2 track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
IP 18.192.108.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash 615ed3b42cad49a0029df32dc86107dd
4413426423369e34f21e02dfe80ede32faba7cb8
1d2af2cf98c875f9c63f2619a8c31a66bbad75116c28dac839d998eb5d3885e9
GET /e69b0e43-f199-496b-87cc-2daa322bb681 HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:48 GMT
content-type: text/html;charset=UTF-8
content-length: 724
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=OWUn8taVl5NseA070Ok1x8_pBZsNyZg4t-aZOHDGe7s; Max-Age=86400; Expires=Thu, 13-Oct-2022 01:44:48 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=CrySdgKuzDqqcMEWoSEa0axwF2b52ja9p2mfeQR4X2dAb8TbJ%2BRkmwlJA9FgMQlCjRqMlNI6VDmrKGtFXBsYnvXRdvSlwfPoIzhS4wZk3IBRJCb5JFk8SLsdbQ5XbNwhrqNCVKZIVbahCCjHbsklAA%3D%3D; Max-Age=31536000; Expires=Thu, 12-Oct-2023 01:44:48 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb3b21ffa47f319edd4bc33e93e0969b
57902040b2e17e9aab90b3b1c6e97cdafaa496b2
1d6d0bc474e64948e976c74833a1c4cad4b6e3d999e40c39960965baf5bfe8f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D6D0BC474E64948E976C74833A1C4CAD4B6E3D999E40C39960965BAF5BFE8F4"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 12 Oct 2022 07:44:48 GMT
Date: Wed, 12 Oct 2022 01:44:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 01:44:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 01:44:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 01:44:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 01:44:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 5f2ce4dd-0df8-4df7-a12d-e6fffd622752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnTQHGADIAMFXfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f98cd-5044665325e5d64975c1ff0c;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:11:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZKsi1hYgZdJQNWpphaMVLfpg69dC93J575Y2RsOzFV3ZzBb6x-nrew==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:42:26 GMT
age: 14542
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f78379e6bde371b492c950402bcc39e
53a7502d8932c515aa09055c5cf8f2d2242e4398
241016bbd3cebc009f63dff2773c1c7fdb68fa941ab62b368d5e023b9155fa37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5252
x-amzn-requestid: b4ef9c4f-7ca4-42c9-a928-b0b8aa3cc695
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BUaEtBoAMF8Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e282-455619be605fa91977c66df7;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:39:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u8SRxkVzSO3pnQB_FibQBfwzvJ2uiT9YQzQI4_ZVMxgdED9Zsir8qQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:04 GMT
age: 12944
etag: "53a7502d8932c515aa09055c5cf8f2d2242e4398"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0d5ab7c-dda3-48cc-982c-e2c09e205009.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0d5ab7c-dda3-48cc-982c-e2c09e205009.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb2cb489b40b131ecc60fed2e10bd360
a49d44c10add2f810406aba99a2434582cfb66d5
ab084ad7483501d74e1f3a859912766188f4127abffcd646cd10528268b83d39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0d5ab7c-dda3-48cc-982c-e2c09e205009.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8175
x-amzn-requestid: 6f57804f-a975-4006-a9a4-c7269f77f414
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaEHwmoAMF72A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-05749dd13698a54564e61904;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yVcomUzkPxjvVVxutGXQgDRamjrTjdVKi1yOmakwqyIGIhNShkoQKA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 04:00:51 GMT
age: 78237
etag: "a49d44c10add2f810406aba99a2434582cfb66d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouhastay.net/favicon.ico
139.45.197.239204 No Content 0 B IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=8968abce120a4da8a85fdb5e8241bd28; oaidts=1665539088
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 01:44:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a262392688d01838edbe02f500679711
f9be0ceee7f5b14e1f17ab938596977cde016e63
f1555b8b9f4363bdae50d426e8601ff5d3d07605259c2e289006e16a10f4b5fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9359
x-amzn-requestid: adbd5dff-817b-4fa1-b935-300d7ebb0f3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BPxHtuIAMF5jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e264-1950f5c44861d16c43b2a71c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q5RFd5vuloivw1efJ1SlJn1CbJM-4F3zSzeV0b8iodCgy4pG8WcsHQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:25 GMT
age: 14183
etag: "f9be0ceee7f5b14e1f17ab938596977cde016e63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a300a6f-ed1a-4ab0-b94e-50c590a071cf.webp
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a300a6f-ed1a-4ab0-b94e-50c590a071cf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3f545348c6a6c9653745ede4b99e0d3
9601fee1e0b2312ad2e703be069306df4ee88ec8
52c36b35b63bdb999e4189f4d86bc29804df0e64443922d6f4fe6e5e5d3da030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a300a6f-ed1a-4ab0-b94e-50c590a071cf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3223
x-amzn-requestid: 2a76b698-a23e-476b-8956-b7a724df0d7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3AlVHOBIAMFrkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e155-1ebc307c4e1c2de273bdfbb1;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jl5UlhszQ6ff4DEx4bV1OS4xPs7SudlPvH39KplQa3cQfeIOGADH0Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:15 GMT
age: 14193
etag: "9601fee1e0b2312ad2e703be069306df4ee88ec8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b429ef-0b4d-4ac1-a57e-0512cbe70108.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b429ef-0b4d-4ac1-a57e-0512cbe70108.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e885fe35564ed7fefe0fb0fda2b9ebe7
bf37aa53466c3764d205de17070753b3204d78e4
187a99359986ae3131d303c09baf25ffa0dcf1ca80e09c9bee56434bff6f07d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b429ef-0b4d-4ac1-a57e-0512cbe70108.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13724
x-amzn-requestid: 3f358e0a-786b-48fc-9e45-bda97026e544
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3Ak_FbjoAMFfQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e152-134d2c6f4efafecb71df10e6;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C2z9SP8_BZ-lf9NPNR-24Tjtc98JRz54D4Lmeie9QmTKNIDCR9knNg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:15 GMT
age: 14193
etag: "bf37aa53466c3764d205de17070753b3204d78e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b118be24bf7965cb04efa2312990c243
a2797a3b1d9a7b4f845d3d0c565be6d7b833ff19
7d77ea40183bb082f430e48f8c4cfb9c39e15ee043804078dfadb2e3cfe3b4b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 01:44:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 06:25:19 GMT
Expires: Mon, 17 Oct 2022 06:25:18 GMT
Etag: "a2797a3b1d9a7b4f845d3d0c565be6d7b833ff19"
Cache-Control: max-age=448229,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758c27094f23b518-OSL
my.rtmark.net/img.gif?f=merge&userId=8968abce120a4da8a85fdb5e8241bd28
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=8968abce120a4da8a85fdb5e8241bd28
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=8968abce120a4da8a85fdb5e8241bd28 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:49 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8968abce120a4da8a85fdb5e8241bd28; expires=Thu, 12 Oct 2023 01:44:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2a7013303b3e9eb67a056ef9b65227a3
42c29a7052d14b11952c37e18c04bf751ce6cd7c
8ddcec930695c6eb2c23c4859837e9bf1e87bec8660ad44bfbea3014e14d0b66
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166204
Date: Wed, 12 Oct 2022 01:44:49 GMT
Etag: "6346024d-1d7"
Expires: Thu, 13 Oct 2022 23:54:53 GMT
Last-Modified: Tue, 11 Oct 2022 23:54:53 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LkFGk2f3LLb3SpGn7J6orYoZ2q1F7hiPCdx7Rp_UiiylHGhrNF_umA==
www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
3.222.133.185200 OK 11 kB URL HTTP/2 www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
IP 3.222.133.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1097), with CRLF line terminators
Hash a2a8d74674b8b0794d12c3f0da696439
4f3e4cf257bbd47ae85ff1ab7dcb477f151ab8ae
55f95b05b3210970e3c823190d95ee9600f07d6cca7e1fef6cd4722637f98bda
GET /?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2 HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:50 GMT
content-type: text/html; charset=utf-8
content-length: 10776
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-132683057-36
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-132683057-36
IP 142.250.74.168:0
File type ASCII text, with very long lines (1962)
Hash bc3870cd066ed78aba6414be80c68594
f8fc846db2ea262c2d80789c71c97827f06cabcd
183cd8764b17f5d9b652cf58b6d32a2ed6b8e57dfaea492769707bb5b08777ca
GET /gtag/js?id=UA-132683057-36 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 12 Oct 2022 01:44:50 GMT
expires: Wed, 12 Oct 2022 01:44:50 GMT
cache-control: private, max-age=900
last-modified: Wed, 12 Oct 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tipsfun.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
3.222.133.185200 OK 5.3 kB URL HTTP/2 www.tipsfun.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
IP 3.222.133.185:0
File type HTML document, ASCII text, with very long lines (11095), with no line terminators
Hash ddefd975c3676a993340e2469ce3121c
1b45e8f09e658f78d2390b6f95b58d9bcbfe004c
4cc5140e11c99fafd15ffaeebd727d6d3407cf683e178017d30f459b6233cdf1
GET /bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1 HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 5292
cache-control: public
content-encoding: gzip
expires: Thu, 12 Oct 2023 01:44:50 GMT
last-modified: Wed, 12 Oct 2022 01:44:50 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tipsfun.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
3.222.133.185200 OK 40 kB URL HTTP/2 www.tipsfun.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
IP 3.222.133.185:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash db361aecaa3ad54d61172f0950b7ce26
3ce8e11888d3d45cdcab3a40d21385435a2f7811
560e07790f527c3f2b5a86e14ae62efb0b3012f28f4b9abafa762d30251bd1a5
GET /bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1 HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 40204
cache-control: public
content-encoding: gzip
expires: Thu, 12 Oct 2023 01:44:50 GMT
last-modified: Wed, 12 Oct 2022 01:44:50 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.tipsfun.com/Content/css?v=30dsXu2yX7IoFlXBkYU6jbQQLWwYJfwFaa92hNvt3AI1
3.222.133.185200 OK 37 kB URL HTTP/2 www.tipsfun.com/Content/css?v=30dsXu2yX7IoFlXBkYU6jbQQLWwYJfwFaa92hNvt3AI1
IP 3.222.133.185:0
File type ASCII text, with very long lines (62828), with CRLF line terminators
Hash 51358b213d3129868f15873a16d3d143
e5746b9304e1e517e9111a998c00e4026a76a360
171a249d261b706105accbb56931f15b2152706f29ea824da528f6418d3266f4
GET /Content/css?v=30dsXu2yX7IoFlXBkYU6jbQQLWwYJfwFaa92hNvt3AI1 HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:50 GMT
content-type: text/css; charset=utf-8
content-length: 37128
cache-control: public
content-encoding: gzip
expires: Thu, 12 Oct 2023 01:44:50 GMT
last-modified: Wed, 12 Oct 2022 01:44:50 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.tipsfun.com/bundles/bootstrap?v=ESck_wvaWCiF5JsitLMh765lhMnw7BVBtZE-YUTa4Ns1
3.222.133.185200 OK 21 kB URL HTTP/2 www.tipsfun.com/bundles/bootstrap?v=ESck_wvaWCiF5JsitLMh765lhMnw7BVBtZE-YUTa4Ns1
IP 3.222.133.185:0
File type ASCII text, with very long lines (57484), with no line terminators
Hash 9f9604cf3fb020023e3d0b7c53896a8f
b0fe9963072662942801b37efc2df9019c94f559
96904afe4dd79d4fd4a7e6332c0c3485c7ad6a0b795dfa49f80eff84fe72c84b
GET /bundles/bootstrap?v=ESck_wvaWCiF5JsitLMh765lhMnw7BVBtZE-YUTa4Ns1 HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 21231
cache-control: public
content-encoding: gzip
expires: Thu, 12 Oct 2023 01:44:50 GMT
last-modified: Wed, 12 Oct 2022 01:44:50 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.tipsfun.com/Content/Logos/tipsfun.png
3.222.133.185200 OK 121 kB URL HTTP/2 www.tipsfun.com/Content/Logos/tipsfun.png
IP 3.222.133.185:0
File type PNG image data, 600 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (120754 bytes)
Hash 9344e33064252955fd36d5e1413674c1
63bac27efb535e23f91ab7b4b49c56be030091f0
463a2c6869fdb1a53df0199a13dd09dc5ee8c945beb82dbbe275940480cca841
GET /Content/Logos/tipsfun.png HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:50 GMT
content-type: image/png
content-length: 120754
last-modified: Mon, 29 Aug 2022 18:00:11 GMT
accept-ranges: bytes
etag: "cd23e12ed1bbd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/magglasswhite.png
54.230.245.138200 OK 1.1 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/magglasswhite.png
IP 54.230.245.138:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 3e7211fc3334ad5d34e59ad2dca45a2b
22276287873c44c491ab0de64be311e1375c8ba1
d3d3997b5fd2feac401a3d982c54047e82f9740a0aee4ab32767fd96b3347281
GET /quicklinkicons/magglasswhite.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1114
last-modified: Thu, 04 Mar 2021 00:04:09 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 11 Oct 2022 13:28:41 GMT
etag: "3e7211fc3334ad5d34e59ad2dca45a2b"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4pkVkt9UcIbUprRrp-mYMCli8T6Qy19F2KkROTUyYvAU-4nBvB6qmg==
age: 71842
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9045885902afb286eef41988716895
550fd256897d4f483d00768972f56cd8c35e09e8
c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5566
Cache-Control: max-age=148709
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 19:03:20 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 87WVRSsCeE61ZJBmDEWaCX3T0DYkJyhPz/xMeTwbO7jn2lXxpZi7gFlihMv3Ucds+q3JVIgUwAwNwhMHeAJTIg==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 12 Oct 2022 01:44:51 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9045885902afb286eef41988716895
550fd256897d4f483d00768972f56cd8c35e09e8
c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5566
Cache-Control: max-age=148709
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 19:03:20 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.tipsfun.com/Content/Favicons/tipsfun.png
3.222.133.185200 OK 123 kB URL HTTP/2 www.tipsfun.com/Content/Favicons/tipsfun.png
IP 3.222.133.185:0
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 123 kB (123064 bytes)
Hash fb74e36ae77626c717b13a8123e531dc
cb2d39119de10aec4adbde3424ad22cbbad6a661
f965c6c920673ab4c3374306fc9d73292ae06b325e8d0dc6808d2209bb6e0f0f
GET /Content/Favicons/tipsfun.png HTTP/1.1
Host: www.tipsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/?s=glava%20proff%2034%20150&utm_campaign=IK:TPF-NO-ALL-D-Glava%20Pro%20DT%201110&utm_content=ob-28b9356603173cb93817a0a1422b39f2&utm_source=outbrain&country=NO&dm_keyword=true&lander=green&visitor_id=603877303218615112&target_id=3647676&campaign_id=6183636&link_key=28b9356603173cb93817a0a1422b39f2
Cookie: UUID=b7043993-cd1b-4e83-a110-d5c111bf722c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:51 GMT
content-type: image/png
content-length: 123064
last-modified: Mon, 29 Aug 2022 18:00:11 GMT
accept-ranges: bytes
etag: "b78bde2ed1bbd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
s.yimg.com/ds/scripts/xmlp.js
87.248.119.252200 OK 1.3 kB URL HTTP/2 s.yimg.com/ds/scripts/xmlp.js
IP 87.248.119.252:0
ASN #203220 Yahoo! UK Services Limited
File type ASCII text, with very long lines (3279), with no line terminators
Hash 38f67db097994ec072f1fda1a12457cb
96254c8e7bec5e6676cbbfe88b48bee5369c6deb
043a96ec5e217059a9c0c1e23603e716db43fe9dd445763ddd801d7925f7d142
GET /ds/scripts/xmlp.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VOkbhko3qkuj+zBjYCX1he/jdS6Vp8sG4RJStWJUvOJy0m4nj6NXyE0Qz5/k51HkiNPC59TdFNU=
x-amz-request-id: V1BWQT2J3ZQRBA3D
date: Wed, 12 Oct 2022 01:44:00 GMT
last-modified: Wed, 26 Jan 2022 20:53:00 GMT
x-amz-server-side-encryption: AES256
cache-control: public,max-age=60
x-amz-version-id: U6ZtfKXd8zhdSqKfajuJg7pZ_KC5atsi
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
x-amzn-internal-status: 304
etag: "fc25f60c6977a75b25e9105ea606aea1-df"
age: 52
content-encoding: gzip
content-length: 1300
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 12 Oct 2022 00:41:09 GMT
expires: Wed, 12 Oct 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 3822
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec8c3be288c030a2f21f77da38609a2c
5dce231ac91002054bbdbc6b19f6d1aa0d6c32bc
fa3abfefbd26a9339066ee03360614fc68312aefd2aa7e47e291589f426a7265
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 237045ccab31a93329907f85d73fd4b0
28a165352e13c7e6a0e9e878c6a065dd5da1ff9e
97b392e3aebdb740b3649b1e240a257bc0967f3fb456c4a0776c21b0c0722cee
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130220
Date: Wed, 12 Oct 2022 01:44:51 GMT
Etag: "634568f3-1d7"
Expires: Thu, 13 Oct 2022 13:55:11 GMT
Last-Modified: Tue, 11 Oct 2022 13:00:35 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0La_uTsMkJuK8i5IoRQ9IGMqRTDJo7Gc7e3D1iZylG0ks37ru9xz7w==
Age: 3276
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 237045ccab31a93329907f85d73fd4b0
28a165352e13c7e6a0e9e878c6a065dd5da1ff9e
97b392e3aebdb740b3649b1e240a257bc0967f3fb456c4a0776c21b0c0722cee
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133042
Date: Wed, 12 Oct 2022 01:44:51 GMT
Etag: "634568f3-1d7"
Expires: Thu, 13 Oct 2022 14:42:13 GMT
Last-Modified: Tue, 11 Oct 2022 13:00:35 GMT
Server: ECS (dcb/7F80)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: To4UAcb9Os4fQ2HcgjHCMTeIyMqyA7lF0-vHGJ28lixNvm9BoIFAUQ==
Age: 6098
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec8c3be288c030a2f21f77da38609a2c
5dce231ac91002054bbdbc6b19f6d1aa0d6c32bc
fa3abfefbd26a9339066ee03360614fc68312aefd2aa7e47e291589f426a7265
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec8c3be288c030a2f21f77da38609a2c
5dce231ac91002054bbdbc6b19f6d1aa0d6c32bc
fa3abfefbd26a9339066ee03360614fc68312aefd2aa7e47e291589f426a7265
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=287005702332005&ev=PageView&dl=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&rl=&if=false&ts=1665539091217&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&it=1665539091066&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=287005702332005&ev=PageView&dl=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&rl=&if=false&ts=1665539091217&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&it=1665539091066&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=287005702332005&ev=PageView&dl=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&rl=&if=false&ts=1665539091217&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&it=1665539091066&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 12 Oct 2022 01:44:51 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 Oct 2022 01:44:51 GMT
expires: Wed, 12 Oct 2022 01:44:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8e058c50dbe0871b6ccde4ed4cc8785
06b0c34d584624df99282c1fff1d766b9ed00e64
3319073b74402c41450cc9ca2162140dbe8b231db146cf8e77cb0b43fa461b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imp.digitalnetics.us/do?event_name=adshow&userid=b7043993-cd1b-4e83-a110-d5c111bf722c&page=prisguiden.no/priser&keyword=YnrbIvvUOSkY8f9B7QiyGFJNWoUeyImRDa7gOGQy73c=&adid=ob-28b9356603173cb93817a0a1422b39f2&referrer=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&country=NO&state=&city=&subid1=1&subid2=&subid3=&subid4=&subid5=
52.3.145.251200 OK 109 B URL HTTP/1.1 imp.digitalnetics.us/do?event_name=adshow&userid=b7043993-cd1b-4e83-a110-d5c111bf722c&page=prisguiden.no/priser&keyword=YnrbIvvUOSkY8f9B7QiyGFJNWoUeyImRDa7gOGQy73c=&adid=ob-28b9356603173cb93817a0a1422b39f2&referrer=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&country=NO&state=&city=&subid1=1&subid2=&subid3=&subid4=&subid5=
IP 52.3.145.251:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 3260e2cd06cba4871584bc863bc0dd10
5d780204aecb7cd5d0ffa2ca5bf540d7afdf4afc
87e6caca9e3e1c0b4ea254f67bf855c8496a1b80f4034bd5ae596be264ea5be8
POST /do?event_name=adshow&userid=b7043993-cd1b-4e83-a110-d5c111bf722c&page=prisguiden.no/priser&keyword=YnrbIvvUOSkY8f9B7QiyGFJNWoUeyImRDa7gOGQy73c=&adid=ob-28b9356603173cb93817a0a1422b39f2&referrer=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&country=NO&state=&city=&subid1=1&subid2=&subid3=&subid4=&subid5= HTTP/1.1
Host: imp.digitalnetics.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tipsfun.com
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: image/png
Date: Wed, 12 Oct 2022 01:44:48 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 109
Connection: keep-alive
imp.digitalnetics.us/do?event_name=pageload&userid=b7043993-cd1b-4e83-a110-d5c111bf722c&page=undefined&keyword=YnrbIvvUOSkY8f9B7QiyGFJNWoUeyImRDa7gOGQy73c=&adid=ob-28b9356603173cb93817a0a1422b39f2&referrer=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&country=NO&state=&city=&subid1=&subid2=&subid3=&subid4=&subid5=
52.3.145.251200 OK 109 B URL HTTP/1.1 imp.digitalnetics.us/do?event_name=pageload&userid=b7043993-cd1b-4e83-a110-d5c111bf722c&page=undefined&keyword=YnrbIvvUOSkY8f9B7QiyGFJNWoUeyImRDa7gOGQy73c=&adid=ob-28b9356603173cb93817a0a1422b39f2&referrer=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&country=NO&state=&city=&subid1=&subid2=&subid3=&subid4=&subid5=
IP 52.3.145.251:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 3260e2cd06cba4871584bc863bc0dd10
5d780204aecb7cd5d0ffa2ca5bf540d7afdf4afc
87e6caca9e3e1c0b4ea254f67bf855c8496a1b80f4034bd5ae596be264ea5be8
POST /do?event_name=pageload&userid=b7043993-cd1b-4e83-a110-d5c111bf722c&page=undefined&keyword=YnrbIvvUOSkY8f9B7QiyGFJNWoUeyImRDa7gOGQy73c=&adid=ob-28b9356603173cb93817a0a1422b39f2&referrer=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&country=NO&state=&city=&subid1=&subid2=&subid3=&subid4=&subid5= HTTP/1.1
Host: imp.digitalnetics.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tipsfun.com
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: image/png
Date: Wed, 12 Oct 2022 01:44:48 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 109
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/405957663/?random=1665539091350&cv=9&fst=1665539091350&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/405957663/?random=1665539091350&cv=9&fst=1665539091350&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2886), with no line terminators
Hash c3e388f0c91a8b0722965b2471732598
a17c01c1f8cb41cc69a9352f8d6c55ffebb24d4a
1d9609485d19fc5b6e0564923cbd7a7d352f3a03b2ff52bde4193db61991bde9
GET /pagead/viewthroughconversion/405957663/?random=1665539091350&cv=9&fst=1665539091350&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1214
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10796101730/?random=1665539091353&cv=9&fst=1665539091353&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10796101730/?random=1665539091353&cv=9&fst=1665539091353&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2890), with no line terminators
Hash 9a5eecf4e3e0316634c983072f89fea7
e622b659fbc15479854b574d3c14a10ab8e7136b
550f3d402aaf019db061d7a00acdb9b3aebab773e653539b8f250d96b741725f
GET /pagead/viewthroughconversion/10796101730/?random=1665539091353&cv=9&fst=1665539091353&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1215
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/406011223/?random=1665539091310&cv=9&fst=1665539091310&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/406011223/?random=1665539091310&cv=9&fst=1665539091310&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2884), with no line terminators
Hash f01760279b9e2f752259f68c919c622c
f99e629c9b81ef15ce32d80ab320d5658faff61f
337852019b1e74401e868f15012532f2a2917444cd4e5456f9197183274fa502
GET /pagead/viewthroughconversion/406011223/?random=1665539091310&cv=9&fst=1665539091310&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1214
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10796001405/?random=1665539091356&cv=9&fst=1665539091356&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10796001405/?random=1665539091356&cv=9&fst=1665539091356&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2890), with no line terminators
Hash 006242d560bf27c575b811bb26bd7b0a
5416b2f953a001681d7b278684a5a242028df8f8
609afe90b1e73a6d6cc50bc4b8cda12cddb11e30d3ea4ee887cc6fec86be09e5
GET /pagead/viewthroughconversion/10796001405/?random=1665539091356&cv=9&fst=1665539091356&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1215
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10795986570/?random=1665539091347&cv=9&fst=1665539091347&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10795986570/?random=1665539091347&cv=9&fst=1665539091347&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2888), with no line terminators
Hash 10b44229404cf854a43275ad10d38fa9
056a463fe0d841cc55903f6f049e0b0b2cbc4ded
f79e999b9b1f0e69cfabd6574034c773872bed26079bf36ea5c69e83d32b1465
GET /pagead/viewthroughconversion/10795986570/?random=1665539091347&cv=9&fst=1665539091347&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1215
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10844658792/?random=1665539091344&cv=9&fst=1665539091344&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10844658792/?random=1665539091344&cv=9&fst=1665539091344&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2888), with no line terminators
Hash 0f52506c128090d0238f31a00c76e357
245d3812470d1fb9e69e3b5004a4e041b4523035
b2502b7ad35795f4a9966863c1ecdc9e93473c94767e1d144b7f3fadfa3d240e
GET /pagead/viewthroughconversion/10844658792/?random=1665539091344&cv=9&fst=1665539091344&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1215
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/405958443/?random=1665539091341&cv=9&fst=1665539091341&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/405958443/?random=1665539091341&cv=9&fst=1665539091341&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2886), with no line terminators
Hash 337bf579edf654d3298f0cfd264570e7
4b6a55a9232b10b6b0013a93f62675ca87b7e8f8
35f21bc3f21163563f9e837dd3ca37a3459b490f4729cceb282a88a9adc69e84
GET /pagead/viewthroughconversion/405958443/?random=1665539091341&cv=9&fst=1665539091341&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1214
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10796000025/?random=1665539091328&cv=9&fst=1665539091328&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10796000025/?random=1665539091328&cv=9&fst=1665539091328&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2890), with no line terminators
Hash ca81979cd913b87bd17174387cc195cc
a1d8719804aebc8dad5d6205bcdecb7aeaf8af46
6867c30c90ca5565e235c3f8926e81cfc1ccfed0abf5db469860892e0adee3ae
GET /pagead/viewthroughconversion/10796000025/?random=1665539091328&cv=9&fst=1665539091328&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/330243227/?random=1665539091333&cv=9&fst=1665539091333&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/330243227/?random=1665539091333&cv=9&fst=1665539091333&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2886), with no line terminators
Hash b3b8729cdc1aa30bdb7c5503c035494d
af5b398163dc4b53bc483e3c6d6f480473391e99
c97571a5bddefec213876498b700e50c461d7e55698ae6f3ed463b7a26b56705
GET /pagead/viewthroughconversion/330243227/?random=1665539091333&cv=9&fst=1665539091333&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&auid=2046989972.1665539091&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1214
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Oct-2022 01:59:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10796000025/?random=1665539091328&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=1982068566&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10796000025/?random=1665539091328&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=1982068566&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10796000025/?random=1665539091328&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=1982068566&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10796001405/?random=1665539091356&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=4128322873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10796001405/?random=1665539091356&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=4128322873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10796001405/?random=1665539091356&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=4128322873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/405958443/?random=1665539091341&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=3287481006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/405958443/?random=1665539091341&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=3287481006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/405958443/?random=1665539091341&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=3287481006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/330243227/?random=1665539091333&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=2158732560&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/330243227/?random=1665539091333&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=2158732560&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/330243227/?random=1665539091333&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=2158732560&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/405957663/?random=1665539091350&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=4066351833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/405957663/?random=1665539091350&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=4066351833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/405957663/?random=1665539091350&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=4066351833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10844658792/?random=1665539091344&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=130671075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10844658792/?random=1665539091344&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=130671075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10844658792/?random=1665539091344&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=130671075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/406011223/?random=1665539091310&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=308892456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/406011223/?random=1665539091310&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=308892456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/406011223/?random=1665539091310&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=308892456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10795986570/?random=1665539091347&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=410886898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10795986570/?random=1665539091347&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=410886898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10795986570/?random=1665539091347&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=410886898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 01:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10796101730/?random=1665539091353&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=3195163635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10796101730/?random=1665539091353&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=3195163635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10796101730/?random=1665539091353&cv=9&fst=1665536400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=15&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tipsfun.com%2F%3Fs%3Dglava%2520proff%252034%2520150%26utm_campaign%3DIK%3ATPF-NO-ALL-D-Glava%2520Pro%2520DT%25201110%26utm_content%3Dob-28b9356603173cb93817a0a1422b39f2%26utm_source%3Doutbrain%26country%3DNO%26dm_keyword%3Dtrue%26lander%3Dgreen%26visitor_id%3D603877303218615112%26target_id%3D3647676%26campaign_id%3D6183636%26link_key%3D28b9356603173cb93817a0a1422b39f2&async=1&fmt=3&is_vtc=1&random=3195163635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tipsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 01:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
139.45.197.251200 OK 0 B URL HTTP/2 redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
IP 139.45.197.251:0
GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:48 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1a5ed"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221012014447D55D9E64D1DCAD84090E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60d78171413f71ac7f621bddf9de079e3d5d10f15651da534b0fa1921581044443a847c93a67bb03c9a77d4bf1f92fb33eb88f915ead17d3561f20ea981525ea80487b9f592429e1476eaef981c5bc4a77
content-encoding: gzip
x-origin-response-time: 15,23.36.66.34
x-akamai-request-id: 313b24fd.1ccf93cd
expires: Wed, 12 Oct 2022 01:44:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 Oct 2022 01:44:47 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-36-66-34.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=15, inner; dur=4
x-parent-response-time: 113,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=acclaimupdatephone.online
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=acclaimupdatephone.online
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=acclaimupdatephone.online HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acclaimupdatephone.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022101201444738B66D2540E6C59E0837
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebc0f278655a820d547eceeb1b49db66fafb54031a903b6230f93615a846b6f66b576c29de549f23d6f17143c7a78db595bc70cb9f800f99c9fbedf12854a07862
content-encoding: gzip
x-origin-response-time: 6,23.218.220.150
x-akamai-request-id: 2b429166.1ccf941c
expires: Wed, 12 Oct 2022 01:44:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 Oct 2022 01:44:47 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2G0x1XGTQvmcYsQzrrAPgsrIWGA; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-220-150.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=6, inner; dur=3
x-parent-response-time: 106,23.36.79.28
X-Firefox-Spdy: h2
track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1665539088320&hash=MKSvjH7tqH07fk5phXmD01mdzMhXSEMOG7ZiJm6xnb0&rm=DJ
18.192.108.151200 OK 0 B URL HTTP/2 track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1665539088320&hash=MKSvjH7tqH07fk5phXmD01mdzMhXSEMOG7ZiJm6xnb0&rm=DJ
IP 18.192.108.151:0
GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1665539088320&hash=MKSvjH7tqH07fk5phXmD01mdzMhXSEMOG7ZiJm6xnb0&rm=DJ HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=OWUn8taVl5NseA070Ok1x8_pBZsNyZg4t-aZOHDGe7s; cc-v4=CrySdgKuzDqqcMEWoSEa0axwF2b52ja9p2mfeQR4X2dAb8TbJ%2BRkmwlJA9FgMQlCjRqMlNI6VDmrKGtFXBsYnvXRdvSlwfPoIzhS4wZk3IBRJCb5JFk8SLsdbQ5XbNwhrqNCVKZIVbahCCjHbsklAA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:48 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
ouhastay.net/afu.php?zoneid=3647676
139.45.197.239200 OK 0 B URL HTTP/2 ouhastay.net/afu.php?zoneid=3647676
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=3647676 HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 01:44:48 GMT
content-type: text/html; charset=utf8
x-trace-id: 89ca980ffefcbc03726da21c48399f86
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://revpu.sh>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8968abce120a4da8a85fdb5e8241bd28; expires=Thu, 12 Oct 2023 01:44:48 GMT; path=/; secure; SameSite=None
oaidts=1665539088; expires=Thu, 12 Oct 2023 01:44:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
acclaimupdatephone.online/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
172.67.208.3200 OK 0 B URL HTTP/2 acclaimupdatephone.online/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 172.67.208.3:0
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: acclaimupdatephone.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 12 Oct 2022 01:44:47 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 05 May 2022 04:35:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKcoPzs7u%2F6T9jAfshv3o88Zk9Ax%2FxksDx8CSpQM9AVyoF2R0zFU7Ymlq0B9vIrBhl3KW3DJoVpG7ayobggzKknBXtfBrzQTwulqYTF3PRFnTWmFYUTOkRtGVV3eR9ENVd7jmK6pV9CtI9LM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c26fc89a9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2