ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0
301 Moved Permanently 0 B URL HTTP/1.1 ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nottm-forest-vs-leeds/48533/0 HTTP/1.1
Host: ww1.pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 13:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 14:56:14 GMT
Location: https://ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmMw2gVe5yavRxzSKfbGEaqgFG7R5jry4GS%2FfwFRYgeKM0Qb5ZWGshsiCnRBd9RMjENs0J8D1JEU7y%2FyM49xx1x%2BGVXjePLx4faOkzIEm37qlXZ2RU9XleBdK19z%2FuXWHR6XCb0W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c25f3f8270b3d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Sun, 05 Feb 2023 18:00:53 GMT
Date: Sun, 05 Feb 2023 13:56:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3962
Expires: Sun, 05 Feb 2023 15:02:16 GMT
Date: Sun, 05 Feb 2023 13:56:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11381
Expires: Sun, 05 Feb 2023 17:05:55 GMT
Date: Sun, 05 Feb 2023 13:56:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 13:36:18 GMT
content-type: application/json
age: 1196
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xbzilvJu6ttFraXoc09pGaBVdvNVpmgHC33YE6UeEqQb4WriR/I362IkGhVXCz8obxr4cTyiplPgKUQURkdC/w==
x-amz-request-id: NE55YWM8KE1BG3TS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 13:53:18 GMT
age: 176
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
IP
Hash f37452a12a3df67dcafec4b1bd9e2b18
e77941b4fd17c5e2f619267dc03209330766f5f1
e47c0801d0cf05555020d6b851896088aa89b4ebd6b75c82f367105603db5b9d
POST /s/gts1p5/LRRImAdXvF0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 13:07:20 GMT
age: 2934
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16241
Expires: Sun, 05 Feb 2023 18:26:55 GMT
Date: Sun, 05 Feb 2023 13:56:14 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
IP
Hash f37452a12a3df67dcafec4b1bd9e2b18
e77941b4fd17c5e2f619267dc03209330766f5f1
e47c0801d0cf05555020d6b851896088aa89b4ebd6b75c82f367105603db5b9d
POST /s/gts1p5/LRRImAdXvF0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 9.0 kB IP
Hash d6bd20d10e69375e1253a492cd638aef
374d5c16b53c8e8d8477d93f1375e3a0f7639b2d
57f90f02d44a6cb759b7cfa9b74b7874777f5d3fbdfca1f05384475ccafde34b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 7.6 kB IP
Hash 3a6997870d4117ec0b777d4f1bc9746e
bff84ef7da37bbd69f5a8c5a95f6a4b34868483b
f1e67a2b54182a121f0d99460440f4e60033768710a0ef5706e5a8376da761b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /gLBBeOW0vqRScIdH/9gdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +nc9iNxrDhzLM5tk9zwEYUM91GI=
ocsp.pki.goog/gts1c3
200 OK 3.2 kB IP
Hash 672d1c6fdec7133cc11e2c67c831042d
d2ee173074fc82967827ff6ebc7aa65f9ea80822
518193999394ae6ffb15f5101b0795dd9d745f2ab5aae417c9714b6abaac87de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 575655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 3.1 kB IP
Hash 04245969a684e5d8e6a743c320398041
c45439a6473a8efb86237e1c4326adf4bab458df
063d5163a98869af89f373c723b475194cbdb176813822c6a2b140ade538bf7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 434829
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
IP
Hash c363438313b0e343e957f909c153a083
ba720fcc7a38a1536c5aafd60e360ceda64499ec
dd5db349700ffa59f45c96c61b3ae77e05a8eca79dca75fe811e493cf7974f6d
GET /css?family=Open+Sans:400,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 13:56:15 GMT
date: Sun, 05 Feb 2023 13:56:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:38:34 GMT
expires: Fri, 02 Feb 2024 00:38:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
age: 307061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
200 OK 10 kB URL HTTP/2 cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
IP
File type HTML document, ASCII text, with very long lines (30387)
Hash 5245fb2ca8b98e72f9b7ae0323d76020
eb6493f5f66936432464d98c47f2f0b200309b5b
75d36b8e1e822c4f74c51fa0a97f24ef4c45afc6059d3df9b0f4cc37acd1f231
GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 4398
x-served-by: cache-fra-eddf8230096-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10250
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cdnbye@latest/dist/videojs-hlsjs-plugin.min.js
200 OK 39 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/videojs-hlsjs-plugin.min.js
IP
Hash b230c0a4f51aadb3ede6744101d3aaf0
23ff8df88c06761ab5108e36b9f3f494de5c4bd1
cf0c3c92a7b6e880801743cf02335ba0ad2dc737e104005b3d6b410847753aaf
GET /npm/cdnbye@latest/dist/videojs-hlsjs-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.20.10
x-jsd-version-type: version
etag: W/"1dea-jczigZaTjbLvFYcUZlhdnQPP2Ok"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 3374
x-served-by: cache-fra-eddf8230054-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3014
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
200 OK 6.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
IP
File type ASCII text, with very long lines (25391)
Hash 397585b48d8e13831b573102b4380f0a
33544d2f59b2980c7b9025eafab2c0ee5a9797c1
ac4aa1cee8cdbd20582f400b5e960d3f4105a9142afcdf0aff76d817891793e6
GET /npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.1.1
x-jsd-version-type: version
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 710
x-served-by: cache-fra-eddf8230107-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6903
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js
200 OK 3.4 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js
IP
Hash a0cd84b23887a2e7f4584f64dd9dfea5
1782afffa3ccf48d2486504d08a613d625965759
f2b8ce902587410754913a2d5bccec5a951278fbc677cf5e472cedbddc0a87f3
GET /npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.0.0
x-jsd-version-type: version
etag: W/"a36-HIpJYiEHHCGTei+SnZfGpqpzQtA"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 2207639
x-served-by: cache-fra-eddf8230091-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1214
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
IP
File type ASCII text, with very long lines (3010), with no line terminators
Hash a11054242cca130db5848f4b9d3ffaed
e507f254838103754b661b0ce51b6db68b884fe3
38e2fd24956be6f20f42772000e2d5ee1d5c305b0815a86795f56eee9dd8e8b9
GET /npm/cdnbye@latest/dist/clappr-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.20.10
x-jsd-version-type: version
etag: W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 42568
x-served-by: cache-fra-eddf8230109-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1148
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
200 OK 48 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash e2e47222bc960bf244e423e366318b53
a3c3e82c724f528d7794256a1d31afb232471298
9ab0a703d10e83cdccc3f52c8b7b3d64beb4b57e326b06aee79ce410e6eb083a
GET /npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.21.0
x-jsd-version-type: version
etag: W/"2c5b1-Hb5WHC2wG79jOsHQCLzlmXmj4b0"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 18196
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47582
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 4.7 kB IP
Hash ae2a8f751e57334c999bad3e6025e0ea
df78e343eb91fb629bd754dda0abf1dd7283f51f
3606a0c56d164a3c895ba28e2f47d3bbd5057c40fc4f258eb6a9d45509a962ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
200 OK 141 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (141142 bytes)
Hash 7e7fdfacdb1943ea810449001d165a53
fc230e8b4a933497a2da4a783574a5b07b889a7e
d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 22186
x-served-by: cache-fra-eddf8230106-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-contrib-quality-levels@2.0.9/dist/videojs-contrib-quality-levels.min.js
200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-contrib-quality-levels@2.0.9/dist/videojs-contrib-quality-levels.min.js
IP
File type ASCII text, with very long lines (2648)
Hash 185de0c2aa2eb9a9fb5cd011b2f2a65b
69a9757656fe2cbbb3f48f15ba8519e44903f09a
b9c7b62a2f6add22fd4eb2935e9c1dc68a874ef065a5a089a5826092a58ca548
GET /npm/videojs-contrib-quality-levels@2.0.9/dist/videojs-contrib-quality-levels.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.9
x-jsd-version-type: version
etag: W/"aa8-VOPQwfOFCqeCRFvbaxama+MnYjg"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 7048101
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1134
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 11 kB IP
Hash ba9bd245afc180cc74e605ce173f6eef
1121a2649a081d079ddf13062c6f96f0c96708fb
f274d960834405e8382a69472e6de432c5f533dbf3c95d3fcdf29d6f62385cbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6394
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Last-Modified: Sun, 05 Feb 2023 12:09:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
200 OK 2.6 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
File type ASCII text, with very long lines (6475), with no line terminators
Hash 01d26cbcee2e5dedc421d3fd710df322
0bcda200e307dcbb081f72c07971d9b1cbea5126
31873892814c035885c363192ecf1c4322dc2508ce03217fa666e613c800c79d
GET /c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-contrib-hls.js@latest
200 OK 63 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-contrib-hls.js@latest
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 15f39c98aece65d79b8f06473bbb6fd4
b12b3f7017a119a9cb841557f42bc5cacbbdaa80
032a275505fbae2e1057ebc72c8a79c801ffbce33113796d07063954a3ae3907
GET /npm/videojs-contrib-hls.js@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.2.0
x-jsd-version-type: version
etag: W/"35ce5-qfpgfeQEWgNuKxw4uDOhlbC6N08"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 3026
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62843
X-Firefox-Spdy: h2
jscdn.greeter.me/pawastreams.tophead.js
200 OK 8.7 kB URL HTTP/2 jscdn.greeter.me/pawastreams.tophead.js
IP
File type exported SGML document, ASCII text, with very long lines (1670), with CRLF line terminators
Hash ef00b812c2ff87a6154cf1f9387a5fc5
7cce6257d6798c16fac060ad52029f9d62223d4e
b0c34e44d4362313d3d947c7868435cbb89a37c0b82327c491ed07f2ccf708a1
GET /pawastreams.tophead.js HTTP/1.1
Host: jscdn.greeter.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:15 GMT
cache-control: max-age=2142
content-length: 8659
content-type: text/javascript
last-modified: Tue, 24 Jan 2023 09:42:42 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "ef00b812c2ff87a6154cf1f9387a5fc5"
x-amz-request-id: tx00000000000000b13ecef-0063dfafcd-852b6119-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675605375.dop021.sk1.t,1675605375.cds210.sk1.hn,1675605375.cds071.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-hls-quality-selector@1.1.1/dist/videojs-hls-quality-selector.min.js
200 OK 15 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-hls-quality-selector@1.1.1/dist/videojs-hls-quality-selector.min.js
IP
Hash c2cca43c8200c940cbdd800f8fe21090
55c78038fa8213dc4db74417455446d7870a98fb
88b097743145f7958317b1d34307cf6b27c632e7917347f94fcf2ffab2265fcf
GET /npm/videojs-hls-quality-selector@1.1.1/dist/videojs-hls-quality-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.1
x-jsd-version-type: version
etag: W/"159b-ajQkQPq7XzevC002e6ih3PU1JEA"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 5734575
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2158
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js
200 OK 1.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js
IP
File type ASCII text, with very long lines (3580), with no line terminators
Hash ea067e1639f0139422abd8017fe8787c
20d277fa13df92a0415ba5257d9fa0851310bdc3
618c5c8f0bfaf9d4516d2d13d9af232604731eebcc2e78b09fb9ac059bed80b1
GET /npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.1
x-jsd-version-type: version
etag: W/"dfc-K08E5xkmhMvQd2dwLgQBEkVYPOw"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 39494
x-served-by: cache-fra-eddf8230123-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1515
X-Firefox-Spdy: h2
jscdn.greeter.me/pawastreams.topdynamic.js
200 OK 8.0 kB URL HTTP/2 jscdn.greeter.me/pawastreams.topdynamic.js
IP
File type ASCII text, with very long lines (7389), with CRLF line terminators
Hash 3e5dae1f6002b43b5d46874304607418
a4674f3d5a354edf51baa0b62c23e2ef82a37c84
29b407a6d9b76d2cc1ef6d31f188881ccd5e8f3e1ac5d8596e6d4fe47a5a01d3
GET /pawastreams.topdynamic.js HTTP/1.1
Host: jscdn.greeter.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:15 GMT
cache-control: max-age=2142
content-length: 7957
content-type: text/javascript
last-modified: Mon, 16 Jan 2023 13:43:50 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "3e5dae1f6002b43b5d46874304607418"
x-amz-request-id: tx00000000000000b14def2-0063dfafcd-85aa146b-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675605375.dop021.sk1.t,1675605375.cds210.sk1.hn,1675605375.cds020.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
200 OK 69 kB URL HTTP/2 cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
IP
Hash 71249d1ce8c3d20cc8cdd53ec9787e36
0a8f7810de7099815c83643e5d7301e4e0c50af2
fb1f56997ef14c06ef83c8a6b2d97e172cbf670e4182b9753c68b8af3b902678
GET /npm/swarmcloud-hls@latest/dist/p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.6.3
x-jsd-version-type: version
etag: W/"2f8d3-PtvaTMOxMvO+lXnP0hda4YuqtuE"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 11577
x-served-by: cache-fra-eddf8230033-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58097
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/hls.js@0.14.13
200 OK 72 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@0.14.13
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 099f0d69ae3bf4995159009f52f4d3d1
3d13c69919cafe188044cf6a7abef8d38b6419ee
7d624c2bd8770f8e475530d238f0639598d6359f9e5d676f7a51d1507d21135c
GET /npm/hls.js@0.14.13 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.14.13
x-jsd-version-type: version
etag: W/"3a8f5-ol2gYcX709ZKpqLteahgjiZOmjg"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:15 GMT
age: 9160414
x-served-by: cache-fra-eddf8230081-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 71904
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/video.js/7.8.2/alt/video.core.min.js
200 OK 51 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/7.8.2/alt/video.core.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (45362)
Hash 5c798a739dbf32d5d8e3e6ecf8520d89
9f0d56501221992462a2819e3fd35753aaa97296
5ba0074bb90e4084178c88424f806afa81acf58f8f7317f1e078b067d267849d
GET /ajax/libs/video.js/7.8.2/alt/video.core.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 51126
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecd9241-35e98"
last-modified: Tue, 26 May 2020 22:03:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1976235
expires: Fri, 26 Jan 2024 13:56:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwwpkR4c%2FiQMvFG3oolfQdnyBzZ7vL9fNdBymZ0YFBKV1%2F1kNmO3KHuXArNSWVxuo0f1WGm%2FP2CMOpqomBvddibDkd39F1nQqRktuysAOw2%2FEc6Cr4kct9n1bfWhv%2FzlU3aUIkU9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794c25fd8f89b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
200 OK 7.8 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 891327d9e0b01f63adbb802b972084d8
757a28fdf3077780a4308663d8d14d9f08389239
5849d867d2fa3eadf26cc838b5ea948977009bcc79fba65af266709f6f9a7afc
GET /c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2907
Cache-Control: max-age=112637
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:13:32 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
tg1.modoro360.com/api/adserver/spt?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490
200 OK 6.6 kB URL HTTP/1.1 tg1.modoro360.com/api/adserver/spt?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2068)
Hash 2d928ef16b6db0805aefddbefa365873
14e22b5979297d6baf802fc5d3734a4ef781f4bf
e1b4ceb05754522a5f06b44f16484bc0b837170d30d3cc050f730cbde477fdf0
GET /api/adserver/spt?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490 HTTP/1.1
Host: tg1.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 6623
Cache-Control: max-age=300
Expires: Sun, 05 Feb 2023 14:01:15 GMT
Date: Sun, 05 Feb 2023 13:56:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
200 OK 279 B IP
Hash a8856797798668629948a21537e78490
ffb82486b6fdb11cd23589d3f6660c055bc8a176
e402e9c60fb6cf9e84fc00b5a1d427e95f23020f4bfb9929c123a1550e69a825
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5924
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Last-Modified: Sun, 05 Feb 2023 12:17:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP
Hash bfaf554d1d3deae4fd186dbce4296763
c9c333200c72ce31b7abac2f07bf91962b03b834
e1c1fe36f1cb40182a27dd1b9475daf819e7da929cdf0f257495c3783f557f05
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.vlitag.com/adv1/?q=5e55d141408181154f504552cd25c8e3
200 OK 144 kB URL HTTP/2 services.vlitag.com/adv1/?q=5e55d141408181154f504552cd25c8e3
IP
File type Unicode text, UTF-8 text, with very long lines (64974), with no line terminators
Size 144 kB (143604 bytes)
Hash 9233923629b4f78d8af2463320b52bb8
935f0c36f0622b79a5613330146eb2f706bceb3b
f07ccb2c45039c33ef13b37f0c81d8b1bd0289eb5afb5a7db487f36ed4538252
GET /adv1/?q=5e55d141408181154f504552cd25c8e3 HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-bgj: minify
cf-polished: origSize=549399
etag: W/"5e55d141408181154f504552cd25c8e3 2023-02-02T05:00:15 v1 default"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: HIT
age: 465
server: cloudflare
cf-ray: 794c25fe2e69b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP
Hash bfaf554d1d3deae4fd186dbce4296763
c9c333200c72ce31b7abac2f07bf91962b03b834
e1c1fe36f1cb40182a27dd1b9475daf819e7da929cdf0f257495c3783f557f05
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash b04ec2b203d67a2c9859636360fed6f4
6954d4aaaa26e30ca0deeb81bd63afc697e79506
a4a50a17d4f8d422eb6a5e6d644e1db0991c144ec5cc362d5986c84c0514ada8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 13:56:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 06:12:18 GMT
Expires: Sat, 11 Feb 2023 06:12:17 GMT
Etag: "6954d4aaaa26e30ca0deeb81bd63afc697e79506"
Cache-Control: max-age=489961,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794c25fefaa61c0e-OSL
st.chatango.com/js/gz/emb.js
200 OK 24 kB URL HTTP/1.1 st.chatango.com/js/gz/emb.js
IP
File type ASCII text, with very long lines (1651)
Hash a543b2d0bd0671737d07034ada375e34
4f8a72210ccd1bbd1c254cf9138b7399503bb654
c237062303aaf130c2f1a7c9f7b71e6ba23e7c6f307c5d1f9ab2858371421cc3
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 13:56:16 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Sun, 05 Feb 2023 13:56:16 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 4.5 kB IP
ASN #20940 Akamai International B.V.
Hash 5b2e956ac7e30679468b1c9035b65041
d8c505a764d18ff92e91b0250ced2bf2ab9d6e38
cc90c7a78a2272c6b5c08eb04b26097d1567b29d5234c7b229d8fd9a6fb0a178
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 13:56:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 13:56:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 1.0 kB IP
ASN #20940 Akamai International B.V.
Hash d0dc3ee51d5567ad540e2b53aeabfa04
ccc4d537fac5a26be9941a7d52c05aee516505a5
51e56ce27367ba448ab80285910a6c8cbf2886397260a2040c0198108810b441
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 13:56:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 5.0 kB IP
ASN #20940 Akamai International B.V.
Hash 9c6fc5600caba664beea1f61f5482900
900a6fe9bc4c3129f9692c2d1599ac6d5a9d55c3
a042064393e775889061212cc548b6561efee68201423d288b4f9c602ed9f7cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 13:56:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 22 kB IP
ASN #20940 Akamai International B.V.
Hash 9cd308616a52ab39d8b12eae488d1ea3
7cbce40d922e33b64cafefadf1d96cd35cda2637
7b33ecb8502d489ba20e7ae16a44a6ba989ba8409ba1d3f00a95ea8e2c3f5357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 13:56:16 GMT
Connection: keep-alive
c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js
200 OK 16 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js
IP
File type ASCII text, with very long lines (4186), with no line terminators
Hash 216b4399e3013ae306868103f773b58e
85e19f1d4f3c89e9c52e188572232ea538b334b1
c7911fb787fe026ab33c6e180833cc29afab6c3e2923fce03ea0cd7a4405d349
GET /c/6.1.1/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:30:31 GMT
age: 8745
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP
Hash 37cdaf31b2fec3dbabee102d86d1d73d
243283852f95e89b36542a1a06fbb3f20fabc1c9
c6505a69fb74829ac831fda553e6f4dd387e7a602da32586b8ea78fb12ba299c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: 377c182d-43e8-4251-8731-6364d29fb955
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRFs0oAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-1ad3e68f50fc15707ec0406a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sUtUjqOLpq42m22bLgmLggmPbtatZC01og_xzkVI1o8rJtAnvhvqHA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:15:26 GMT
age: 85250
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a032104cf4ccc6ea31f163ca16386487
a0573916c3d72f0554928963c0a74413fdcb3558
8ba7b6e9b3fa28f6fd27f5f006cedac10f50d7da6c109155a2476cf04f4df932
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 29f57721-99ae-4927-b324-b0a40668e2f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqEPuIAMFqpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-156c25027894630b61e5770c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6-RtedWR4ubEBwe85bNcobzqb2Cy9aEUzyT3tlhJ95zD5SgiuS7coA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:18:03 GMT
age: 56293
etag: "a0573916c3d72f0554928963c0a74413fdcb3558"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:24:01 GMT
age: 9135
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js
200 OK 11 kB URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js
IP
File type ASCII text, with very long lines (8517), with no line terminators
Hash 0abecfb9a2625514f39c3c850b0dcd83
248ddd3dd1c7a83964553dab0d4e418bc272162b
7a9ab8ba56ffbafad1628b60ed334c3f2fac51682abf6ff1521b3df4acf859d2
GET /p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
200 OK 231 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Size 231 kB (231009 bytes)
Hash 01a45ed70c0d6329d8b5071b82e1fc4d
9148eec9476241b31a164b76ffd85cc828d6242e
b5620dbbf65734305d16b44bc12a8018340ad9f825d6f3090a6b1ae6980ab5be
GET /c/6.1.1/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/chatango-network/loader.js
200 OK 38 kB URL HTTP/2 cdn.taboola.com/libtrc/chatango-network/loader.js
IP
File type ASCII text, with very long lines (65508)
Hash 60b25fece3062a0df24b9b90d4b67e6c
89691963775c09db135ead89e7a6848271f56072
35e71f31ec3c3757f835fe77cf281e3c9169ae6d7381915fe9055857c53fc1e1
GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jaRywbh/eQBDWiLUvuAg+G9cjrvd3EvOX/ZQ7yZHwR9/hIkpgzDRB4aAGnHFyoL7WFu2XKPM1p4=
x-amz-request-id: 3MQ5C8D6DZGE93SN
x-amz-replication-status: PENDING
last-modified: Sun, 05 Feb 2023 11:24:41 GMT
etag: "b16cce94c387afb3b7df48275119e025"
x-amz-version-id: jgDWO2JRXfAvWWqIQBEYAVOmlluKUnCe
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:17 GMT
via: 1.1 varnish
age: 9090
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 59
x-timer: S1675605377.223187,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 84
content-length: 37594
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 13:44:08 GMT
expires: Sun, 05 Feb 2023 15:44:08 GMT
cache-control: public, max-age=7200
age: 729
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
st.chatango.com/cfg/nc/r.json?2869160020000264733614643
200 OK 20 B URL HTTP/1.1 st.chatango.com/cfg/nc/r.json?2869160020000264733614643
IP
File type JSON data\012- , ASCII text
Hash 345dbbbf4120bf2cc616c0cda02d92de
d0e690c4cb67b9443d45d8342c5788c9583a0064
fc6476e99bc2028c9c0d7d28edafdcc7c2fdeb1630913f685887a25125f4f4e2
GET /cfg/nc/r.json?2869160020000264733614643 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 13:56:17 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
cdn.taboola.com/libtrc/impl.20230205-12-RELEASE.js
200 OK 197 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20230205-12-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 197 kB (196892 bytes)
Hash e6532114add3d32d6861de016d706d57
9807b129f4e9d3714ac7a2b0c542f44dd21cd410
ef9cbfbf9ab3f37a31cf5679aa819741590492e71ab0ee5269f9a5e335f22e99
GET /libtrc/impl.20230205-12-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: UYZEJhXex78tnwEVpFmw2HsONF4zo6ooeEmSzHOOa0cG1zwYhtKFKni1EqNynRfA30G2sNHpeSk=
x-amz-request-id: HQSBXQH5T351G8GW
x-amz-replication-status: PENDING
last-modified: Sun, 05 Feb 2023 13:56:10 GMT
etag: "49e56b50b95c2f758636cee6ffc5339c"
x-amz-version-id: pw7h1FyqZ15lQIqFkw.1oFFzFdFl.ubc
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 13:56:17 GMT
via: 1.1 varnish
age: 6
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1675605377.450407,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 15
content-length: 196892
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675605417971&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fww1.pawastreams.top%2F
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675605417971&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fww1.pawastreams.top%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675605417971&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fww1.pawastreams.top%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 13:56:17 GMT
set-cookie: UID=154bf5cac0c50adf626c2b11675605377; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: brhomcGCxsAdrMuMoYbHzIol5Lo8vkU3pHnIDOOYauN2jtUrip_kMA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 8942dac2c3b84167c8c1c36c8c5dbc24
3202c79b026ed05cd1568065cfba03cffe066637
998bc79f4dc7577f16aa29eea707a9f74380352848fae678f2f9e1a5a5ea42c5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:17 GMT
Last-Modified: Sun, 05 Feb 2023 12:11:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=13%3A56%3A58.112&type=usage&msg=rtus&llvl=2&id=8266&cv=20230205-12-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=13%3A56%3A58.112&type=usage&msg=rtus&llvl=2&id=8266&cv=20230205-12-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chatango-chatango1/log/2/debug?tim=13%3A56%3A58.112&type=usage&msg=rtus&llvl=2&id=8266&cv=20230205-12-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 13:56:17 GMT
x-fastly-to-nlb-rtt: 22425
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ust.chatango.com/groupinfo/p/a/pawastreamslive/gprofile.xml
200 OK 122 B URL HTTP/1.1 ust.chatango.com/groupinfo/p/a/pawastreamslive/gprofile.xml
IP
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Hash 45a6d540254ff5fa3093661e951fa4df
f77dd8fda7d30ae5aa0414076cff4033055abaad
43ab8e28aedfc8d283b95ea564f6cc81cdcb62483d0e6d6ceb8979da1ec3c2bb
GET /groupinfo/p/a/pawastreamslive/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 13:56:18 GMT
Content-Type: text/xml
Content-Length: 122
Last-Modified: Mon, 26 Oct 2020 19:58:48 GMT
Connection: keep-alive
Expires: Sun, 05 Feb 2023 13:56:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
swarm.video/pawas.js
200 OK 134 kB IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 134 kB (134453 bytes)
Hash ef7b38afe81aa5a39ea3fa26c2dc4660
c901d2af53d3128e61b0d10f809c9cb9d894382a
42513d179622266d5e474dc83ae7be0501494f66ed80619c4a0d4a945ba54fc5
GET /pawas.js HTTP/1.1
Host: swarm.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=536843
etag: W/"8310b-185548120e7"
last-modified: Tue, 27 Dec 2022 16:53:46 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 2226136
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut8AjES4o%2BdpmsWrcFNxVdp2flBhuXHMbGz0V800nOSo2fJxAbWFMKJzoI%2Fnn5SEWtNXfLhRMF0srVJISwSZWDVH%2F1K5I4XT9AEbYExgj4QguR1R%2BmhcK%2FOiHbgY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c25fd8c83b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.7344394648967244
200 OK 962 B URL HTTP/2 pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.7344394648967244
IP
Hash d4f747bcaa7f96993a3fde55b2efd7bb
e2f9165ed45683d7d5fd4ddaaf80a7d95462e714
f2cefacc5b7aed2bc4ac26897ba97accd6f0c725237e00a0c750f68040b52dc0
GET /g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.7344394648967244 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:18 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
player.avplayer.com/script/2/v/avcplayer.js
200 OK 61 kB URL HTTP/2 player.avplayer.com/script/2/v/avcplayer.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9dff0335699f04080269947f40c366ae
8447df4f8b168d9c506630f96ef95002c2c6eb28
157b5912ad26a879f38d0dafb1fce2def6df3168a08f991d6203463375fa32fc
GET /script/2/v/avcplayer.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
etag: "1646327924"
cache-control: max-age=600
content-encoding: gzip
content-length: 61326
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
accept-ranges: bytes
vary: X-Goog-Allowed-Resources
x-hw: 1675605378.dop223.sk1.t,1675605378.cds071.sk1.hn,1675605378.cds065.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 8fbe16b11c3f62926159632d6feafdc9
c9c5c8518dfd4bbfd94b17ae46e6695c966b5fea
f03774ea326fc1f6b4866ea5b3004a5075048c14ad3fd9375031d81ec44f778f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3726
Cache-Control: max-age=113812
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:18 GMT
Etag: "63dec088-117"
Expires: Mon, 06 Feb 2023 21:33:10 GMT
Last-Modified: Sat, 04 Feb 2023 20:31:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
200 OK 7.1 kB URL HTTP/2 adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
IP
File type PNG image data, 159 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 9144b08276094534499e409d4be115ed
a2d3460da5082c8a65f7b26d0e07d710fd8d5997
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
GET /wp-content/uploads/2020/06/adipolo_logo.png HTTP/1.1
Host: adipolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
content-type: image/png
content-length: 7068
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
etag: "5ed61610-1b9c"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 11226504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do%2BucCrqmWEbTLNnU1RxpwmjS0xdzNKJAsr%2Bc%2Be9f%2BCEssPeZfo%2FxyeRNoR4tHQ9BIn1sAmrkf%2BgpJRy3EKrwKA%2FIa3RXo2sgqCZ%2BxwbXqJ9q2LZG%2BwZeMbVFHWunQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c2611da30b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63762abe47268709c0482e7d&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=634e511c15009653b86c1490
200 OK 608 B URL HTTP/2 feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63762abe47268709c0482e7d&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=634e511c15009653b86c1490
IP
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (4020), with no line terminators
Hash ac1da31a139bcac70f1d4f7198507552
ada2ac13ab1559423ee6846f3f3237fa42d6516d
7d0d39164486c04582a72f73b90e854390d69a38d425c1b87e4b4f1ba21b152d
GET /backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63762abe47268709c0482e7d&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=634e511c15009653b86c1490 HTTP/1.1
Host: feed.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-envoy-upstream-service-time: 19
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, max-age=3600
expires: Sun, 05 Feb 2023 14:56:18 GMT
date: Sun, 05 Feb 2023 13:56:18 GMT
content-length: 608
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 8fbe16b11c3f62926159632d6feafdc9
c9c5c8518dfd4bbfd94b17ae46e6695c966b5fea
f03774ea326fc1f6b4866ea5b3004a5075048c14ad3fd9375031d81ec44f778f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3726
Cache-Control: max-age=113812
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:18 GMT
Etag: "63dec088-117"
Expires: Mon, 06 Feb 2023 21:33:10 GMT
Last-Modified: Sat, 04 Feb 2023 20:31:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
jscdn.greeter.me/A-letterbigger_Savir.png
200 OK 945 B URL HTTP/2 jscdn.greeter.me/A-letterbigger_Savir.png
IP
File type PNG image data, 19 x 22, 8-bit colormap, non-interlaced\012- data
Hash f07519ec5fbc46385f386b577e6e2a1d
ebca5469f271fc6c0b7f7ebf4b5de8947a7863ab
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
GET /A-letterbigger_Savir.png HTTP/1.1
Host: jscdn.greeter.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
cache-control: max-age=1704
content-length: 945
content-type: image/png
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "f07519ec5fbc46385f386b577e6e2a1d"
x-amz-request-id: tx00000000000000b0b5a23-0063dfae1a-85aa146b-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675605378.dop021.sk1.t,1675605378.cds210.sk1.hn,1675605378.cds014.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 681f8dc4db9e750cd46c3ed38c779dd3
f0b65bb67a3f889ed61c7d8805c03d5a8e55bb56
3cb070ec9268576c60ab3a1cda41b9e812eeff3ddad5e595760cebd2eb4868b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:18 GMT
Last-Modified: Sun, 05 Feb 2023 13:54:22 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 681f8dc4db9e750cd46c3ed38c779dd3
f0b65bb67a3f889ed61c7d8805c03d5a8e55bb56
3cb070ec9268576c60ab3a1cda41b9e812eeff3ddad5e595760cebd2eb4868b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:18 GMT
Last-Modified: Sun, 05 Feb 2023 13:54:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 313 B IP
Hash 2521dc6dc015025c26c7a1b08b3060a1
f5c7abc50c9229a4b198a5c0d5f6dfa8ac528b9f
6671bc387c8011ec55a9d023502189b997adeb18fc2f199747dec7d688f85bd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5313
Cache-Control: max-age=90529
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:18 GMT
Etag: "63de5f62-139"
Expires: Mon, 06 Feb 2023 15:05:07 GMT
Last-Modified: Sat, 04 Feb 2023 13:36:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
200 OK 10 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP
Hash d3d00f4a29d3896a457eb1dc8f45fcc4
5923ac9a5292199c4c9d1105bfa48666c78870ba
0dba4e9bda65725d2f20924656f4a4b61bd44ef0febb0be822bfa6a19276ac02
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 13:56:15 GMT
date: Sun, 05 Feb 2023 13:56:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
200 OK 17 kB URL HTTP/2 content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 640x360, components 3\012- data
Hash 0ee97d2dcd219d582aee0cecbb70cafd
16ba027494a626e2cec019fed6af4e257c041fcf
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
GET /60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg HTTP/1.1
Host: content1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
content-length: 16959
content-type: image/jpeg
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtMOy_9ae3mzVEfh7A-M2FXV6AIMQaqXMq9OLuOpLWR7LC5NWbxmprbSD53tq3DcCHXMGbt3pP3m6YPcrTO1C7cT9-koeb0
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16959
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type, range
server: UploadServer
x-hw: 1675605379.dop223.sk1.t,1675605379.cds071.sk1.hn,1675605379.cds262.sk1.c
cache-control: public, max-age=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 77c548ed6dbee7a04321102c3d93db5c
3f4a20119d052c6c8e5f4224a2948ffd559f96b3
5d553cadff959602e40d007c876a01e0dd4540640c64bbb2679300d43326c603
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5289
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:19 GMT
Last-Modified: Sun, 05 Feb 2023 12:28:10 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 77c548ed6dbee7a04321102c3d93db5c
3f4a20119d052c6c8e5f4224a2948ffd559f96b3
5d553cadff959602e40d007c876a01e0dd4540640c64bbb2679300d43326c603
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5289
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:19 GMT
Last-Modified: Sun, 05 Feb 2023 12:28:10 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=634e511c15009653b86c1490
200 OK 121 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=634e511c15009653b86c1490
IP
File type Unicode text, UTF-8 text, with very long lines (44568), with LF, NEL line terminators
Size 121 kB (121390 bytes)
Hash f0e47e9a4ee6d5d39d1e42e82c648082
5fb148ee2467c95e4feafbba8000c088e3a212a9
911209df8b4912901a3b1583f967ea5b66cff7e0afcf2a61e6d857a7e41b53ff
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=634e511c15009653b86c1490 HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
etag: "1675577816"
cache-control: max-age=600
content-encoding: gzip
content-length: 121390
content-type: application/javascript
last-modified: Sun, 05 Feb 2023 06:16:56 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1675605379.dop003.sk1.t,1675605379.cds227.sk1.hn,1675605379.cds240.sk1.c
X-Firefox-Spdy: h2
nflbite.to/images/nflbiteicon.png
301 Moved Permanently 1.2 kB URL HTTP/2 nflbite.to/images/nflbiteicon.png
IP
Hash c8ec895561604de63a29d41efc679951
75432eaee97991ba1c6f2d979b16609eb690a6c9
56911def832e61032106fa0e7e1c4c3caf2eb3497a82070a648a58713776d144
GET /images/nflbiteicon.png HTTP/1.1
Host: nflbite.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 13:56:18 GMT
content-type: text/html
location: https://www.nflbite.to/images/nflbiteicon.png
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=3600
cf-cache-status: HIT
age: 1191
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBNqBEwCQdINviiB8lKfJHF8wk1nGR17yQJiIqjb%2Bmo3G9BzKERZVpVnLUzLJO3bd%2Fdotf2Oqbu4%2B4GTR9MxS4tZNpy%2BioOoCfSF9L5ymsv6BbHGJZyA34giFRtf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c261278fdb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a4069ddf45ea60849beb2f207a42e423
c414100adc34f518990e88df9e293b01e84a172f
2cf491c844156d3335f494cadf5ff7de97be321dc71d1ea98912c14be3f66223
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: max-age=109910
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:19 GMT
Etag: "63dea9ec-117"
Expires: Mon, 06 Feb 2023 20:28:09 GMT
Last-Modified: Sat, 04 Feb 2023 18:54:36 GMT
Server: ECS (amb/6B8E)
X-Cache: HIT
Content-Length: 279
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 410628
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
servt.modoro360.com/track?pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&cb=1675605419260&r=ww1.pawastreams.top&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&d35=&d65=ControlGroup&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
200 OK 0 B URL HTTP/2 servt.modoro360.com/track?pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&cb=1675605419260&r=ww1.pawastreams.top&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&d35=&d65=ControlGroup&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&cb=1675605419260&r=ww1.pawastreams.top&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&d35=&d65=ControlGroup&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a4069ddf45ea60849beb2f207a42e423
c414100adc34f518990e88df9e293b01e84a172f
2cf491c844156d3335f494cadf5ff7de97be321dc71d1ea98912c14be3f66223
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: max-age=109910
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:19 GMT
Etag: "63dea9ec-117"
Expires: Mon, 06 Feb 2023 20:28:09 GMT
Last-Modified: Sat, 04 Feb 2023 18:54:36 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
servt.modoro360.com/track?r=ww1.pawastreams.top&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=4&d36=6.2.80&apppkg=&fv=1&proto=https&d65=ControlGroup&clsid=88b8d42c-83f6-4416-9cc0-42cfff0e0c2e&rando=94&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1675605419810
200 OK 0 B URL HTTP/2 servt.modoro360.com/track?r=ww1.pawastreams.top&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=4&d36=6.2.80&apppkg=&fv=1&proto=https&d65=ControlGroup&clsid=88b8d42c-83f6-4416-9cc0-42cfff0e0c2e&rando=94&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1675605419810
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?r=ww1.pawastreams.top&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=4&d36=6.2.80&apppkg=&fv=1&proto=https&d65=ControlGroup&clsid=88b8d42c-83f6-4416-9cc0-42cfff0e0c2e&rando=94&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1675605419810 HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
301 Moved Permanently 0 B URL HTTP/1.1 pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2021/04/discord-300x102.png HTTP/1.1
Host: pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 13:56:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 14:56:19 GMT
Location: https://ww1.pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pk%2B432QdXTiGrQnFXyqaIatV4BZgT27b2A6GnQsZrTw0LdIAQ%2Bjb2z8raCJWJHIfRWQFuszUrTiFaHmU5YW0vpJ%2BOcS6mqU4WYsBwNQLJ9N%2BYkoyBBju0uICk9S5qCONHU4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c26158ae60afe-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 313 B IP
Hash b0e746f05c3e28991ba5acf8930a7987
0c564283eaae09d7a9a14c05d7b95de7963b517b
900fe19f894a25adb533d9f3f00d0bb2537316f76d3cead2f6d6f9e97b7726c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3306
Cache-Control: max-age=98592
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:19 GMT
Etag: "63de86b9-139"
Expires: Mon, 06 Feb 2023 17:19:31 GMT
Last-Modified: Sat, 04 Feb 2023 16:24:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash a26072a37cabb7cefebf9d62fa58c9af
2573d1b327f4e9e243735486dbd598ff763fa994
1d15a331c9781ed891e3c5f048b95a821ae2324387408058bab54b8b2844b243
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 13:56:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 23:03:50 GMT
Expires: Sat, 11 Feb 2023 23:03:49 GMT
Etag: "2573d1b327f4e9e243735486dbd598ff763fa994"
Cache-Control: max-age=550649,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794c2613994d1c0e-OSL
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
200 OK 15 kB URL HTTP/1.1 storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 7bf4f6782dee3b520a65ff84286e3691
f3d9a3c61e38006d07e182939838e4673e32805e
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
GET /v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico HTTP/1.1
Host: storage.de.cloud.ovh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 15086
Accept-Ranges: bytes
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
X-Timestamp: 1612097853.12655
Content-Type: image/x-icon
X-Trans-Id: tx8d6d26726e704304947de-0063dfb583
X-Openstack-Request-Id: tx8d6d26726e704304947de-0063dfb583
Date: Sun, 05 Feb 2023 13:56:19 GMT
audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22ww1.pawastreams.top%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1675605420149%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-5xxgeu8o0nej5pkad5zx%22%7D
200 OK 2 B URL HTTP/2 audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22ww1.pawastreams.top%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1675605420149%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-5xxgeu8o0nej5pkad5zx%22%7D
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22domain%22%3A%22ww1.pawastreams.top%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1675605420149%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-5xxgeu8o0nej5pkad5zx%22%7D HTTP/1.1
Host: audit-tcfv2.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
date: Sun, 05 Feb 2023 13:56:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=ww1.pawastreams.top
200 OK 11 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=ww1.pawastreams.top
IP
Hash 31ac33fbf48da2bbfa84aa9cb25fec36
fbeafbf5ff0454d8f4503cbd097aeb67a2f08ed8
4752a8627be0162e8635117f0bd6e1f41e463ab64b1c075e91a4099b6c58752b
GET /syncframe?origin=rtus&topUrl=ww1.pawastreams.top HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:17 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=ff7df816-1c07-4877-836f-9a56af94b157; expires=Fri, 01 Mar 2024 13:56:16 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 836454
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 922 B IP
Hash 2fa0d2133b59b925106715d8eb8e24cc
ea4daffedc1949b6f902d07c73a41348c4c88440
1048bbc7bfa86f30f1c7e1d5de1d1ec1d548632aa18704c68eb6164c1fcb3e1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5243
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:20 GMT
Last-Modified: Sun, 05 Feb 2023 12:28:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58543/occ?gdpr=1&gdpr_consent= HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 13:56:20 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age: 0
server: ATS/9.1.10.25
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=aniview&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Feb 2023 13:56:20 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5f9a07c50e171a7a1c983c3e546fa747
701c6cb3c3acf183ada0ca7144fd5a6accdc3a7a
cf5194a18d2a1926880316305c783ac5d9a6b8086d9ed13d0c50f1303d2fa756
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 13:56:20 GMT
Last-Modified: Sun, 05 Feb 2023 12:22:08 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LDEkwj7_4N0tf68MS6aXWm5Dab0WGnm20vX9tLpfw5oXNobO7lFvew==
Age: 5653
eus.rubiconproject.com/usync.js
200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP
File type ASCII text, with very long lines (18426)
Hash ace04dfac15be0d79f56e38980902803
74a2251fe600f3104efd44849521d642e97d327a
d5e456c23f9ff36e83dea3b7f3a550ee21ce615ea6e92c78c5be0f90b982d22f
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sun, 05 Feb 2023 08:43:42 GMT
Content-Encoding: gzip
Content-Length: 10009
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=67682
Expires: Mon, 06 Feb 2023 08:44:22 GMT
Date: Sun, 05 Feb 2023 13:56:20 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.googletagservices.com/tag/js/gpt.js
200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP
File type ASCII text, with very long lines (39302)
Hash c66584b73d2633ede4e62c18a52ea182
2aaab8a38810da63f8da1cc465e3f4baf3918999
cda041d24a271b4e3f8595151729c869b5e0c5a7d1e32ec4ff717fb68a8902dc
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27285
date: Sun, 05 Feb 2023 13:56:20 GMT
expires: Sun, 05 Feb 2023 13:56:20 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1473 / 640 of 1000 / last-modified: 1675465921"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
File type ASCII text, with very long lines (2846)
Size 126 kB (125826 bytes)
Hash 98b1fe69946e421b8ece280ad4995eed
e6e0b95673083dd5319db64472e9505964998bc0
3ce90bb62a4f3d7a503d1a819ce1b7016837a27c17065adb97c94680a7cd870a
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125826
date: Sun, 05 Feb 2023 13:56:20 GMT
expires: Sun, 05 Feb 2023 13:56:20 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D
302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 13:56:20 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=3dac9460-4640-4d9b-969c-d73966cba0b6; Expires=Sat, 06 May 2023 13:56:20 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675605380; Expires=Sat, 06 May 2023 13:56:20 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fww1.pawastreams.top%2Fnottm-forest-vs-leeds%2F48533%2F
200 OK 113 B URL HTTP/2 api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fww1.pawastreams.top%2Fnottm-forest-vs-leeds%2F48533%2F
IP
File type ASCII text, with no line terminators
Hash 416eee6f327bd3284336c54a189966e9
6116290101a95b0aeba138e5a09c46c0ea6172b2
1cf139411cc45a006542aa99bf581bb8f4ab4902323f1bb9720bd4271e661f2c
GET /v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fww1.pawastreams.top%2Fnottm-forest-vs-leeds%2F48533%2F HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
content-length: 113
expires: Sun, 05 Feb 2023 14:11:20 GMT
x-envoy-upstream-service-time: 1
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 1791929633859721
date: Sun, 05 Feb 2023 13:56:20 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1675605380.258f4b38
x-cdn: akamai
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 893ef64e0e5a743889a56610c74d08b0
fb99cd6996a35cbc5f55befabbe2f46dd79e7b1a
6ed81aeffee8f39513c61a2957396215dca673c6dab0b0e65cbbd44422cd08b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4778
Cache-Control: max-age=99001
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:20 GMT
Etag: "63de8293-1d7"
Expires: Mon, 06 Feb 2023 17:26:21 GMT
Last-Modified: Sat, 04 Feb 2023 16:06:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 9a19c62c0792d92e744b83a0081515a4
e3f8c4d7411027230e8ae353e5bc0896f5fede7b
3f01a15fb576dd2ce4e27c43de82336c8e3b8ab39adb643dc607704ce56b9f16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 13:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:55:56 GMT
Expires: Sat, 11 Feb 2023 13:55:55 GMT
Etag: "e3f8c4d7411027230e8ae353e5bc0896f5fede7b"
Cache-Control: max-age=517774,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794c2619381f1c0e-OSL
sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675605379737-975088600657-001178-000-004361&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%5BUSER_ID%5D
204 No Content 0 B URL HTTP/2 sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675605379737-975088600657-001178-000-004361&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%5BUSER_ID%5D
IP
ASN #31898 ORACLE-BMC-31898
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /services?srv=cs&pid=70&uid=1675605379737-975088600657-001178-000-004361&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%5BUSER_ID%5D HTTP/1.1
Host: sync.technoratimedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 13:56:20 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Fri, 04 Feb 2028 13:56:20 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://ww1.pawastreams.top/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 386644363
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 13:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=474627,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794c2619bc25b517-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 13:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=474627,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794c2619bd69b503-OSL
ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
200 OK 43 B URL HTTP/1.1 ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1675605380304027-337
Expires: Sun, 05 Feb 2023 13:56:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 05 Feb 2023 13:56:20 GMT
Content-Length: 43
Connection: keep-alive
Set-Cookie: UID=095ccc88ecf1a865af65a8b0aed50; Domain=ads.stickyadstv.com; Expires=Tue, 07-Mar-2023 13:56:20 GMT; Path=/
pxId=1953; Domain=ads.stickyadstv.com; Path=/
ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
302 Moved Temporarily 0 B URL HTTP/1.1 ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Content-Length: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1675605380302024-335
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=63961a4ff02742c0e739c4e2e652d6d&_fw_gdpr=1&_fw_gdpr_consent=
Expires: Sun, 05 Feb 2023 13:56:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 05 Feb 2023 13:56:20 GMT
Connection: keep-alive
Set-Cookie: UID=63961a4ff02742c0e739c4e2e652d6d; Domain=ads.stickyadstv.com; Expires=Tue, 07-Mar-2023 13:56:20 GMT; Path=/
x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675605379737-975088600657-001178-000-004361%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
200 OK 43 B URL HTTP/2 x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675605379737-975088600657-001178-000-004361%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675605379737-975088600657-001178-000-004361%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=&user_id=1675605379737-975088600657-001178-000-004361&gdpr=1&gdpr_consent=&us_privacy=1---
200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?ssp=&user_id=1675605379737-975088600657-001178-000-004361&gdpr=1&gdpr_consent=&us_privacy=1---
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?ssp=&user_id=1675605379737-975088600657-001178-000-004361&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
serv.modoro360.com/api/adserver/tag/4/?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fww1.pawastreams.top%2Fnottm-forest-vs-leeds%2F48533%2F0%2F&AV_CHANNELID=63bece46bddf7a08590a2977&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=ww1.pawastreams.top&AV_DADPOS=1&AV_TAG=63762abe47268709c0482e7d&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.80&responsive=1&sver=4&avtoken=419808&omv=1.0.1&AV_D65=ControlGroup&clsid=88b8d42c-83f6-4416-9cc0-42cfff0e0c2e&rando=94&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675605419811&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
200 OK 230 kB URL HTTP/2 serv.modoro360.com/api/adserver/tag/4/?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fww1.pawastreams.top%2Fnottm-forest-vs-leeds%2F48533%2F0%2F&AV_CHANNELID=63bece46bddf7a08590a2977&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=ww1.pawastreams.top&AV_DADPOS=1&AV_TAG=63762abe47268709c0482e7d&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.80&responsive=1&sver=4&avtoken=419808&omv=1.0.1&AV_D65=ControlGroup&clsid=88b8d42c-83f6-4416-9cc0-42cfff0e0c2e&rando=94&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675605419811&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
IP
File type JSON data\012- , ASCII text, with very long lines (44469)
Size 230 kB (230475 bytes)
Hash 74ae8bb10d0a281a1fb469662c3b846a
64921f9dfed0fe33d73c96d13a960afb0b81f3ec
700f5e33f13e4f05d9c6042cb432d61c93c2cd2f64f0197b4f2ec051a7078056
GET /api/adserver/tag/4/?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fww1.pawastreams.top%2Fnottm-forest-vs-leeds%2F48533%2F0%2F&AV_CHANNELID=63bece46bddf7a08590a2977&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=ww1.pawastreams.top&AV_DADPOS=1&AV_TAG=63762abe47268709c0482e7d&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.80&responsive=1&sver=4&avtoken=419808&omv=1.0.1&AV_D65=ControlGroup&clsid=88b8d42c-83f6-4416-9cc0-42cfff0e0c2e&rando=94&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675605419811&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1 HTTP/1.1
Host: serv.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:19 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: aniC=1675605379737-975088600657-001178-000-004361; Expires=Sat, 25-Feb-23 13:56:19 GMT; Max-Age=1728000; Domain=modoro360.com; Path=/; Secure; HttpOnly; SameSite=None
aniC=; Expires=Sat, 25-Feb-23 13:56:19 GMT; Max-Age=1728000; Domain=modoro360.com; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-origin: https://ww1.pawastreams.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
access-control-max-age: 1728000
x-bamboo-c-s: BYPASS
x-bamboo-c-skfe: 1
x-bamboo-c-skst: 1
expires: Wed, 25 Jan 2023 00:09:39 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 185b62fe607d5d833cc1717b68f3f7b7
ab6b571fdfcd1d1cdb923c48f53df4ecd74d85c2
656d98d306ebfcdea0dff590c34a6ce1496faa95ba05fb86f72a5e57e295f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/instream/video/client.js
200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Sun, 05 Feb 2023 13:56:20 GMT
expires: Sun, 05 Feb 2023 13:56:20 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ww1.pawastreams.top
200 OK 216 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ww1.pawastreams.top
IP
File type JSON data\012- , ASCII text, with very long lines (431), with no line terminators
Hash 8223368be3c426c8a7491b617855027f
e60d179e20ac738a14b796df62b1aebdd4261753
418a2bcb5b1bb5aefd639a5ac5b145966e1f33d3989371a1a6eb3804db4bb543
GET /pagead/ppub_config?ippd=ww1.pawastreams.top HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sun, 05 Feb 2023 13:56:20 GMT
expires: Sun, 05 Feb 2023 13:56:20 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 216
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 14:11:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 600 B IP
Hash fac1321f759f4579af9709050f35719f
3cebf04127cee13a263a2e6e86bb572f9699c6e1
ed5e4bda2a97d0cffbb2bc9474a166a6584dc36f419fba2e088ad6b3178eecbc
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=ErKtm180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l5UktsWXNuZiUyRnVaVDdDNEpQJTJCYlpOcUh5JTJCMkx4U0RHU002N0tYVmUxdEk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Y-IY1V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l5UktsWXNuZiUyRnVaVDdDNEpQJTJCYlpPMjh5WXhSclllaWhWZ3VDckwxbU81; expires=Fri, 01 Mar 2024 13:56:19 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 362412
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
200 OK 133 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
IP
File type ASCII text, with very long lines (65395)
Size 133 kB (132970 bytes)
Hash d5c82d46530eac4ab5ed16ba65bdc5e2
84ad2ae028163b72ef16d9d175dc2a5d4cdb2f5d
d6824148d4d65fa29c6b6b32640c329584868f7319e15e93508ad6fcdbb6b965
GET /gpt/pubads_impl_2023013101.js?cb=31072117 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132970
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 11:55:51 GMT
expires: Thu, 01 Feb 2024 11:55:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 31 Jan 2023 09:37:24 GMT
content-type: text/javascript
age: 352829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b00f170c5ac29b1b9dbcd2cc83618e73
1f5e05d1dca5d0a153c5206444189ba8bdb15352
3345a47849b6dde5b2d0e280552ac5b2d7527d855f94f8ae03f09204d35225cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 13:56:20 GMT
Last-Modified: Sun, 05 Feb 2023 12:42:07 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5CTjLiefNXJgN66eZx5rBYdU1zXiJgRCa7pvslgBXQ3McOpoSlSLKw==
Age: 4453
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675605379737-975088600657-001178-000-004361&key=OPTOUT
200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675605379737-975088600657-001178-000-004361&key=OPTOUT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675605379737-975088600657-001178-000-004361&key=OPTOUT HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-length: 0
set-cookie: 1_C_200=OPTOUT; Path=/; Domain=modoro360.com; Expires=Wed, 15 Feb 2023 13:56:20 GMT; Secure; SameSite=None
1_C_200=OPTOUT; Path=/; Expires=Wed, 15 Feb 2023 13:56:20 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675605379737-975088600657-001178-000-004361&key=6kyfz452hVYo&ev=1&us_privacy=1---&pid=562704
200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675605379737-975088600657-001178-000-004361&key=6kyfz452hVYo&ev=1&us_privacy=1---&pid=562704
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675605379737-975088600657-001178-000-004361&key=6kyfz452hVYo&ev=1&us_privacy=1---&pid=562704 HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-length: 0
set-cookie: 1_C_10=6kyfz452hVYo; Path=/; Domain=modoro360.com; Expires=Wed, 15 Feb 2023 13:56:20 GMT; Secure; SameSite=None
1_C_10=6kyfz452hVYo; Path=/; Expires=Wed, 15 Feb 2023 13:56:20 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
sync.aniview.com/cookiesyncendpoint?biddername=9&key=63961a4ff02742c0e739c4e2e652d6d&_fw_gdpr=1&_fw_gdpr_consent=
200 OK 0 B URL HTTP/2 sync.aniview.com/cookiesyncendpoint?biddername=9&key=63961a4ff02742c0e739c4e2e652d6d&_fw_gdpr=1&_fw_gdpr_consent=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?biddername=9&key=63961a4ff02742c0e739c4e2e652d6d&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: sync.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-length: 0
set-cookie: 1_C_9=63961a4ff02742c0e739c4e2e652d6d; Path=/; Domain=aniview.com; Expires=Wed, 15 Feb 2023 13:56:20 GMT; Secure; SameSite=None
1_C_9=63961a4ff02742c0e739c4e2e652d6d; Path=/; Expires=Wed, 15 Feb 2023 13:56:20 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ef93957e7647de6875c55fc7dcfaa912
db22475c14c297db2f90b0b4d3dd6f5210e573b1
6bf15bb83446ac97e63455961ba37f9f93c60fad1abd422403969847c8b6f6c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Last-Modified: Sun, 05 Feb 2023 12:44:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 6a294e44b2ca8619bbfb44e42c64ddc1
5cd169db248a7d1292de35f14d2443c5f88bdacd
b4cd788de006bd6e3510b823d9c075e5ac0dd1f804bc52f19f420eafc876eab1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2064
Cache-Control: max-age=158560
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Etag: "63df75d5-1d7"
Expires: Tue, 07 Feb 2023 09:59:01 GMT
Last-Modified: Sun, 05 Feb 2023 09:24:37 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash ad2f6d0fb4666867c9e0a3530f0f66a6
c166f3bd45870c2866b9d825d41de1d4cf5afa1b
ebe47085a1e80be160adad02d7992b7482897321808d69350044e2d32dbc5bce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5945
Cache-Control: max-age=91563
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Etag: "63de60f7-13a"
Expires: Mon, 06 Feb 2023 15:22:24 GMT
Last-Modified: Sat, 04 Feb 2023 13:43:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
rubiconcm.digitaleast.mobi/usersync/rubicon.gif
302 Found 130 B URL HTTP/2 rubiconcm.digitaleast.mobi/usersync/rubicon.gif
IP
File type HTML document, ASCII text
Hash 175e3747310d06b6260f328833ba5d99
5a4e0dbde7c5f7fc23b1998986e42c022d95a88a
9ccaf911197e63511eb89624f2fc1c97f15079507fa2300af3ef53afb64a5494
GET /usersync/rubicon.gif HTTP/1.1
Host: rubiconcm.digitaleast.mobi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=02b01d6c-2650-4306-befe-db1415a0510a
set-cookie: de_tp_cookie=02b01d6c-2650-4306-befe-db1415a0510a; Path=/; Domain=digitaleast.mobi; Max-Age=31536000
date: Sun, 05 Feb 2023 13:56:21 GMT
content-length: 130
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=ww1.pawastreams.top
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ww1.pawastreams.top
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ww1.pawastreams.top HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 13:56:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
onetag-sys.com/match/?int_id=4
302 Found 0 B URL HTTP/2 onetag-sys.com/match/?int_id=4
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/?int_id=4 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
location: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
content-length: 0
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6a294e44b2ca8619bbfb44e42c64ddc1
5cd169db248a7d1292de35f14d2443c5f88bdacd
b4cd788de006bd6e3510b823d9c075e5ac0dd1f804bc52f19f420eafc876eab1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2064
Cache-Control: max-age=158560
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Etag: "63df75d5-1d7"
Expires: Tue, 07 Feb 2023 09:59:01 GMT
Last-Modified: Sun, 05 Feb 2023 09:24:37 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
204 No Content 0 B URL HTTP/1.1 pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=aniview HTTP/1.1
Host: pixel-us-east.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/gif
ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3Dpubmatic
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3Dpubmatic
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3Dpubmatic HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=95602
expires: Mon, 06 Feb 2023 16:29:43 GMT
date: Sun, 05 Feb 2023 13:56:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9d525a4056778875caaa260fef2c061e
9d0b2b0b9be3e7cc4534f6f270e46fa3e74fa394
5a66f26e823673c1076843efba10956528413b229e342153afdd93cfebd5a673
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: max-age=95641
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:21 GMT
Etag: "63de71a5-1d7"
Expires: Mon, 06 Feb 2023 16:30:22 GMT
Last-Modified: Sat, 04 Feb 2023 14:54:29 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
vpaid.vidoomy.com/sync/urlsvid.json
200 OK 375 B URL HTTP/2 vpaid.vidoomy.com/sync/urlsvid.json
IP
ASN #60068 Datacamp Limited
Hash 1540472d88aee975e45fa470e37f4639
a5e6bc3ba148b94e3d8566d0be620cf6f65a9ea6
bf729201ef6b6e37f51bcf514bb81d1f6af60187e8ce9c07f6582fa9b41abf82
GET /sync/urlsvid.json HTTP/1.1
Host: vpaid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.vidoomy.com
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:21 GMT
content-type: application/json
last-modified: Fri, 03 Feb 2023 11:47:54 GMT
etag: W/"63dcf46a-2f9"
access-control-allow-credentials: true
access-control-allow-origin: https://vid.vidoomy.com
x-accel-expires: @1676461715
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCQ2rWW3/8sACAA
x-77-nzt-ray: c0a4cc28d306fe2a85b5df63ded41e2f
x-cache: HIT
x-age: 180466
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash bb7b244d63e1a69a91119cce50538547
128bcee4aeb712d68252fa41b5d405ab9a9927c5
485079c9c58e40d63dad1d5b88d245d52fb8cd8308b98a676a28b8270d3f80eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3168
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 13:56:22 GMT
Last-Modified: Sun, 05 Feb 2023 13:03:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 727
pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3DCEN
302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3DCEN
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3DCEN HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=af915371-db10-489a-8b9e-1aabffc0ddba#1675605382021; Domain=.sitescout.com; Expires=Mon, 05-Feb-2024 13:56:22 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D57c7f31b15a75f3d399b017f00a28031%26dspid%3DCEN
content-length: 0
date: Sun, 05 Feb 2023 13:56:21 GMT
server: AC1.1
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
302 Found 295 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d351a54e6fea94972b95c8719be0dbb3
6424de15817cddfb627c824dc22cab864126f4de
3b0b2e461988f20a8cf9708bb322f65030782172eadf9ddf3237da1f036839a1
GET /pixel?google_nid=rubicon&google_cm&google_sc HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
date: Sun, 05 Feb 2023 13:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 14:11:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash bb27a7931ff022b316f7aef0f4b8a62f
dfe5a19418c1c67be487c8c43a009956849a7f46
6e29a41aac32f9aa346d9e7b0900a480509c061611e60ecf524eb3b9c6b34928
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 13:56:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 09 Feb 2023 10:34:00 GMT
ETag: "dfe5a19418c1c67be487c8c43a009956849a7f46"
Last-Modified: Sun, 05 Feb 2023 10:34:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1681
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c2626d8f8b527-OSL
pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=223352&nid=4584&put= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif
token.rubiconproject.com/token?pid=2249&pt=n
302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2249&pt=n
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2249&pt=n HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
content-length: 0
token.rubiconproject.com/token?pid=2974&pt=n&a=1
204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2974&pt=n&a=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2974&pt=n&a=1 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%5BRX_UUID%5D
302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%5BRX_UUID%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 13:56:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675605379737-975088600657-001178-000-004361&key=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1675605379737-975088600657-001178-000-004361&key=57c7f31b15a75f3d399b017f00a28031
200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1675605379737-975088600657-001178-000-004361&key=57c7f31b15a75f3d399b017f00a28031
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1675605379737-975088600657-001178-000-004361&key=57c7f31b15a75f3d399b017f00a28031 HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Cookie: aniC=; 1_C_200=OPTOUT; 1_C_200=OPTOUT; 1_C_10=6kyfz452hVYo; 1_C_10=6kyfz452hVYo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:22 GMT
content-length: 0
set-cookie: 1_C_133=57c7f31b15a75f3d399b017f00a28031; Path=/; Domain=modoro360.com; Expires=Wed, 15 Feb 2023 13:56:22 GMT; Secure; SameSite=None
1_C_133=57c7f31b15a75f3d399b017f00a28031; Path=/; Expires=Wed, 15 Feb 2023 13:56:22 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rubicon?zcc=1&cb=1675605382158
302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rubicon?zcc=1&cb=1675605382158
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync2/rubicon?zcc=1&cb=1675605382158 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 13:56:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=OPTOUT&expires=30
etag: OPTOUT
X-Firefox-Spdy: h2
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 05 Feb 2023 13:56:22 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 8VHQ73QK79FM6MP7VZV3
Set-Cookie: ad-id=A9r3Ynv3okdih_AlSZxFh30|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 13:56:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7dna&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7dna&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~ldrg7dna&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 05 Feb 2023 13:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7dsr&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7dsr&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~ldrg7dsr&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 05 Feb 2023 13:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7duz&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7duz&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~ldrg7duz&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 05 Feb 2023 13:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7dq3&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~ldrg7dq3&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~ldrg7dq3&c=5768234985103&slotId=2884117492551.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 05 Feb 2023 13:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tg.socdm.com/rtb/sync?proto=rubicon
302 Found 0 B URL HTTP/1.1 tg.socdm.com/rtb/sync?proto=rubicon
IP
ASN #2514 NTT PC Communications, Inc.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync?proto=rubicon HTTP/1.1
Host: tg.socdm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 Feb 2023 13:56:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y9.1hsCo8YsAAA.6FmcAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie: SOSYNC=anNvbjp7InJ1Ymljb24iOjE2NzU2MDUzODJ9; path=/; expires=Tue, 4-Feb-25 13:56:22 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time: 1
X-SO-HostName: m-ad15.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=rubicon","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y9.1hsCo8YsAAA.6FmcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad15"}
X-SO-Key: Y9.1hsCo8YsAAA.6FmcAAAAA
X-SO-IP: 91.90.42.154
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad15
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 05 Feb 2023 13:56:22 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 0ZAF8C2AF1K3M3V05KBK
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y9.1hsCo8YsAAA.6FmcAAAAA
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y9.1hsCo8YsAAA.6FmcAAAAA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=71722&nid=3668&expires=30&put=Y9.1hsCo8YsAAA.6FmcAAAAA HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Content-Type: image/gif
ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0
301 Moved Permanently 0 B URL HTTP/2 ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0
IP
GET /nottm-forest-vs-leeds/48533/0 HTTP/1.1
Host: ww1.pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 13:56:14 GMT
content-type: text/html; charset=UTF-8
location: https://ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0/
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq0MfPFBPwJj7Xz42%2B8W%2FHv43z9qSfLG%2F9FXi4%2FgvSGrBZUZOxvk5GHKlKh34Vq%2FepmzBYCIVSWTWXHKgnLkWSR5PK3pbgALE2gUg9nsa8cKx7mwvvUi19k786ECxUu1hZRmtNvg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c25f6bb230b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
IP
GET /tcfv2/23/cmp2ui-en.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sun, 05 Feb 2023 10:01:56 GMT
cache-control: max-age=172800
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7a2FZGlJznlhycAU9iOp6zl6x1Evq0LNz8si7GI-9oP1WODuoPjfgw==
age: 14084
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:16 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 328477
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7B%7BVID%7D%7D
200 OK 0 B URL HTTP/2 vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7B%7BVID%7D%7D
IP
ASN #60068 Datacamp Limited
GET /sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:20 GMT
content-type: text/html
last-modified: Wed, 23 Feb 2022 08:15:12 GMT
etag: W/"6215ed10-c6b9"
access-control-allow-origin: *
x-accel-expires: @1676642180
server: CDN77-Turbo
x-77-nzt: AblMCQ2uWfWh
x-77-nzt-ray: c0a4cc2886090f1884b5df63eb15f003
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 103173
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
200 OK 0 B URL HTTP/2 test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
IP
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Sun, 05 Feb 2023 03:00:39 GMT
last-modified: Sun, 29 Jan 2023 19:52:29 GMT
etag: W/"104d73e097947079d97b7ce656d124ce"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4AIQAJ98xxQb5Z9H_UdCs9PW1_AVpdm2
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CROaqydLAkwnWzg57xtzIEZ-dgLBkTcI-r1N-1M7oazfmP2jpOgJBA==
age: 39341
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 121488
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202305.js
200 OK 0 B IP
GET /e-202305.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Wed, 24 Jan 2024 05:54:37 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 05 Feb 2023 03:12:44 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 428K6cOf8m_uq1cCqlnhh_IYwSoM2N-LCJeTlrP6fLR2p3KKQTWkqA==
age: 38614
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0/
200 OK 0 B URL HTTP/2 ww1.pawastreams.top/nottm-forest-vs-leeds/48533/0/
IP
GET /nottm-forest-vs-leeds/48533/0/ HTTP/1.1
Host: ww1.pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 13:56:14 GMT
content-type: text/html; charset=UTF-8
last-modified: Sun, 05 Feb 2023 13:56:14 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po3MZ%2BmvlAaEWHsDmCiNFCYepJqXOH8vxxvRJLp13jjeA5AIvk8uiP449BHwtT9KcWKED24zSIsHuQ4I4c%2BDztifdx3OyAtCXxSf2Lb7lBRJj%2BpB1C8rmeEtLwjdy3U%2Foa%2F7ZtZp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c25f90d620b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
IP
GET /GVL-v2/vendor-list.json HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sun, 05 Feb 2023 03:00:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sun, 05 Feb 2023 03:00:32 GMT
etag: W/"dd5e6d444109736accfeca7278bfc7a1"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -KulwgQMbo9unNvXSNzRm-nzRIdKdLyCdUJ_qDsnozgUANslGn5xyg==
age: 39340
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%25%25VGUID%25%25
302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%25%25VGUID%25%25
IP
GET /bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675605379737-975088600657-001178-000-004361%26key%3D%25%25VGUID%25%25 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-pp7fc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: ccpa=1---;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 07-Mar-2023 13:56:20 GMT;Max-Age=2592000;SameSite=None
V=6kyfz452hVYo;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 31-Jan-2024 13:56:20 GMT;Max-Age=31104000;SameSite=None
pb_rtb_ev=3-1irk|8jz.0.1;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Mon, 05-Feb-2024 13:56:20 GMT;Max-Age=31536000;SameSite=None
INGRESSCOOKIE=ea03eb7899f0067c; path=/; HttpOnly; Secure; SameSite=None
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675605379737-975088600657-001178-000-004361&key=6kyfz452hVYo&ev=1&us_privacy=1---&pid=562704
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js
IP
GET /c/6.1.1/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rubicon
302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rubicon
IP
GET /usersync2/rubicon HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 13:56:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-fcd42bc1-be37-4e05-9841-1b635d554eee-003%22%2C%22zdxidn%22%3A%222013%22%7D; path=/; expires=Mon, 05 Feb 2024 13:56:22 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1675605382158
etag: RXfcd42bc1be374e0598411b635d554eee003
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/imagesloaded.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/imagesloaded.min.js
IP
GET /c/6.1.1/wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 13:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Mon, 05 Feb 2024 13:56:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
104.21.40.103
141.95.4.200
172.217.21.166
3.126.19.221
185.76.9.14
2.18.172.195
213.19.147.44
141.226.228.48
124.146.215.50