guruhitech.com/questa-nuova-truffa-paypal-potrebbe-ingannarti/
172.67.167.108301 Moved Permanently 0 B URL HTTP/1.1 guruhitech.com/questa-nuova-truffa-paypal-potrebbe-ingannarti/
IP 172.67.167.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /questa-nuova-truffa-paypal-potrebbe-ingannarti/ HTTP/1.1
Host: guruhitech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 09:43:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 10:43:27 GMT
Location: https://guruhitech.com/questa-nuova-truffa-paypal-potrebbe-ingannarti/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EMDmjhZI3df7EXV6opdH%2BK76LNyoaq6Dgvbs9bRvgFsCIDVqrp14CJdNVB%2FiD38BAVYTQlrJEdVde9h%2FWxz7UWxdSXouz%2BcbFEjZeeDD9jVUgG0%2Bdr7jIQbORVp%2BaVG6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7722a38b9841b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12513
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 09:43:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: max-age=95351
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:27 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:12:38 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9708
Expires: Wed, 30 Nov 2022 12:25:15 GMT
Date: Wed, 30 Nov 2022 09:43:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 09:18:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1527
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jJs8YwsR744O1h4iScOfxgVeZXKb4Te/jT5HcLMP3ZbTrxg1Hr/2xreBD9NGUw/QzYwJscD8Ofo=
x-amz-request-id: 1WY2Y0XSECWXGCJ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:48 GMT
age: 3459
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e7f946b1ee55685333f61373baaf4c98
122b2b7568365a25571135d200aa095b52da1520
556e16d260c72815d9a17929f7fb277408064ab9f8a1986d73daaf945eaf0642
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:27 GMT
Etag: "638651bf-37"
Server: ECS (amb/6B90)
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e7f946b1ee55685333f61373baaf4c98
122b2b7568365a25571135d200aa095b52da1520
556e16d260c72815d9a17929f7fb277408064ab9f8a1986d73daaf945eaf0642
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:27 GMT
Etag: "638651bf-37"
Last-Modified: Wed, 30 Nov 2022 09:43:27 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Hash e7c3442e509b5a23ec6b03f74355549e
d656b821e08204c38b4ebf7715c6144a0b8d4100
04fd35d15398e5e7897234b38bc75dd41683df1c9c6141ad27528adf9f337208
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 2.7 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 71d3967d0167e82e7d1d564d3e25f865
a983aefb8c54889c7c5d5f10edab0a9b2c6c848e
aaee2c3d32811710ec837fb36570e46a4f4bb7a57b3eb48dbe885359ee5b1ed3
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
guruhitech.com/questa-nuova-truffa-paypal-potrebbe-ingannarti/
104.21.67.6200 OK 65 kB URL HTTP/2 guruhitech.com/questa-nuova-truffa-paypal-potrebbe-ingannarti/
IP 104.21.67.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13245), with CRLF, LF line terminators
Hash 36eb30f99c62413b0f449d567613db2a
aff598e058b893ec1d61dd7e529e83b6719a0c24
4a6e246cc00ae9b8048c249b514b8bce6ce0397f24f71f95e63494207b8b5882
Analyzer Verdict Alert fortinet Malware
GET /questa-nuova-truffa-paypal-potrebbe-ingannarti/ HTTP/1.1
Host: guruhitech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 09:37:08 GMT
cache-control: max-age=0
expires: Wed, 30 Nov 2022 09:43:27 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHoZkPpygC5%2FJxX0m3E4YcCfVyjmNxt5Pl2xavx%2BaT%2BzZptIlcP6GQieYY4LkPIUVfSaIVgtaeRxAmLFG4LkJ52tDol0aKiZWwZ54PzjrGFcCYe6WtSSfp2ShlEMdcazWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7722a38dabc0b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-8FE2F5P2DS
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-8FE2F5P2DS
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 52359d4bb2e7ba6fb8cab37f22e716cc
e0325b0c55d521e594b8e254e0fd50a0165ae7da
8f048d7b4c5e6cbc00127e2a8d8df61c32cf7ece705dad82962fe34ff8e3d55d
GET /gtag/js?id=G-8FE2F5P2DS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 09:43:28 GMT
expires: Wed, 30 Nov 2022 09:43:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/e-202248.js
192.0.76.3200 OK 91 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash c6b92fe7b0d57463bf778cd51feae36b
f1335abc3c4dc6e3abeb3f906fdd420c7db69c4b
ca2220103c041017c5dbba96a069602f6c7ee15b32ccf22fa804697f79ae6cb8
GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.onesignal.com/sdks/OneSignalSDK.js?ver=81582bdb254a94e4464424087c6479a8
104.18.225.52200 OK 3.3 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js?ver=81582bdb254a94e4464424087c6479a8
IP 104.18.225.52:0
File type ASCII text, with very long lines (9097)
Hash 0094979a63927a219abacf665cb632dc
33686875474cd5a823ffdfb1953a3190a58f6816
cfe549335a7d0e9be997f139c24c28bbd6c0b48e20cd498112334404153a86e2
GET /sdks/OneSignalSDK.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2657
expires: Sat, 03 Dec 2022 09:43:28 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7722a390de94b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1e258d2d97dc1a2c884f27040ee7ce5e
fd1009422b0736848e10d0d72ed079c711fc7944
106002bf0a4504a5148fd13443cf5b29a83887da7ee321595f48c661d309416b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6102
Cache-Control: max-age=85993
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Etag: "6385bad3-117"
Expires: Thu, 01 Dec 2022 09:36:41 GMT
Last-Modified: Tue, 29 Nov 2022 07:54:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a647a381c5999e348685eb79bfc7b964
07a4d8c693971f4e22f29149ece15152f58fda7d
b42e0a29b1bd8c4af9b9b97841191cb935498a77e27535bf18f4121cd39c6701
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 05:09:07 GMT
Expires: Wed, 07 Dec 2022 05:09:06 GMT
Etag: "07a4d8c693971f4e22f29149ece15152f58fda7d"
Cache-Control: max-age=587737,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a3907912b4ff-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 1.1 kB IP 172.64.155.188:0
Hash 630a8b5591833c038ff108c14d3f2b36
7ee25cd1a0104cd6d76a66111f9c6582b4e4801b
09702f1332dc239d6b191cc1501316f359b50e780e76406b56cad53af1396f6d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 05:09:07 GMT
Expires: Wed, 07 Dec 2022 05:09:06 GMT
Etag: "07a4d8c693971f4e22f29149ece15152f58fda7d"
Cache-Control: max-age=587737,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a39078cc0b59-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 519 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
Hash bd0aa3452cc8da7d755126da14a0e556
87db4469058463884e9e92be359924074fbcf638
facb2c572c16b33d52089bc83098599b9ffc1cbab1e1cf095bc69f8b7c79ef0c
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 09:11:14 GMT
cache-control: public,max-age=3600
age: 1934
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 2.3 kB IP 172.64.155.188:0
Hash 669482c411e96c008016c69b42c87a07
786acb4a321b864181f819a3c8bb336d0e4abad1
ec972523b443721a64a3950712f23911a02086a93d367b7bfc07239b22d22306
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:47:24 GMT
Expires: Tue, 06 Dec 2022 06:47:23 GMT
Etag: "94c2aa52f699c81b2bd13691ee028ae244f2444f"
Cache-Control: max-age=507234,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a3907d430b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 495 B IP 93.184.220.29:0
Hash 9c9b770028af7a896ebc7f3d68dd5beb
6737553f0cdf5c91f032acbd6edb68df6118ea9d
8aa67ea69a84f826097bc79bb2998a953e5dcc16784c40522dcb3c0e3dee3447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5890
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Last-Modified: Wed, 30 Nov 2022 08:05:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 14 kB IP 172.64.155.188:0
Hash 3691a6f2a5e197a5cc7015231bf88999
a9558ed0d56f74df66d698b96ec9c93df31a782a
9cacbab09207930c31bc1f9f95c39b7b495c75a4eb51b759859b0f6eb4cfac52
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 05:09:07 GMT
Expires: Wed, 07 Dec 2022 05:09:06 GMT
Etag: "07a4d8c693971f4e22f29149ece15152f58fda7d"
Cache-Control: max-age=587737,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a3923eb60b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 21 kB IP 93.184.220.29:0
Hash af38130a2472708cc61c0224a9a01050
ecac9dbf8d1a2cdf9e4a7e5b5dc717295a5a99d9
81b84647a7340ae77e92c3668cd1f790d60b7eafcc32c4fc34b816424960a22a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Last-Modified: Wed, 30 Nov 2022 08:02:01 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 139847
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.viralize.tv/display/?zid=AAEoWFXjEjtKT5bd
35.186.238.232200 OK 586 B URL HTTP/2 ads.viralize.tv/display/?zid=AAEoWFXjEjtKT5bd
IP 35.186.238.232:0
Hash 015cff360a5096dc3cb78539922902f8
d011b31f113a9986fe77daaa2ce0c87acaf1e89b
4d77db63c3a0807ee6346d1c7ac5d488fcdb33592c2e4f55d35845445b04d9ce
GET /display/?zid=AAEoWFXjEjtKT5bd HTTP/1.1
Host: ads.viralize.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/javascript
vary: Accept-Encoding
server: uvicorn, Unknown
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 30 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 70583e4e133210e4dd484b53e95f22d8
0d5444aeb9b4554039f249557422c42944b7eb4f
5e3f6b8b9a5689579bb5982d546a9c1b3dc2de81b72b3f92a5602a61be6ba1c0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 1.1 kB URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash 5c80416dd55f74a04a63f390e0989889
6ad5d78596a779e3f6f5903d71a43068d1ce66de
b8421e945b61c7d94e010a0d4fd3c88525365a0056aee1cbd1f6d36fc21aa098
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 79XEQjnYZkPvCQXIUnQ4wA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RayCQHvlZZlCA9b1Qyv1N5bYKRQ=
region1.google-analytics.com/g/collect?v=2&tid=G-8FE2F5P2DS>m=2oebs0&_p=1247939011&gdid=dZGIzZG&cid=1545599805.1669801407&ul=en-us&sr=1280x1024&_s=1&sid=1669801407&sct=1&seg=0&dl=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&dt=Questa%20nuova%20truffa%20PayPal%20potrebbe%20ingannarti%20%E2%80%A2%20GuruHiTech&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8FE2F5P2DS>m=2oebs0&_p=1247939011&gdid=dZGIzZG&cid=1545599805.1669801407&ul=en-us&sr=1280x1024&_s=1&sid=1669801407&sct=1&seg=0&dl=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&dt=Questa%20nuova%20truffa%20PayPal%20potrebbe%20ingannarti%20%E2%80%A2%20GuruHiTech&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8FE2F5P2DS>m=2oebs0&_p=1247939011&gdid=dZGIzZG&cid=1545599805.1669801407&ul=en-us&sr=1280x1024&_s=1&sid=1669801407&sct=1&seg=0&dl=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&dt=Questa%20nuova%20truffa%20PayPal%20potrebbe%20ingannarti%20%E2%80%A2%20GuruHiTech&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://guruhitech.com
date: Wed, 30 Nov 2022 09:43:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 78 kB IP 93.184.220.29:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash 98476e35a0399c5328fd51bf1f36d6cc
921162b00d886347e747a03f48f2e5cba15323fb
ad15e5f2981fa84c1a40356144be4e391b6c663586b5aff987ceaf49af7aee48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5367
Cache-Control: max-age=134194
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:28 GMT
Etag: "638679fb-1d7"
Expires: Thu, 01 Dec 2022 23:00:02 GMT
Last-Modified: Tue, 29 Nov 2022 21:30:35 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:56:13 GMT
expires: Tue, 28 Nov 2023 18:56:13 GMT
cache-control: public, max-age=31536000
age: 139635
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kvt.cookieless-data.com/api/v1/public/p/28662/d/33/c?url=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&args_country&args_device=desktop&args_zone_id=37375&callback=sublimeCb1669801407715
51.15.145.116200 OK 162 B URL HTTP/1.1 kvt.cookieless-data.com/api/v1/public/p/28662/d/33/c?url=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&args_country&args_device=desktop&args_zone_id=37375&callback=sublimeCb1669801407715
IP 51.15.145.116:0
File type ASCII text, with no line terminators
Hash 45413c7ed383aa4c4e3c500fb67365ba
20cd83c4a23bb92b8f24c92dd7bead367bff6154
b28280d6a64376a0a192b9a8dcc5ad0461a1d5707e4743c7a344446832f401ff
GET /api/v1/public/p/28662/d/33/c?url=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&args_country&args_device=desktop&args_zone_id=37375&callback=sublimeCb1669801407715 HTTP/1.1
Host: kvt.cookieless-data.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 30 Nov 2022 09:43:29 GMT
Content-Type: text/javascript
Content-Length: 162
Connection: keep-alive
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
pixel.wp.com/g.gif?v=ext&blog=183903148&post=89993&tz=1&srv=guruhitech.com&j=1%3A11.5.1&host=guruhitech.com&ref=&fcp=1041&rand=0.5944194180362303
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=183903148&post=89993&tz=1&srv=guruhitech.com&j=1%3A11.5.1&host=guruhitech.com&ref=&fcp=1041&rand=0.5944194180362303
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=183903148&post=89993&tz=1&srv=guruhitech.com&j=1%3A11.5.1&host=guruhitech.com&ref=&fcp=1041&rand=0.5944194180362303 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 08:46:55 GMT
expires: Wed, 30 Nov 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 3394
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ced.sascdn.com/tag/3327/smart.js
23.36.77.24200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/3327/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65319)
Hash 1c29a6748e12ecacf899b267a62bf2d3
6aaf7bef7449a1d91378ae4ca86c058248deadf8
b64c90e609052b97d651709bd89e791cbb05c1d29b8257f68d00df01a1c4294e
GET /tag/3327/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32918
Cache-Control: public, max-age=7200
Expires: Wed, 30 Nov 2022 11:43:29 GMT
Date: Wed, 30 Nov 2022 09:43:29 GMT
Connection: keep-alive
www.googletagservices.com/tag/js/gpt.js
142.250.74.66200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (40310)
Hash 29ed5b293dcfca374ba9d698f2c4775b
bbc3dc830d9c221483b43529ff40bd14e11bc869
3807fe59d86887f5cac927f2703dc8bc118169c54d3313d539f84bb903d40980
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27265
date: Wed, 30 Nov 2022 09:43:29 GMT
expires: Wed, 30 Nov 2022 09:43:29 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1407 / 391 of 1000 / last-modified: 1669763224"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
antenna.ayads.co/?device=d&et=1631&ga=0&gc=0&gm=0&gs=0&puid=p543318636364136768&sqid=1&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=1&tse=1669801407718&ver=20221125092305&z=37375&e=l&bh=939&bw=1268
18.200.182.178204 No Content 0 B URL HTTP/2 antenna.ayads.co/?device=d&et=1631&ga=0&gc=0&gm=0&gs=0&puid=p543318636364136768&sqid=1&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=1&tse=1669801407718&ver=20221125092305&z=37375&e=l&bh=939&bw=1268
IP 18.200.182.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?device=d&et=1631&ga=0&gc=0&gm=0&gs=0&puid=p543318636364136768&sqid=1&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=1&tse=1669801407718&ver=20221125092305&z=37375&e=l&bh=939&bw=1268 HTTP/1.1
Host: antenna.ayads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
X-Firefox-Spdy: h2
sopalk.com/c/x9gln7cd5pht1uhke74b0.json
54.230.111.45200 OK 1.1 kB URL HTTP/2 sopalk.com/c/x9gln7cd5pht1uhke74b0.json
IP 54.230.111.45:0
File type JSON data\012- , ASCII text, with very long lines (1102), with no line terminators
Hash 9e565a56a4d23b7cac84f19f76d95d2a
314d17b3a31aa7aaf03346c324da83e2b1f97c9c
7c4ac7c2b59291a23142cd746f6025ad0ac6fb7691f6b0939268fe0f139db356
GET /c/x9gln7cd5pht1uhke74b0.json HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guruhitech.com/
Origin: https://guruhitech.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1102
date: Wed, 30 Nov 2022 09:20:39 GMT
last-modified: Wed, 30 Nov 2022 09:13:43 GMT
etag: "9e565a56a4d23b7cac84f19f76d95d2a"
x-amz-version-id: Ss3oLZrnLG.gkagg2aFlkRa5E7jowkNq
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s8AYUg6p-kbTos1jNWQvnuXRFvapellHsorpr8TrdEgeKQc726bp8g==
age: 1371
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
tagmanager.smartadserver.com/3327/410318/smart.prebid.js
23.36.77.16200 OK 98 kB URL HTTP/1.1 tagmanager.smartadserver.com/3327/410318/smart.prebid.js
IP 23.36.77.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64911)
Hash d97c701d01b3ca04edd289255e9ec9a6
bf443374cb33e8ad896e9ddca0016a7bc541bd94
5bd2852e0fb0344e272863ec6c70246c5659f2582f4869cab4162a4cc0b19b26
GET /3327/410318/smart.prebid.js HTTP/1.1
Host: tagmanager.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 28 Nov 2022 17:26:24 GMT
ETag: "4ba5d-5ee8b2bb89f76-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Date: Wed, 30 Nov 2022 09:43:29 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Connection: keep-alive, Transfer-Encoding
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
192.0.73.2200 OK 1.0 kB URL HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
IP 192.0.73.2:0
File type PNG image data, 25 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash fed546357e9f16dd0ee47c7ee5846ef7
eb4a7277c8e1360d0deb902644838f27a21b42de
3e75955919222f7160538b335b7cdb2b302136521aed489ba5c96e1c2bf3ab5a
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: image/png
content-length: 1028
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
expires: Wed, 30 Nov 2022 09:48:29 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1.1-alpha-54812
192.0.77.32200 OK 5.8 kB URL HTTP/2 s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1.1-alpha-54812
IP 192.0.77.32:0
File type ASCII text, with very long lines (15660)
Hash 118dc1e6a6da7e76bae2d2791246ccf7
435f4f7bec6afe98f9d152a116913554158b70ae
9a662184e6ed316c36d222f879d6cdcc94a671207b02afb53da374894799c092
GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1.1-alpha-54812 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b6ba-48b9"
content-encoding: br
expires: Tue, 14 Nov 2023 16:28:26 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9i0EOwjAMBD+Ea1BFe0I8BZnEgJvYlDhRv0/EgRNiT6PVDG4rhKdVtoraYM3tLuaYJbHjq3HjB1nMXIbFd/hbpqhicKWCSl65dIJaKCT/FyVx5QrjsMeLWPget/KRY2/PejpMfeM0z8flDaXAPmE=
192.0.77.32200 OK 140 kB URL HTTP/2 s0.wp.com/_static/??-eJx9i0EOwjAMBD+Ea1BFe0I8BZnEgJvYlDhRv0/EgRNiT6PVDG4rhKdVtoraYM3tLuaYJbHjq3HjB1nMXIbFd/hbpqhicKWCSl65dIJaKCT/FyVx5QrjsMeLWPget/KRY2/PejpMfeM0z8flDaXAPmE=
IP 192.0.77.32:0
Size 140 kB (140528 bytes)
Hash 3b2f94ab7fb078bd8b71285541fcbc56
88507e2c090c9bdf92456411cb2d43abd09b374f
ee452120c21c76e99d08b09a1fa358fca5065e339954d7634c7634112a68f204
GET /_static/??-eJx9i0EOwjAMBD+Ea1BFe0I8BZnEgJvYlDhRv0/EgRNiT6PVDG4rhKdVtoraYM3tLuaYJbHjq3HjB1nMXIbFd/hbpqhicKWCSl65dIJaKCT/FyVx5QrjsMeLWPget/KRY2/PejpMfeM0z8flDaXAPmE= HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 24 Oct 2022 18:39:41 GMT
etag: W/"6356dbed-785e"
content-encoding: br
expires: Tue, 24 Oct 2023 18:39:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f1ff0e426edf6f8b8c3d37fe0d11020
991e3cc053afcea12615afa0ad28eed68ce468aa
f0dc858c922db4b62ea4432b034f7b20ad21f88d9e7b9bc3f2fbec85f52964ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6129
Cache-Control: max-age=122730
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:29 GMT
Etag: "63864a3a-1d7"
Expires: Thu, 01 Dec 2022 19:48:59 GMT
Last-Modified: Tue, 29 Nov 2022 18:06:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
192.0.77.32200 OK 3.1 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP 192.0.77.32:0
File type ASCII text, with very long lines (2702)
Hash f561755a7fc6bac6be945693f3c8eaa1
efff8112c186c4526eaf858af850e9b75314057a
1dfcb2c90d549a1939614335805297c46e2745a396ff7656ecf966ead25d2a06
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-gEQ4qwe3VM9Sc.js
143.204.55.97200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-gEQ4qwe3VM9Sc.js
IP 143.204.55.97:0
Hash b5b5983b6e432e728184bb000f71c867
9dd6b0a0c9e1dd26efae21f445170b3ae357a44c
93599b985aee75bc39719baa5746658c5eb2ce33178716dce3a308712acb3dd8
GET /rules-p-gEQ4qwe3VM9Sc.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Tue, 22 Nov 2022 11:19:25 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Wed, 30 Nov 2022 08:45:03 GMT
cache-control: max-age=3600
etag: "b5b5983b6e432e728184bb000f71c867"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: njsJDTQdr7t_2rqA3l4tm6h7vvaIuP1O0gzSedn3tR4nHeBdPo6MwA==
age: 3507
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
192.0.77.32200 OK 15 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP 192.0.77.32:0
File type Unicode text, UTF-8 text, with very long lines (3416)
Hash 88ce61efda4e0a45cdc2085b01724c1a
51e90dd3c5fe0b226107172b1a6761281cc103f7
55e85f5a4fed0f27890f1230c4229b41ec1af2e0756784b25b7040db75bfeb9b
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7ef3d0ba4c6c5bb41cb2ca48eb16831d
d28b35a109b98b1871ffbab7ab329dc811b00bb7
5a8b8ecc7519c6c78704c356770268c7e8425ce05c1d3b866fbaf0ee7be9f1f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5918
Cache-Control: max-age=139063
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:29 GMT
Etag: "63868ada-117"
Expires: Fri, 02 Dec 2022 00:21:12 GMT
Last-Modified: Tue, 29 Nov 2022 22:42:34 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
sopalk.com/r/p.html?f=gptsoatow&e=1841806559274
54.230.111.45200 OK 2.9 kB URL HTTP/2 sopalk.com/r/p.html?f=gptsoatow&e=1841806559274
IP 54.230.111.45:0
Hash 91c07f324125e584cc5dd1c0d524b03a
59bf0560e55845046f51bed91f0aa0e790fac148
41510dc9b7a34933fc2dba69d7e557ccd243b821be3cf863d016bb07804002be
GET /r/p.html?f=gptsoatow&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TTotVpf1r51Gz1vUgfrcrEuYnbqo0CeCjiL1uU3qaAGq64Zp5kgAFQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9089
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:43:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9089
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:43:30 GMT
Connection: keep-alive
sopalk.com/r/p.html?f=wppza&e=1841806559274
54.230.111.45200 OK 2.9 kB URL HTTP/2 sopalk.com/r/p.html?f=wppza&e=1841806559274
IP 54.230.111.45:0
Hash 91c07f324125e584cc5dd1c0d524b03a
59bf0560e55845046f51bed91f0aa0e790fac148
41510dc9b7a34933fc2dba69d7e557ccd243b821be3cf863d016bb07804002be
GET /r/p.html?f=wppza&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LElAyGqYQ-6MjlYbpGTUG5kDMJU9kAJRiM14rgkL8L-VfI_ASgF_sQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9089
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:43:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 40101
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 42639
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 42425
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 42839
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 42645
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 41684
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
geoworker.ayads.co/
104.20.10.37200 OK 1 B IP 104.20.10.37:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET / HTTP/1.1
Host: geoworker.ayads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:30 GMT
content-type: text/plain;charset=UTF-8
content-length: 1
access-control-allow-origin: *
access-control-allow-methods: GET
sublime-worker: true
vary: Accept-Encoding
server: cloudflare
cf-ray: 7722a39d8866b511-OSL
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.59200 OK 5.4 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.59:0
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash 2e109896d670df4a39e622568d7812c3
bd334f9ea28d9611ac7f84f80f4c0d5d8d67c412
6c1d11ec6dff32fcaea797a093933af387155930f8a7b61eb0ad10cf4077ba54
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Wed, 30 Nov 2022 03:00:35 GMT
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
etag: W/"67643b5faa0950a5532c47758ba39d2f"
x-amz-server-side-encryption: AES256
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8k9l-g3zFyNeYm9DjFgiaTep4g6tHEfi6xgSySpFqZtBZJsw7C6zyQ==
age: 24175
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cc478710e5244b4fe6eacfa475e981bd
211ec9df0d2daed7e45a685b3b9dcb10618754a3
2b004ea595b9ac608320b145c461a432834204b3f953d14eafecb27df16ae2a8
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 872
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://guruhitech.com
AN-X-Request-Uuid: 1c7ae2bf-0310-46af-a560-9042dc497b1c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sopalk.com/r/p.html?f=ptrrnt&e=1841806559274
54.230.111.45200 OK 2.8 kB URL HTTP/2 sopalk.com/r/p.html?f=ptrrnt&e=1841806559274
IP 54.230.111.45:0
Hash d851061b9113446f810b8e012322fa8f
30817dfefba22686f53007d7f1f358cb4769b448
fbe2efb81ed3c9a2eee2c76b782779785fbb9b196770f7e77768c24a601857a0
GET /r/p.html?f=ptrrnt&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HpnBUPxGj02Oh79CMxKw5fx2OCdLECs8uqkX1bqN4Dkl-4lHpnbQiA==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=%2F21671350435%2C71042837%2F970x250-guruhitech.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1a193b23-b96e-463d-b3bc-c1d10a221333&l_pb_bid_id=102b852a1594a808&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8255917406032462
213.19.162.31200 OK 457 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=%2F21671350435%2C71042837%2F970x250-guruhitech.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1a193b23-b96e-463d-b3bc-c1d10a221333&l_pb_bid_id=102b852a1594a808&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8255917406032462
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (457), with no line terminators
Hash e608fff65cfc5faa2b2f3cc9e5cfb889
1cca648c516f6168d9f412da6e309e0dab29854c
2a8b896ce6005bb80821cf894a2a41ea40fb723b07cfe8d060b4f1491a8c9b45
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=%2F21671350435%2C71042837%2F970x250-guruhitech.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1a193b23-b96e-463d-b3bc-c1d10a221333&l_pb_bid_id=102b852a1594a808&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8255917406032462 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:30 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://guruhitech.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNABE-I-8ZW7; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:30 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqrt7g8TwReXu9DtVM30fCgeJct9d5f2umh8l+B13TeAry9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:30 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 457
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://guruhitech.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
192.0.77.32200 OK 51 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
IP 192.0.77.32:0
Hash 4b5e307c0a7ee5c87cc3ca48b0fe1fba
a2ea0a13c54499ecaf9fcffb9caf4541a33153de
8a7646720fd111b2520ba723e193e77f7cc0f503bdbd16aa888110e4caa65b0a
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Aug 2022 20:22:35 GMT
etag: W/"62f6b68b-4b6b"
content-encoding: br
expires: Thu, 23 Nov 2023 21:55:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
hb.adpone.com/prebid7.19.0.js
104.26.11.25200 OK 124 kB URL HTTP/2 hb.adpone.com/prebid7.19.0.js
IP 104.26.11.25:0
File type ASCII text, with very long lines (64662)
Size 124 kB (124537 bytes)
Hash 4dae4c8fe26fc402eef3b05240aabe5a
fe7f4f92a9491cbac77fd3afef0235c91e0e6e11
a551ee6ebfc30a3d71b85f243fa7bc5cc88103730919d5945824dfe82587d4f8
GET /prebid7.19.0.js HTTP/1.1
Host: hb.adpone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:30 GMT
content-type: application/javascript
x-amz-id-2: z8zPPgpChpmPHjrETbNpCXccjPHhgx/GJFcxrGv5xpYywnazjILxUOl1MmK1mgPPDqHEJdhQRpw=
x-amz-request-id: AZB8RQQA6SHSSEK2
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
cache-control: max-age=14400
cf-cache-status: HIT
age: 4561
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WyarsxZEASqnMwhzl5SQXr4ycQ2DLDkKNZQzjAmCZLcbpZIsZbFnyzo78DC4xPL4z9Q%2FadiQqBDOyq0BAwFiFA%2Fc63uYPSZPqhwn63BFSpSNQwBQDEHpPN90RH%2FI5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7722a39c98ceb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=96162354900&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=96162354900&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=96162354900&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 583
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://guruhitech.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www8.smartadserver.com/ac?nwid=1827&siteid=392138&pgid=1345107&fmtid=97506&async=1&visit=m&tmstp=&gdpr_consent=
185.86.137.17200 OK 956 B URL HTTP/1.1 www8.smartadserver.com/ac?nwid=1827&siteid=392138&pgid=1345107&fmtid=97506&async=1&visit=m&tmstp=&gdpr_consent=
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with CRLF, LF line terminators
Hash 307266cbdaf837957b0122edcdd4d7f4
182833d4ed805784fee8d3dd49a35f1aa1075254
942a75826685c7609c2b6c99c243c671f0a648c745ad975515eee08e051ffc60
GET /ac?nwid=1827&siteid=392138&pgid=1345107&fmtid=97506&async=1&visit=m&tmstp=&gdpr_consent= HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:29 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
vs=392138=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
pid=9075161176947771210; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982107115111&o=1; expires=Thu, 01 Dec 2022 09:43:30 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:30 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 10166347
sopalk.com/r/p.html?f=pvnubjg&e=1841806559274
54.230.111.45200 OK 5.3 kB URL HTTP/2 sopalk.com/r/p.html?f=pvnubjg&e=1841806559274
IP 54.230.111.45:0
Hash 941f4f3013be5dfc6649cbe9fbe2d526
33a7f141e716b4d3429dcf22ad10ff9fd73b5e23
274b913f92dc6b1fef037b2a76adff611795d93c8abe01e66c348fd36bfc38bb
GET /r/p.html?f=pvnubjg&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aiyjqdkdrZNhe1zU8nGruTNuVKfuPFERB1I_5VnM2Rlz8LaZD3Ro4w==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=zhvxupd&e=1841806559274
54.230.111.45200 OK 2.4 kB URL HTTP/2 sopalk.com/r/p.html?f=zhvxupd&e=1841806559274
IP 54.230.111.45:0
Hash 33149bd4925e3f22d9423e5e09bab184
7fa984f89a387893629b6253dca9a6d6e9f73e78
43c3fec2a93e5ddc4c418aeb110ab37a1ce4308c311056633aaa1f1c21df29aa
GET /r/p.html?f=zhvxupd&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wKmqLgGoQ0w2osPk8kUTYzLtnIDug52XXjFpWUIYqcCWLgekVNEeeg==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
104.85.187.217301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
IP 104.85.187.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 572 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1063), with no line terminators
Hash 2919eb42de73cacaf0a0fd8430f4300d
74e7342e1c5e003f8152ce19e8cbe4ccf9ca702e
3032fe74dda6ad8f2aaa60d7282ae09218e631f681721e47af49e26e4ef99c4d
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 443
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://guruhitech.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
pid=841007712809731848; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982108309910&o=1; expires=Thu, 01 Dec 2022 09:43:30 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:30 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 19840b656c4dcba5df7786fd874e52d1
26dbc300d3a3cf6e1ee06074bab08c96bdc66279
813bcf25be38ec1c6600638608aa8a0f2876365fb3856a0cbc05a28ce25b4bb7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146129
Date: Wed, 30 Nov 2022 09:43:30 GMT
Etag: "6386a5bc-1d7"
Expires: Fri, 02 Dec 2022 02:18:59 GMT
Last-Modified: Wed, 30 Nov 2022 00:37:16 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7Rzs26Q66FwDGJgpV8K3D3L-vOy-rpsDbBypy6_tVaHQhHy780lfYw==
Age: 6103
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409397&tk_flint=pbjs_lite_v7.19.0&x_source.tid=16da7de5-5f24-4e59-b573-a92365e18f42&l_pb_bid_id=25f12c8750173d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7209912738150126
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409397&tk_flint=pbjs_lite_v7.19.0&x_source.tid=16da7de5-5f24-4e59-b573-a92365e18f42&l_pb_bid_id=25f12c8750173d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7209912738150126
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 3d0ac2d346062d99c56b534f84af6075
380a5cfafb0a6cb3ad562214105823e773f44122
48b403e81d61d5c88f8546b34f51342aec462e4d0035961c08d49108b53c72ea
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409397&tk_flint=pbjs_lite_v7.19.0&x_source.tid=16da7de5-5f24-4e59-b573-a92365e18f42&l_pb_bid_id=25f12c8750173d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7209912738150126 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:30 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNALD-10-K1KF; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:30 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Ehtq9nHbwqofe9DtVM30fCgeJct9d5f2umh8l+B13TeAry9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:30 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=smartadserver&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guruhitech.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Nov 2022 09:43:30 GMT
Connection: keep-alive
Vary: Accept-Encoding
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=38092936871&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=38092936871&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=38092936871&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 76edff33f2a8b0a5fe3fcdf7fd091c3e
a7c6ddd0e368b4f861cd63047dd6216db43986b1
5d565e8a858253f13de78e05e6fdbb7a094c7a3f925e5b6ca07ddc9bf6e79aa8
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: d46cee17-5e59-479a-8766-60afd4a82264
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5d93e13d8b560f0e9f77cf575b17f590
2a14fbf1023ab3a7f94c5ed80a68a826d69f28fc
d9e5654a2d687c97c718e74abf939c7d8aefa37df82ebba51ddfce304df0dcea
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 13:56:49 GMT
Expires: Tue, 06 Dec 2022 13:56:48 GMT
Etag: "2a14fbf1023ab3a7f94c5ed80a68a826d69f28fc"
Cache-Control: max-age=532997,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a3a24c420b55-OSL
sopalk.com/r/p.html?f=iqqrkhntf&e=1841806559274
54.230.111.45200 OK 2.3 kB URL HTTP/2 sopalk.com/r/p.html?f=iqqrkhntf&e=1841806559274
IP 54.230.111.45:0
File type HTML document, ASCII text, with CRLF line terminators
Hash a61a069d6a33fb4b48d26dde229f7c1e
0e581c5b9392d34705c28e47f70da6b138f03136
3071ff1f936dcb4f6dee77859bd0d96fd681d17378f4b621e4947de749959f00
GET /r/p.html?f=iqqrkhntf&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9PtiT3h-PBULVuooSzyJG9D1P_hL-EEj6JTyF6d_1kxSEQ03L1SzNw==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
x.bidswitch.net/sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
52.28.76.191302 Found 0 B URL HTTP/2 x.bidswitch.net/sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
IP 52.28.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 30 Nov 2022 09:43:30 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=b5aaabd5-7141-4401-a00c-dae0ef0d9546; path=/; expires=Thu, 30-Nov-2023 09:43:30 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669801410; path=/; expires=Thu, 30-Nov-2023 09:43:30 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669801410; path=/; expires=Thu, 30-Nov-2023 09:43:30 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669801410; path=/; expires=Thu, 30-Nov-2023 09:43:30 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 527 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1031), with no line terminators
Hash 34004611c2f4308767599134b3571e62
05e6cf17504afa82b13897697e7a8a15b6dfb4d4
b12febfcc980fe00209e7c3b4f34fee5c17e9ce174ca351355e5761fb3935a6d
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
pid=2722039088778790675; expires=Thu, 30 Nov 2023 09:43:30 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982109333902&o=1; expires=Thu, 01 Dec 2022 09:43:30 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:30 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409403&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2b288f9f-e31b-4a4b-9a28-586abd6ead15&l_pb_bid_id=2630d9a046d026&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.338301796769646
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409403&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2b288f9f-e31b-4a4b-9a28-586abd6ead15&l_pb_bid_id=2630d9a046d026&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.338301796769646
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 8feed78c65bb2cf3fd35934c68dd8cb9
0ec1352ca7e77822ed109edf38c7b244778291fe
1941b10fd3de3005729aa30df1ed97a0c90a3ce107fbbeecb495d705bd304fbb
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409403&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2b288f9f-e31b-4a4b-9a28-586abd6ead15&l_pb_bid_id=2630d9a046d026&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.338301796769646 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNANZ-1A-6U8L; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpJRcnaXhvNau9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ea1077a5f7ddec0413de07091cfa473
acc1d5b1f905fa4d43acfae627e66a4e489f71fa
8263fc4330f4bef85f490a2945f964444d2f22d92c753b65286aa79bda3d6b84
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 647
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 0762cb02-08bd-4597-912f-ee04e5c0dab1
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43277566145&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43277566145&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=43277566145&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
antenna.ayads.co/?a=305256&at=skinz&device=d&et=3800&ga=0&gc=1&gcp=1&gm=1&gs=2&gv=2&isssp=1&puid=p543318636364136768&rt=647&sqid=4&src=wf&sspname=sspv3-improve&sspplid=22889843&sspr=4&suid=s7383905484882516834&t=1669801407718&tfz=2170&tse=1669801409888&ver=20221125092305&z=37375&e=sspko
18.200.182.178204 No Content 0 B URL HTTP/2 antenna.ayads.co/?a=305256&at=skinz&device=d&et=3800&ga=0&gc=1&gcp=1&gm=1&gs=2&gv=2&isssp=1&puid=p543318636364136768&rt=647&sqid=4&src=wf&sspname=sspv3-improve&sspplid=22889843&sspr=4&suid=s7383905484882516834&t=1669801407718&tfz=2170&tse=1669801409888&ver=20221125092305&z=37375&e=sspko
IP 18.200.182.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=305256&at=skinz&device=d&et=3800&ga=0&gc=1&gcp=1&gm=1&gs=2&gv=2&isssp=1&puid=p543318636364136768&rt=647&sqid=4&src=wf&sspname=sspv3-improve&sspplid=22889843&sspr=4&suid=s7383905484882516834&t=1669801407718&tfz=2170&tse=1669801409888&ver=20221125092305&z=37375&e=sspko HTTP/1.1
Host: antenna.ayads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
X-Firefox-Spdy: h2
antenna.ayads.co/?device=d&et=3802&ga=0&gc=1&gm=1&gs=2&gv=2&puid=p543318636364136768&sqid=5&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=2172&tse=1669801409890&ver=20221125092305&z=37375&e=ipb
18.200.182.178204 No Content 0 B URL HTTP/2 antenna.ayads.co/?device=d&et=3802&ga=0&gc=1&gm=1&gs=2&gv=2&puid=p543318636364136768&sqid=5&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=2172&tse=1669801409890&ver=20221125092305&z=37375&e=ipb
IP 18.200.182.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?device=d&et=3802&ga=0&gc=1&gm=1&gs=2&gv=2&puid=p543318636364136768&sqid=5&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=2172&tse=1669801409890&ver=20221125092305&z=37375&e=ipb HTTP/1.1
Host: antenna.ayads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409426&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3538c83b-d516-4cc5-822a-baa3a923cc59&l_pb_bid_id=2e9a2f23d7681c8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32373678217799595
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409426&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3538c83b-d516-4cc5-822a-baa3a923cc59&l_pb_bid_id=2e9a2f23d7681c8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32373678217799595
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 070da94c85a866112d6daf3d86b79581
a5c0485c5568e749d14795519d5e1f15cbbadeef
66361689692128e98c2939ee43fcea73a429bc0483d5786447511d285790b74a
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409426&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3538c83b-d516-4cc5-822a-baa3a923cc59&l_pb_bid_id=2e9a2f23d7681c8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32373678217799595 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNAPT-1M-GMZV; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpC6+3c2Xh2bu9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 577 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1143), with no line terminators
Hash 761a347e34c394a265e69d7cb9b6fdf6
d62c85f3c3c9891f12e8053a9cca93bdb061b924
fa4944433711a74055e82a34286d9b366eee831aa7f19e5255d4625a145c867e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=5336197145674598337; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982110248542&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1d356de9eba4408ba8a5de390a5d16ed
ae26ff1128abb3ebe3344b18af6be088b01276d9
70f3f74738f9ba7f6c4160e96a54249e8c9374f1750ea88c8d926c946c307fd4
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 7e6ae104-52cb-49ca-8bd5-8c67b8bc4ff2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=14101749186&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=14101749186&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=14101749186&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8895da136de488dc3387a15799d72610
a20896c9c711baaa5e2f1ac74019fd8107f37612
fb9a316ad2931ffee8c5da1b090e04d38c9716ab816bb152c1208733355fa3f4
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 2bb9faa1-aff8-40b4-a3a9-2b3dc23e1921
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409435&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9abdf463-006c-4e01-8872-7efe38358dfd&l_pb_bid_id=42957a2b1bb52f8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08863110813942499
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409435&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9abdf463-006c-4e01-8872-7efe38358dfd&l_pb_bid_id=42957a2b1bb52f8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08863110813942499
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash e92b46fc8baaff5f81dfab20d0f3959e
acacf781b12860754a5a737aa8630c59d583cc71
2e96728a71c9d1530c52b5a267d77313b4aad105d7dd07d0646e33bafa07c48c
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409435&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9abdf463-006c-4e01-8872-7efe38358dfd&l_pb_bid_id=42957a2b1bb52f8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08863110813942499 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNARX-21-GLI7; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr/PIhYbmdRzu9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=48959855292&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=48959855292&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=48959855292&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 3.2 kB URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with very long lines (25160), with no line terminators
Hash 5d364429b5d307a6e6a54abdf8ca2a9f
4b5a4bd91bb871464142572d31e1d1f53c433cde
24caafa4dd53fe3c4851d6091ee12d70052ac8bf2cb95695b4f783325421491c
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=589248549668210553; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982111044563&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409446&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5f73d9ab-d134-4f42-9635-885b883edee1&l_pb_bid_id=86c0708a2c9bec&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4573501218977758
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409446&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5f73d9ab-d134-4f42-9635-885b883edee1&l_pb_bid_id=86c0708a2c9bec&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4573501218977758
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash ea5634c236f28448ef6b823615501ec2
43260d195e20aa6eb9fa3f465f575f4087474b29
828f87b4621c97cb4c628de5d3c347dc01f6ec1bb0afa1035a7c12d4a23f3f78
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409446&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5f73d9ab-d134-4f42-9635-885b883edee1&l_pb_bid_id=86c0708a2c9bec&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4573501218977758 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNASX-23-BEAX; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EjyC2VqbkhD/e9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=15612234260&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=15612234260&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=15612234260&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 546 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (960), with no line terminators
Hash 1107229e492223982c4c1e71ac26333a
33ee659b546478f457006f4605bbf3945d8aac25
04da4587c084abe8c8b9cc1138da8aa9a19d2ba91539163f10181e1f01c08df3
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=4086749953351960529; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982111571899&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=66660867366&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=66660867366&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=66660867366&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409450&tk_flint=pbjs_lite_v7.19.0&x_source.tid=85d5bca2-f10c-4909-9317-35fc5c005628&l_pb_bid_id=10dbaacafa53ee98&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30233814726792785
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409450&tk_flint=pbjs_lite_v7.19.0&x_source.tid=85d5bca2-f10c-4909-9317-35fc5c005628&l_pb_bid_id=10dbaacafa53ee98&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30233814726792785
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 425bf65fed6503c1b2936534dd04ea21
1e80f547729fd00f28542122c1ac44066df240ae
02deaa45d7d75ff01c886b7868a2c966312d6d7ab3299da013df96ec2f3b67a6
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409450&tk_flint=pbjs_lite_v7.19.0&x_source.tid=85d5bca2-f10c-4909-9317-35fc5c005628&l_pb_bid_id=10dbaacafa53ee98&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30233814726792785 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNAU7-1X-1S7W; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EiwpvzPWfUoG+9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 499 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (961), with no line terminators
Hash 7675fcfd74ce3849797e4867dcb33f2b
93bbfb9e05a5e2148853b8d888f6ffbd398d8462
c501b0696c89a7cc11bd47bb156284c5d87e3bed5386bfaa9bacb846bbd4c4af
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=1533122021609916379; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982111893869&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 533 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (950), with no line terminators
Hash 971d07f894788cbf4591154698340f47
ab0dda2cf0ea9f0b2d11ae611638830628a482cf
854d05e95374cb8d49e9731977b77351a9e54286c3312240cd93d4440433b9a5
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=353244778267363212; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982112253755&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=1459494002&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=1459494002&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=1459494002&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 42c2aabd1ad86f210042e65da4f04d47
b94b04d4a35ef5680522f9b379d5cfe3bfa3bfa0
a0b122201f8a3132dd9794a6a7299bdc3e53344a38534258feb8a1c5333a531d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 647
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: a9241963-31ca-4332-8dfb-7b99514ef7dc
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
143.204.55.76200 OK 62 kB URL HTTP/2 cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
IP 143.204.55.76:0
File type ASCII text, with very long lines (65469)
Hash 6664ed4cfabdc30fbd2f811ebcf1a8c2
1c51a6bbe235907bf303a5c238a7d92a00b07926
574bc941d1d014a0d4a06477f9f6a590e3891f0f02db3083072b3bea5774273c
GET /tcfv2/45/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=172800
date: Tue, 29 Nov 2022 19:46:54 GMT
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 613YBHNVvh6_2HfFsBK_HvplAwPaHwhEYd5ehZYXKIDHHjFuEjsOjw==
age: 50196
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8f6a95fe0f07805bc07657b6593f9aef
b4f991d721352209c3130a9eb93e64f0d4f66a50
44f7b351861857433f0bda9bf72d40a4be2cb1d8c71bf67d127d84127bf1b749
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 646
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: b6130249-7d9d-4699-a4f9-a46306022bc3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d1b8d5651d602cea4c349b4800c8adf5
cc6ac0e8c7330e40c2fd19262d69502cb33470a9
4383c00aa7ffbf5d5f58990f2ed5b4ea7fbedc60aef0b9f36627bc078d28538b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 645
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 20a90594-588a-4abe-8df8-2eaf579842ed
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75310304237&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75310304237&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=75310304237&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409465&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c20bf7d7-e73f-41ec-b3e0-d23500e7c306&l_pb_bid_id=109b3af26c8bd2c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3454751160554985
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409465&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c20bf7d7-e73f-41ec-b3e0-d23500e7c306&l_pb_bid_id=109b3af26c8bd2c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3454751160554985
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 2e1bf18d8a8345cec43f1ca415b008db
252d8c2c8b92eb7b03bb795b4418b6582483ff90
0cc1e46c20ec076ccd380b768fc32e36bc969a7ad6447c1fd218ba28de8edfba
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409465&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c20bf7d7-e73f-41ec-b3e0-d23500e7c306&l_pb_bid_id=109b3af26c8bd2c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3454751160554985 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNAXP-15-8ZDW; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrrtdrDWRZsvu9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 592 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1198), with no line terminators
Hash 717148b46ed8bd1d62c8f34eb9529f9d
1e7ef44e7f73cc835c6614a2b930a7f127f270e6
4d043eb4335b0e71d19a084fe1db1140d3b92b1aabdb8355ec4047cba25361ca
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=6397950126813562716; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982113092622&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 67533a007fa8f0a4a4f5852913d07a0f
aa4bc0fcad1b45c1ae108ea855655ab1bdd83647
aaf11e0e87f7dbd68012cfccbfb4682a2b85a32aa1e7e8db05cfc46c8b12fbfa
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 648
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 6311c9c1-58c7-4bfa-ab81-a1e88a22dfce
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409470&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e2aad6b0-ca6b-4940-83b8-c840364083fd&l_pb_bid_id=275b1f880f8ab2&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33481481379401534
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409470&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e2aad6b0-ca6b-4940-83b8-c840364083fd&l_pb_bid_id=275b1f880f8ab2&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33481481379401534
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 844bf41208ff786eabadd2feb22ed476
6248493fafc9fd0fa562baf3a512efdde619cda8
7892ce6d0f3d1e60c3925ba608889355b8bd9741bfe02e5fffb1090820f75f2e
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409470&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e2aad6b0-ca6b-4940-83b8-c840364083fd&l_pb_bid_id=275b1f880f8ab2&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33481481379401534 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNAYK-14-LG8O; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrc5+YdsKhCVO9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=84314019234&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=84314019234&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=84314019234&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409459&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a1a48e47-3286-43f9-a973-f951f3d883ea&l_pb_bid_id=49201b520caa348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5445440714557862
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409459&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a1a48e47-3286-43f9-a973-f951f3d883ea&l_pb_bid_id=49201b520caa348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5445440714557862
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 17572952c005636eef2e8bf35fb468ab
5e261f3825337470d2836f94c7f384e922a852c4
c54628dee602b3b443c62caf30a44d6a963590227448fbfd41d849e3bba2a75e
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409459&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a1a48e47-3286-43f9-a973-f951f3d883ea&l_pb_bid_id=49201b520caa348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5445440714557862 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNAZT-D-K4O; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qptWTFfRMQzXu9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 518 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1075), with no line terminators
Hash e2c05b3fbfe101c4f6927de77af2df78
dfb10e521a4bf54d2dd66eef8d60ab39d37cc88a
1fad56696ee9d36c804add654da97a846f0a6e9c60ccd2d22ddb61ee7716c1fb
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=8344831451738621809; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982113980224&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a671a56d39e4f5b837ec575ea01cc8c2
2b3c9e7ef410e905adf686a4031351f7fd7eabc4
02e1b15a607328883b3db7c00287c9ac4e01d6c5c6d722483901da0a05b97aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 08:41:13 GMT
Expires: Sun, 04 Dec 2022 08:41:12 GMT
Etag: "2b3c9e7ef410e905adf686a4031351f7fd7eabc4"
Cache-Control: max-age=341260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a3a5ef2a0b55-OSL
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 30dc1c3f65ffc74acb6b25041fde8c74
2dd6150b48dd7fed3e545ea34dd6dd602a2563d3
9cecf68271d6eb93ce71f24d13f6e86ca4f42d0660f48ebe2de6178e1677b3ab
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 645
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: d3d7c68b-1ea4-44c2-a132-6cfa4b0c731e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409785&tk_flint=pbjs_lite_v7.19.0&x_source.tid=64228b0e-c5c9-477d-986c-5fc29aa7471c&l_pb_bid_id=8bb8a9a80656328&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.078310691712561
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409785&tk_flint=pbjs_lite_v7.19.0&x_source.tid=64228b0e-c5c9-477d-986c-5fc29aa7471c&l_pb_bid_id=8bb8a9a80656328&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.078310691712561
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash feed6f92de0f082ebdcafb79533d28ba
7c1c5b2d11630879f291f1488dd6ddc38117fdbc
f2dcb1a83c938bb6079789c25bbc65ec49aa29de0c5c680e1a7f7469119413e6
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409785&tk_flint=pbjs_lite_v7.19.0&x_source.tid=64228b0e-c5c9-477d-986c-5fc29aa7471c&l_pb_bid_id=8bb8a9a80656328&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.078310691712561 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNB7A-X-6QZF; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrc5+YdsKhCVO9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=80218754979&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=80218754979&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=80218754979&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s.seedtag.com/e/e
34.149.50.64204 No Content 0 B IP 34.149.50.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /e/e HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 596
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: X-HTTP-Method-Override
access-control-allow-origin: https://guruhitech.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65a438e31d58388782391311d4e15c77
b266410e443d899e3e66043ee55c217fcf3c4583
cb2f89f81c2297692f7f5bade0eda43ab98f164b504c4f548c82745c4f6b00e0
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 646
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: e7e1de27-9bb4-4e57-97a4-fda8a752fea2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409809&tk_flint=pbjs_lite_v7.19.0&x_source.tid=61f8dfb8-4981-4d63-9855-df40b6702010&l_pb_bid_id=8e27c1bae3a7d4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42709501172566533
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409809&tk_flint=pbjs_lite_v7.19.0&x_source.tid=61f8dfb8-4981-4d63-9855-df40b6702010&l_pb_bid_id=8e27c1bae3a7d4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42709501172566533
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 9358ff21f14fdfd892c19e6768b1b9e1
be16cae03f729b56715170796715cfbfdf8811f6
3db7f00eeda28749267572d285554f8483302ed96bd780e39084de7a4fda44f4
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409809&tk_flint=pbjs_lite_v7.19.0&x_source.tid=61f8dfb8-4981-4d63-9855-df40b6702010&l_pb_bid_id=8e27c1bae3a7d4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42709501172566533 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNB8U-23-HLSJ; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qp07lKKzX4sEu9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22884395558&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22884395558&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=22884395558&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 490 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (947), with no line terminators
Hash 0b7bd319e25421e17cf11e9dd77a81bf
4e39dd348747f44470fd9f0dbb20a45c5cdd573c
ffae8ba3646df6371e4be25651d857519ce2f58aa3d23614412dcba5bca75631
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=4575868517011900178; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982117063461&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce13af5056ecf2988c6b88963427ce6c
7be11672e9aa121e3e027db1e1133bc438b7036d
638aeee26c1028f62d59d1d8daff79bb803699ce8498d10baac028f04451161b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 187ad3e9-fbda-4f37-842e-49347b6e5247
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409792&tk_flint=pbjs_lite_v7.19.0&x_source.tid=864d7607-4e95-4c66-a848-0edabf0dffa3&l_pb_bid_id=108ff7483f056c4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6710147116626912
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409792&tk_flint=pbjs_lite_v7.19.0&x_source.tid=864d7607-4e95-4c66-a848-0edabf0dffa3&l_pb_bid_id=108ff7483f056c4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6710147116626912
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 55de895cfaa4bfd7d76f4b531673f817
ef3bc044b896b089be7d200557af72a6c48ee663
951173bf375d50c5e8db72c81875ef2b814ea42b49948c856b74a7714c49a051
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409792&tk_flint=pbjs_lite_v7.19.0&x_source.tid=864d7607-4e95-4c66-a848-0edabf0dffa3&l_pb_bid_id=108ff7483f056c4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6710147116626912 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNBA2-G-2KHF; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoHzIKf8+GpNe9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60668096424&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60668096424&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=60668096424&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 553 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (956), with no line terminators
Hash 6d2ad6ff08d28cb133c225eb7b6c1fc1
ddf1658d70ed85e5b21d493aa131ea4994be5372
07d3139a6bc3631383aa4abbdf01337e3d51884a8fb229c6d5a8da62831c1641
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=6786404496825337608; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982117706282&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409879&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2ebeda3a-86e4-4997-95b4-db6ccb887482&l_pb_bid_id=28a32c023a276d8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8165908514734321
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409879&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2ebeda3a-86e4-4997-95b4-db6ccb887482&l_pb_bid_id=28a32c023a276d8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8165908514734321
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 52ffbc7b93e7c72e268c4055c104284e
ee26772774dc0a3a3dd9bbaf261b044c23de9a0d
00297df8798397d34f680a0ecae930ab07b74cbb91e61fc7b41b8c7db8d45b82
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801409879&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2ebeda3a-86e4-4997-95b4-db6ccb887482&l_pb_bid_id=28a32c023a276d8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8165908514734321 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNBB8-14-AEBI; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqvH0CqUNzneu9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=51001048052&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=51001048052&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=51001048052&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
52.28.76.191200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
IP 52.28.76.191:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync_a9/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guruhitech.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 405 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (802), with no line terminators
Hash a05ee65e91287594fcbd8bd4dfdfdd54
959a68c4e38810fefacc93278cedc6fc9ccb5502
6f49efdfcc068e0033e07d6be9dd6704eb62682640fe2ade138f90fcb5440226
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=5090623753346565934; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982118019156&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 558
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sopalk.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4d6efe431d549e45ddc311a87b7e2094
3ddc1a928edc2c31a41fcb9235a736a24a218da2
957ee82c55c988b0eee8a343904163c1701517b261eea00362f3e468e5039929
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 646
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: 28884d8e-0a94-4e98-9f3d-279fbc4ba8b1
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.244200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fcb4e2b2607af9a599314f2e34ee44a4
892e057d65e7fabca1f481a7017a5fa5376cb7f9
c6cf519cef9d9de0b2f54ba118e33519fac801708d1832bf5f5045337b9d6009
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sopalk.com
AN-X-Request-Uuid: d43092fb-5bf0-4362-b424-4d3bab537476
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801410162&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8aa67a71-facf-4d40-af8a-5c35dc06f656&l_pb_bid_id=4699626b5f02ae&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6618566773776735
213.19.162.31200 OK 383 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801410162&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8aa67a71-facf-4d40-af8a-5c35dc06f656&l_pb_bid_id=4699626b5f02ae&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6618566773776735
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash a01563e43a60d0dcd98d941bc9732910
088f3330558ef088492bdbd933a3413adb890d65
182d9d901e842bf4a0b76c1ef3bc5f5aad0cd39e4b2d53169407c882f439cf06
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=57&p_pos=atf&rp_schain=1.0,1!adpone.com,92122d0030ebba6f90f2,1,,,&rf=guruhitech.com&tg_i.page=https%3A%2F%2Fguruhitech.com%2F&tg_i.domain=guruhitech.com&tg_i.pbadslot=adpn-adtag-1669801410162&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8aa67a71-facf-4d40-af8a-5c35dc06f656&l_pb_bid_id=4699626b5f02ae&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6618566773776735 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 30 Nov 2022 09:43:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB3GNBCM-X-II7N; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqwpPzZbYqhz+9DtVM30fCgeJct9d5f2ukYEB2jmXo7b7y9vAZe1J1Ocpj76PKZXj8ZA/WIsjdMLZEZG/c+f8ft; Domain=.rubiconproject.com; Path=/; Expires=Thu, 30-Nov-2023 09:43:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 383
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=76142031888&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=76142031888&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=76142031888&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:43:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sopalk.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 540 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1020), with no line terminators
Hash b547b8398f3fbc930c5a3dc708c41cce
5a88a48d08ee241cffaa78b809e9eea993c14a8b
336519dd40c96d3807fa04a2130d4a0b9086df53b17671b4a19e9815a41d67a4
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 357
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=5993708625252796178; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982119019665&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18728)
Hash d82c7285b1bd330a92e30a848c9dcefc
a480c591d70cbb3fb28aaeb2638c5a778a6f397b
4a4ed32782bbd3c6fc2824510257b8107ed20d64bab3061ec961ef29fc3a2ea6
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Tue, 29 Nov 2022 23:28:56 GMT
Content-Encoding: gzip
Content-Length: 10067
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=49556
Expires: Wed, 30 Nov 2022 23:29:27 GMT
Date: Wed, 30 Nov 2022 09:43:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
prg.smartadserver.com/prebid/v1
185.86.137.113200 OK 564 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.137.113:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1084), with no line terminators
Hash 656a828863d499300c93ac5b1bf6f05b
4330c3d6e53d806c9993d9598fb79419e17a3114
ad366fcef4cbbad3b0374ad72363e1e7db702a589c55bc7e3be91a8aa4a135ba
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://sopalk.com
Connection: keep-alive
Referer: https://sopalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sopalk.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
vs=563578=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
pid=7773527683847374607; expires=Thu, 30 Nov 2023 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982118995730&o=1; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a671a56d39e4f5b837ec575ea01cc8c2
2b3c9e7ef410e905adf686a4031351f7fd7eabc4
02e1b15a607328883b3db7c00287c9ac4e01d6c5c6d722483901da0a05b97aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:43:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 08:41:13 GMT
Expires: Sun, 04 Dec 2022 08:41:12 GMT
Etag: "2b3c9e7ef410e905adf686a4031351f7fd7eabc4"
Cache-Control: max-age=341260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7722a3a798d10b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3a0a01094712c4dfe702588ec1cac257
dcd959c6bf3999d48ea6b782dbbcd3e5d9520bc0
6bb28aff4d50f3d35ef74ab0802b3e94c2f26bd306e9cbaf4d378681572bbf32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6145
Cache-Control: max-age=135729
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:33 GMT
Etag: "63867cf6-13a"
Expires: Thu, 01 Dec 2022 23:25:42 GMT
Last-Modified: Tue, 29 Nov 2022 21:43:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ads.viralize.tv/display/?zid=AAEoWFXjEjtKT5bd&enable_branding=0&schain=1.0,1!netmediaclick.it,026,1
35.186.238.232200 OK 114 B URL HTTP/2 ads.viralize.tv/display/?zid=AAEoWFXjEjtKT5bd&enable_branding=0&schain=1.0,1!netmediaclick.it,026,1
IP 35.186.238.232:0
Hash eb65a81965cd68f9c0ef8fd800dcd252
e36cbfbe36214f82c41c173bed621d9131f04c1a
6a4c7a561b6b19882e4b6d89571b0d5dbfb95f7d303b5f13cbc915eb1a6cc4af
GET /display/?zid=AAEoWFXjEjtKT5bd&enable_branding=0&schain=1.0,1!netmediaclick.it,026,1 HTTP/1.1
Host: ads.viralize.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/javascript
vary: Accept-Encoding
server: uvicorn, Unknown
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4ddfcf5d90fccda4743e05a0534833d2
e150be0b521fd1e021c6cea1aab8c5d680200c12
b13fb4d6a9ace2203b2bbaf0413b78a84213635f1959a66224fd76728f535e3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6063
Cache-Control: max-age=157925
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:34 GMT
Etag: "6386d3fc-117"
Expires: Fri, 02 Dec 2022 05:35:39 GMT
Last-Modified: Wed, 30 Nov 2022 03:54:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
91.228.74.206302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
IP 91.228.74.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 30 Nov 2022 09:43:34 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=DS7fSAkohEkWL4FMWX_KTAkt0UkWftZIAiliuPx0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EBEBDQHZJ4ir0QA; expires=Tue, 28-Feb-2023 09:43:34 GMT; path=/; domain=.quantserve.com
mc=638725c6-2f3bb-32066-c1794; expires=Sun, 31-Dec-2023 09:43:34 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
104.18.33.19302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 30 Nov 2022 09:43:34 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
cf-ray: 7722a3b6dedbb50c-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4clxohjy90JvSw1fxBF-QAA; Path=/; Domain=casalemedia.com; Expires=Thu, 30 Nov 2023 09:43:34 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=688; Path=/; Domain=casalemedia.com; Expires=Tue, 28 Feb 2023 09:43:34 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=688; Path=/; Domain=casalemedia.com; Expires=Tue, 28 Feb 2023 09:43:34 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXzB%2FLyb755CkAnpQdxh01i71reeFkRgkfyECOtxVxhZk0273dKFKtM2z3ZW1hYD2%2BqaRboRMZQEzEIkMzFwwQnzzaVCQVvg7yk2%2BdhzgVB1GZWmq9BbU%2B8KbR%2BemXuyzL77H2WVssPmNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4ddfcf5d90fccda4743e05a0534833d2
e150be0b521fd1e021c6cea1aab8c5d680200c12
b13fb4d6a9ace2203b2bbaf0413b78a84213635f1959a66224fd76728f535e3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6063
Cache-Control: max-age=157925
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:34 GMT
Etag: "6386d3fc-117"
Expires: Fri, 02 Dec 2022 05:35:39 GMT
Last-Modified: Wed, 30 Nov 2022 03:54:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
185.86.139.115302 Found 0 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=388696911502329733&gdpr=0&gdpr_consent=
pragma: no-cache
set-cookie: pid=388696911502329733; expires=Sat, 30 Dec 2023 09:43:34 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 30 Dec 2023 09:43:34 GMT; domain=smartadserver.com; path=/
csync=135:TAM_OK; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=DS7fSAkohEkWL4FMWX_KTAkt0UkWftZIAiliuPx0
185.86.139.115200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=DS7fSAkohEkWL4FMWX_KTAkt0UkWftZIAiliuPx0
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=80&&partneruserid=DS7fSAkohEkWL4FMWX_KTAkt0UkWftZIAiliuPx0 HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guruhitech.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:33 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3787056416861407035; expires=Sat, 30 Dec 2023 09:43:34 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 30 Dec 2023 09:43:34 GMT; domain=smartadserver.com; path=/
csync=80:DS7fSAkohEkWL4FMWX_KTAkt0UkWftZIAiliuPx0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
www8.smartadserver.com/3327/call
185.86.137.17204 No Content 0 B URL HTTP/1.1 www8.smartadserver.com/3327/call
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /3327/call HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://guruhitech.com/
Origin: https://guruhitech.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Wed, 30 Nov 2022 09:43:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://guruhitech.com
vary: Origin
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36903688d2a6a393692997d9465e8332
59ccab92ce33b6ceffe90ff5d02221a6eabb369b
13cb3441039c5d5ee7ec645777ff0da4d217a341593c3878076344d041872b83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6064
Cache-Control: max-age=115452
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:43:34 GMT
Etag: "63862e12-1d7"
Expires: Thu, 01 Dec 2022 17:47:46 GMT
Last-Modified: Tue, 29 Nov 2022 16:06:42 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www8.smartadserver.com/3327/call
185.86.137.17307 Temporary Redirect 0 B URL HTTP/1.1 www8.smartadserver.com/3327/call
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /3327/call HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1302
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
content-length: 0
date: Wed, 30 Nov 2022 09:43:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://guruhitech.com
cache-control: no-cache,no-store
location: https://www8.smartadserver.com/3327/call?cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2bd575c395318b138f32d62dd445c4e5
c4a936ef2211544aa26635507ad5741143ab1fc1
7f29e0d3a891768ef5b9c2effe463d933a89f82b26ee39a8d785dbb2c7eec0d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F29E0D3A891768EF5B9C2EFFE463D933A89F82B26EE39A8D785DBB2C7EEC0D7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7004
Expires: Wed, 30 Nov 2022 11:40:18 GMT
Date: Wed, 30 Nov 2022 09:43:34 GMT
Connection: keep-alive
www8.smartadserver.com/3327/call?cklb=1
185.86.137.17204 No Content 0 B URL HTTP/1.1 www8.smartadserver.com/3327/call?cklb=1
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /3327/call?cklb=1 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://guruhitech.com/
Origin: https://guruhitech.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Wed, 30 Nov 2022 09:43:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://guruhitech.com
vary: Origin
www8.smartadserver.com/3327/call?cklb=1
185.86.137.17200 OK 1.3 kB URL HTTP/1.1 www8.smartadserver.com/3327/call?cklb=1
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (9793), with no line terminators
Hash 3d014d167ad4e901c4a133f66464ad57
656cad037bdc6cb39a4e7341576f6a4d24306d98
34cc9dc1a49d70348f52b20b5bce8255dbea22b474c66e572575a6615555b0ec
POST /3327/call?cklb=1 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1302
Origin: https://guruhitech.com
Referer: https://guruhitech.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://guruhitech.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
vs=410318=5213383; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
pid=3689359109311907737; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638053982144834559&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
198.148.27.140302 Found 43 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
IP 198.148.27.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-6794d6fb46-2zzrm
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=UnfyiizVl3yY&ev=1&pid=560288&gdpr_consent=&gdpr=0
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=UnfyiizVl3yY;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 25-Nov-2023 09:43:34 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=667ffd55692d1f5c; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73769&tag=sas_73769&tmstp=1785390217&visit=S&acd=1669801414481&opid=067cf963-0474-4b3b-a877-af6fa998f300&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478889%2C11319777&capp=0%2C0&mcrdbt=1%2C0
185.86.137.17200 OK 4.1 kB URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73769&tag=sas_73769&tmstp=1785390217&visit=S&acd=1669801414481&opid=067cf963-0474-4b3b-a877-af6fa998f300&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478889%2C11319777&capp=0%2C0&mcrdbt=1%2C0
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with very long lines (3525), with CRLF, LF line terminators
Hash 807a76ab1c4d4da598317eb30a64d685
93ee7e6d0e454ccf1bda24b8069e567ce66498a8
8982916fd215f56382a59e7ea812e5bdbe12fe7d91856c4261821eceb814b310
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=73769&tag=sas_73769&tmstp=1785390217&visit=S&acd=1669801414481&opid=067cf963-0474-4b3b-a877-af6fa998f300&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478889%2C11319777&capp=0%2C0&mcrdbt=1%2C0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:33 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982145640014&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 11319777
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73770&tag=sas_73770&tmstp=1785390217&visit=S&acd=1669801414481&opid=ef783f0b-2e5b-408a-b4e7-cf2c8c905f12&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478075%2C&capp=0%2C&mcrdbt=1%2C
185.86.137.17200 OK 26 B URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73770&tag=sas_73770&tmstp=1785390217&visit=S&acd=1669801414481&opid=ef783f0b-2e5b-408a-b4e7-cf2c8c905f12&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478075%2C&capp=0%2C&mcrdbt=1%2C
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash f7b054079e71b771f3625241f06585c6
1acf0ade368f4b831c6870a5e80affd1f12c30fb
68d74f1a160583fd03abf7b6a8339809f77b3e8ba23c86eec90125759df64cf2
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=73770&tag=sas_73770&tmstp=1785390217&visit=S&acd=1669801414481&opid=ef783f0b-2e5b-408a-b4e7-cf2c8c905f12&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478075%2C&capp=0%2C&mcrdbt=1%2C HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982146489734&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73771&tag=sas_73771&tmstp=1785390217&visit=S&acd=1669801414481&opid=676fae02-bacd-4564-ab3c-32b8b618cedd&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478877%2C11315384&capp=0%2C0&mcrdbt=1%2C0
185.86.137.17200 OK 4.1 kB URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73771&tag=sas_73771&tmstp=1785390217&visit=S&acd=1669801414481&opid=676fae02-bacd-4564-ab3c-32b8b618cedd&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478877%2C11315384&capp=0%2C0&mcrdbt=1%2C0
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with very long lines (3525), with CRLF, LF line terminators
Hash 3ef345f82bc109edc9f51553d21dc825
8bd715ef467ac604e3878ebb018b152b672b1d28
a0eaa35b5cdfdcd192016e26ede56d91a0b6f4c8bfa063e9337049882cf35328
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=73771&tag=sas_73771&tmstp=1785390217&visit=S&acd=1669801414481&opid=676fae02-bacd-4564-ab3c-32b8b618cedd&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478877%2C11315384&capp=0%2C0&mcrdbt=1%2C0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:33 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982146330623&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 11315384
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
104.18.33.19200 OK 128 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
IP 104.18.33.19:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 332d590d014b34b6e80223fce11d5b55
e9bb636c65967298f1a18450636a719f4724f16b
9ee4d8144ab1709a06ed498822cea12970831a4b71c092ee9abdc3a18267d439
GET /usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guruhitech.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:34 GMT
content-type: text/html
cf-ray: 7722a3b73f5fb50c-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=595yqrdTf6drhPqplC5da%2FLzu15eZgzAxLQfBUHvKn1%2FbmWUsWeOux%2FoyMIklxf5NI9CYrV61toFQ4dm8jh1%2FKjzSlRFBQzflyOySCiRy9mgBHXsXPdotcCuOV8GzizqhGMZQVV%2B1tZZVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.2.130200 OK 59 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash debcca374c874a710d3adfd3ac82743e
42ef3074a951300d44fcae044b4d7739bbb93de8
08cdad7d94267f4da57ad40632dcfebd52bfdc7b7d200cb879d2527272d0b655
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:33 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Thu, 01 Dec 2022 09:43:33 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73763&tag=sas_73763&tmstp=1785390217&visit=S&acd=1669801414481&opid=a3849b7e-d42a-41f1-a87e-820b6760bee7&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478057%2C8479047%2C11318509&capp=0%2C0%2C0&mcrdbt=1%2C1%2C0
185.86.137.17200 OK 3.1 kB URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=73763&tag=sas_73763&tmstp=1785390217&visit=S&acd=1669801414481&opid=a3849b7e-d42a-41f1-a87e-820b6760bee7&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478057%2C8479047%2C11318509&capp=0%2C0%2C0&mcrdbt=1%2C1%2C0
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type HTML document, ASCII text, with very long lines (3525), with CRLF, LF line terminators
Hash e7be72eefdf830f78d3441e2a8e7cfa5
62286e7140e229d622fb882ad012f3a226b96090
060d517e80414734cc406b257ee8354e57b65f6318910b23d6bc62df817a6282
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=73763&tag=sas_73763&tmstp=1785390217&visit=S&acd=1669801414481&opid=a3849b7e-d42a-41f1-a87e-820b6760bee7&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8478057%2C8479047%2C11318509&capp=0%2C0%2C0&mcrdbt=1%2C1%2C0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:33 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982146278787&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 11318509
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=79610&tag=sas_79610&tmstp=1785390217&visit=S&acd=1669801414481&opid=fbebcc54-4e5c-4bcb-9dc3-d7c2a79793db&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8765662%2C8787810%2C10832649%2C10185048&capp=0%2C0%2C0%2C1&mcrdbt=1%2C1%2C1%2C0
185.86.137.17200 OK 3.7 kB URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=79610&tag=sas_79610&tmstp=1785390217&visit=S&acd=1669801414481&opid=fbebcc54-4e5c-4bcb-9dc3-d7c2a79793db&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8765662%2C8787810%2C10832649%2C10185048&capp=0%2C0%2C0%2C1&mcrdbt=1%2C1%2C1%2C0
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with very long lines (3525), with CRLF, LF line terminators
Hash fca340ee170c23f616ce0920ff761fa8
e624f774f3160480f309735636b7a6f7f7650cb2
43fe69121a019db7eb65b13094a15e9b45b951680fc8b0b8e1803691d99f250b
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=79610&tag=sas_79610&tmstp=1785390217&visit=S&acd=1669801414481&opid=fbebcc54-4e5c-4bcb-9dc3-d7c2a79793db&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8765662%2C8787810%2C10832649%2C10185048&capp=0%2C0%2C0%2C1&mcrdbt=1%2C1%2C1%2C0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982146355383&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 10185048
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=ce1bb756e0&gdpr=0&gdpr_consent=
185.86.139.115200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=ce1bb756e0&gdpr=0&gdpr_consent=
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?issi=1&partnerid=137&partneruserid=ce1bb756e0&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3572357989646157669; expires=Sat, 30 Dec 2023 09:43:34 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 30 Dec 2023 09:43:34 GMT; domain=smartadserver.com; path=/
csync=137:ce1bb756e0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=79616&tag=sas_79616&tmstp=1785390217&visit=S&acd=1669801414481&opid=faf40320-4f3b-491d-bb3e-447a660fe5d2&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8765665%2C10832654%2C8787812%2C11315382&capp=0%2C0%2C0%2C0&mcrdbt=1%2C1%2C1%2C0
185.86.137.17200 OK 3.7 kB URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=79616&tag=sas_79616&tmstp=1785390217&visit=S&acd=1669801414481&opid=faf40320-4f3b-491d-bb3e-447a660fe5d2&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8765665%2C10832654%2C8787812%2C11315382&capp=0%2C0%2C0%2C0&mcrdbt=1%2C1%2C1%2C0
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with very long lines (3525), with CRLF, LF line terminators
Hash 83c63c2142e499223029e5ef5a1801e4
3d0939cef3e5cd49deb4abbf2ee0785d4f6256a3
b0d24f247b43fc37da41f1bc564a9f197b837786559d3e05e0177dd3ee424682
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=79616&tag=sas_79616&tmstp=1785390217&visit=S&acd=1669801414481&opid=faf40320-4f3b-491d-bb3e-447a660fe5d2&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8765665%2C10832654%2C8787812%2C11315382&capp=0%2C0%2C0%2C0&mcrdbt=1%2C1%2C1%2C0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:33 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982146382264&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 11315382
www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=79611&tag=sas_79611&tmstp=1785390217&visit=S&acd=1669801414481&opid=30ef5018-28a2-497e-8d0a-98e33e140ba5&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8787811%2C8765663%2C10832651%2C11315381&capp=0%2C0%2C0%2C0&mcrdbt=1%2C1%2C1%2C0
185.86.137.17200 OK 3.7 kB URL HTTP/1.1 www8.smartadserver.com/h/nshow?siteid=410318&pgid=1380289&fmtid=79611&tag=sas_79611&tmstp=1785390217&visit=S&acd=1669801414481&opid=30ef5018-28a2-497e-8d0a-98e33e140ba5&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8787811%2C8765663%2C10832651%2C11315381&capp=0%2C0%2C0%2C0&mcrdbt=1%2C1%2C1%2C0
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with very long lines (3525), with CRLF, LF line terminators
Hash 15d4a21fe69f7ef088fa505c076ca70d
cffcdbc547f00fea9e5865b6a0a93ead2739e97b
7a38174c39c4371641e0dcf64a0e67e04e6402117474038c2b4b7ee24f414eea
GET /h/nshow?siteid=410318&pgid=1380289&fmtid=79611&tag=sas_79611&tmstp=1785390217&visit=S&acd=1669801414481&opid=30ef5018-28a2-497e-8d0a-98e33e140ba5&opdt=1669801414481&ckid=3689359109311907737&cappid=3689359109311907737&async=1&systgt=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0%3B%24b%3D12999%3B%24o%3D11100%3B%24sw%3D1280%3B%24sh%3D1024&tgt=consent%3Drejected%3B%3B%24dt%3D1t&pgDomain=https%3A%2F%2Fguruhitech.com%2Fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2F&noadcbk=sas.noad&us_privacy=1---&schain=1.0%2C1!netmediaclick.it%2C026%2C1%2C%2C%2C&insid=8787811%2C8765663%2C10832651%2C11315381&capp=0%2C0%2C0%2C0&mcrdbt=1%2C1%2C1%2C0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=410318=5213383; domain=.smartadserver.com; path=/
pid=0; expires=Thu, 30 Nov 2023 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l&lo<=638053982146660535&o=1; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DUnknown%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 01 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 11315381
s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=388696911502329733&gdpr=0&gdpr_consent=&dcc=t
209.54.182.161200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=388696911502329733&gdpr=0&gdpr_consent=&dcc=t
IP 209.54.182.161:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=388696911502329733&gdpr=0&gdpr_consent=&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guruhitech.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Wed, 30 Nov 2022 09:43:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: T8Z91XAAQW0G5JSJ3C09
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
95.101.10.64200 OK 13 kB URL HTTP/1.1 ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
IP 95.101.10.64:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (41817), with no line terminators
Hash d2c925a85172a3c70bbe5361d72536c3
58f8326fefbb1ce282fce49079b9ec036e3edf7e
a69c07bcc1bc8d7f292ef0d4cfa6f3d7aa271a245ce4b9ce864dcc22b7bc1c5e
GET /diff/templates/ts/dist/floorad/sas-floorad-2.0.js HTTP/1.1
Host: ced-ns.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b0bcc4dcc40b0ebb08804b39602ad469:1667237131.843253"
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
Date: Wed, 30 Nov 2022 09:43:34 GMT
Content-Length: 12659
Connection: keep-alive
ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
95.101.10.64200 OK 11 kB URL HTTP/1.1 ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
IP 95.101.10.64:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (34475), with no line terminators
Hash 45048f97c75adaa544f35b1977068b38
a8a09c33b80fbd9d0538f5133e089af521365efa
f78a1c6c99cf5cf7c21be65dd34de3bc5de9dee0ec3471a77aaa3c8c8db771a5
GET /diff/templates/ts/dist/banner/sas-banner-1.2.js HTTP/1.1
Host: ced-ns.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
Date: Wed, 30 Nov 2022 09:43:34 GMT
Content-Length: 11137
Connection: keep-alive
ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
95.101.10.64200 OK 15 kB URL HTTP/1.1 ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
IP 95.101.10.64:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (53721), with no line terminators
Hash f2d6dff69c2dbf2cdbbd1b7f98b3b5c2
412b9eca100211e9ae9b6357d37e85ff7e6a5e32
cdd0d49b2d8096c242729270018a01a9d8c9fb5200917e6934baa87b95155f3f
GET /diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js HTTP/1.1
Host: ced-ns.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "27ce335d1ccb9d2407f75c4e984690d2:1667237132.1792"
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
Date: Wed, 30 Nov 2022 09:43:34 GMT
Content-Length: 14729
Connection: keep-alive
eqx.smartadserver.com/h/aip?uii=1379841187048975934&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dMedium%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414481&envtype=0&opid=ef783f0b-2e5b-408a-b4e7-cf2c8c905f12&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t&gdpr=0&pgid=1380289&fmtid=73770&statid=1&visit=s
185.86.137.114200 OK 43 B URL HTTP/1.1 eqx.smartadserver.com/h/aip?uii=1379841187048975934&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dMedium%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414481&envtype=0&opid=ef783f0b-2e5b-408a-b4e7-cf2c8c905f12&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t&gdpr=0&pgid=1380289&fmtid=73770&statid=1&visit=s
IP 185.86.137.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /h/aip?uii=1379841187048975934&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dMedium%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414481&envtype=0&opid=ef783f0b-2e5b-408a-b4e7-cf2c8c905f12&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t&gdpr=0&pgid=1380289&fmtid=73770&statid=1&visit=s HTTP/1.1
Host: eqx.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:33 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: Trk0=Value=1380289&Creation=30%2f11%2f2022+09%3a43%3a34; expires=Fri, 30 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ced-ns.sascdn.com/diff/templates/images/close-retina.png
95.101.10.64200 OK 1.8 kB URL HTTP/1.1 ced-ns.sascdn.com/diff/templates/images/close-retina.png
IP 95.101.10.64:0
ASN #20940 Akamai International B.V.
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash dc45791e534223d16a4d14fa1a1a5f4e
4c5ddefda84b00128001d316d2f7dfa434166894
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
GET /diff/templates/images/close-retina.png HTTP/1.1
Host: ced-ns.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Last-Modified: Wed, 20 Oct 2021 08:07:22 GMT
Server: AkamaiNetStorage
Content-Length: 1802
Cache-Control: max-age=86400
Date: Wed, 30 Nov 2022 09:43:34 GMT
Connection: keep-alive
eqx.smartadserver.com/h/aip?uii=4223589766623821700&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dUnknown%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414562&envtype=0&opid=067cf963-0474-4b3b-a877-af6fa998f300&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t%3b%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=1&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fguruhitech.com%2fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2f&cappid=3689359109311907737&capp=0&mcrdbt=0&insid=11319777&imgid=29151790&pgid=1380289&fmtid=73769&isLazy=0
185.86.137.114200 OK 43 B URL HTTP/1.1 eqx.smartadserver.com/h/aip?uii=4223589766623821700&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dUnknown%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414562&envtype=0&opid=067cf963-0474-4b3b-a877-af6fa998f300&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t%3b%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=1&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fguruhitech.com%2fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2f&cappid=3689359109311907737&capp=0&mcrdbt=0&insid=11319777&imgid=29151790&pgid=1380289&fmtid=73769&isLazy=0
IP 185.86.137.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /h/aip?uii=4223589766623821700&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dUnknown%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414562&envtype=0&opid=067cf963-0474-4b3b-a877-af6fa998f300&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t%3b%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=1&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fguruhitech.com%2fquesta-nuova-truffa-paypal-potrebbe-ingannarti%2f&cappid=3689359109311907737&capp=0&mcrdbt=0&insid=11319777&imgid=29151790&pgid=1380289&fmtid=73769&isLazy=0 HTTP/1.1
Host: eqx.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: Trk401982=Value=1380289&Creation=30%2f11%2f2022+09%3a43%3a34; expires=Fri, 30 Dec 2022 09:43:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
eqx.smartadserver.com/h/aip?uii=4947271306006192917&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dUnknown%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414631&envtype=0&opid=676fae02-bacd-4564-ab3c-32b8b618cedd&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t%3b%24dt%3d1t%3b%24hc&gdpr=0&pgid=1380289&fmtid=73771&statid=1&visit=s
185.86.137.114200 OK 43 B URL HTTP/1.1 eqx.smartadserver.com/h/aip?uii=4947271306006192917&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dUnknown%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414631&envtype=0&opid=676fae02-bacd-4564-ab3c-32b8b618cedd&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t%3b%24dt%3d1t%3b%24hc&gdpr=0&pgid=1380289&fmtid=73771&statid=1&visit=s
IP 185.86.137.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /h/aip?uii=4947271306006192917&tmstp=1785390217&ckid=3689359109311907737&systgt=%24qc%3d1311348260%3b%24ql%3dUnknown%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1669801414631&envtype=0&opid=676fae02-bacd-4564-ab3c-32b8b618cedd&opdt=1669801414481&siteid=410318&tgt=consent%3drejected%3b%3b%24dt%3d1t%3b%24dt%3d1t%3b%24hc&gdpr=0&pgid=1380289&fmtid=73771&statid=1&visit=s HTTP/1.1
Host: eqx.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:34 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: Trk0=Value=1380289&Creation=30%2f11%2f2022+09%3a43%3a35; expires=Fri, 30 Dec 2022 09:43:35 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 30 Nov 2022 05:11:33 GMT
expires: Wed, 14 Dec 2022 05:11:33 GMT
cache-control: public, max-age=1209600
age: 16322
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www8.smartadserver.com/track/action?sid=1669801413525&pid=1380289&iid=11319777&fmtid=73769&cid=29151790&key=viewcount&ts=1669801413525
185.86.137.17200 OK 43 B URL HTTP/1.1 www8.smartadserver.com/track/action?sid=1669801413525&pid=1380289&iid=11319777&fmtid=73769&cid=29151790&key=viewcount&ts=1669801413525
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /track/action?sid=1669801413525&pid=1380289&iid=11319777&fmtid=73769&cid=29151790&key=viewcount&ts=1669801413525 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:35 GMT
transfer-encoding: chunked
www8.smartadserver.com/track/action?sid=1669801413701&pid=1380289&iid=10185048&fmtid=79610&cid=26782749&key=viewcount&ts=1669801413701
185.86.137.17200 OK 43 B URL HTTP/1.1 www8.smartadserver.com/track/action?sid=1669801413701&pid=1380289&iid=10185048&fmtid=79610&cid=26782749&key=viewcount&ts=1669801413701
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /track/action?sid=1669801413701&pid=1380289&iid=10185048&fmtid=79610&cid=26782749&key=viewcount&ts=1669801413701 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:35 GMT
transfer-encoding: chunked
www8.smartadserver.com/track/action?sid=1669801413659&pid=1380289&iid=11318509&fmtid=73763&cid=29168027&key=viewcount&ts=1669801413659
185.86.137.17200 OK 43 B URL HTTP/1.1 www8.smartadserver.com/track/action?sid=1669801413659&pid=1380289&iid=11318509&fmtid=73763&cid=29168027&key=viewcount&ts=1669801413659
IP 185.86.137.17:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /track/action?sid=1669801413659&pid=1380289&iid=11318509&fmtid=73763&cid=29168027&key=viewcount&ts=1669801413659 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 30 Nov 2022 09:43:35 GMT
transfer-encoding: chunked
antenna.ayads.co/?device=d&et=9011&ga=0&gc=1&gm=1&gs=2&gv=2&puid=p543318636364136768&sqid=6&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=7381&tse=1669801415098&ver=20221125092305&z=37375&e=ul
18.200.182.178204 No Content 0 B URL HTTP/2 antenna.ayads.co/?device=d&et=9011&ga=0&gc=1&gm=1&gs=2&gv=2&puid=p543318636364136768&sqid=6&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=7381&tse=1669801415098&ver=20221125092305&z=37375&e=ul
IP 18.200.182.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?device=d&et=9011&ga=0&gc=1&gm=1&gs=2&gv=2&puid=p543318636364136768&sqid=6&src=wf&suid=s7383905484882516834&t=1669801407718&tfz=7381&tse=1669801415098&ver=20221125092305&z=37375&e=ul HTTP/1.1
Host: antenna.ayads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 09:43:36 GMT
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.76:0
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Wed, 30 Nov 2022 03:00:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Wed, 30 Nov 2022 03:00:33 GMT
etag: W/"2dd01dbde56e1bed0bb9207725823abc"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EUAaQ3hoTqg45JQdnlFbGOZsseXlFNzTIh1DBTgW990hywX9IEV-yg==
age: 24166
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&display=fallback&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&display=fallback&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&display=fallback&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 09:43:28 GMT
date: Wed, 30 Nov 2022 09:43:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=kooibyoruq&e=1841806559274
54.230.111.45200 OK 0 B URL HTTP/2 sopalk.com/r/p.html?f=kooibyoruq&e=1841806559274
IP 54.230.111.45:0
GET /r/p.html?f=kooibyoruq&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ersF6jflEZ7UzGzLZf_WjBvQYdhrQFp5NnAPPk_KUakbXSXLYC3XEQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/gEQ4qwe3VM9Sc/guruhitech.com/choice.js?tag_version=V2
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/gEQ4qwe3VM9Sc/guruhitech.com/choice.js?tag_version=V2
IP 143.204.55.76:0
GET /choice/gEQ4qwe3VM9Sc/guruhitech.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:23:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
cache-control: max-age=3600
date: Wed, 30 Nov 2022 09:42:52 GMT
etag: W/"01dcc41487b4497f4b04490b40ef60e2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g9hBmw82jlpfuGDkqq7WCJZuh9Eh-bMlS3CIVgpp_xueeedIO6IQ_w==
age: 38
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/services.min.css?ver=202248z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202248z
IP 192.0.73.2:0
GET /dist/css/services.min.css?ver=202248z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Wed, 07 Dec 2022 09:43:29 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=exrrqryt&e=1841806559274
54.230.111.45200 OK 0 B URL HTTP/2 sopalk.com/r/p.html?f=exrrqryt&e=1841806559274
IP 54.230.111.45:0
GET /r/p.html?f=exrrqryt&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9se9NvuI4uU-QzuhNnKVzODgWiV69moCDodNhNx5BCcHr8xyMV8NmQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
t.seedtag.com/t/2770-0874-01.js
104.18.132.145200 OK 0 B URL HTTP/2 t.seedtag.com/t/2770-0874-01.js
IP 104.18.132.145:0
GET /t/2770-0874-01.js HTTP/1.1
Host: t.seedtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript; charset=utf-8
etag: W/"a591-aLMTgH47pCJ4IDrY3pTdfrQQTw4"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: EXPIRED
expires: Wed, 30 Nov 2022 10:03:28 GMT
cache-control: public, max-age=1200
vary: Accept-Encoding
server: cloudflare
cf-ray: 7722a390d8befac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
0.gravatar.com/js/gprofiles.js?ver=202248z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/js/gprofiles.js?ver=202248z
IP 192.0.73.2:0
GET /js/gprofiles.js?ver=202248z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Wed, 07 Dec 2022 09:43:29 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=nlprkfg&e=1841806559274
54.230.111.45200 OK 0 B URL HTTP/2 sopalk.com/r/p.html?f=nlprkfg&e=1841806559274
IP 54.230.111.45:0
GET /r/p.html?f=nlprkfg&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b3TczX36Bcj7-X9P8qpZkbV-WyPExX1DrID0gf34EnhWNwXEn4QTyQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/modules/likes/queuehandler.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/modules/likes/queuehandler.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/modules/likes/queuehandler.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 30 Nov 2021 17:16:10 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP 192.0.77.32:0
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Fri, 10 Nov 2023 15:10:53 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=zgsxqvgv&e=1841806559274
54.230.111.45200 OK 0 B URL HTTP/2 sopalk.com/r/p.html?f=zgsxqvgv&e=1841806559274
IP 54.230.111.45:0
GET /r/p.html?f=zgsxqvgv&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _hwoocwndPM8u53vY0kdreN-locxKvQbpNmadwtsE9bj9HeoSOy0sQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
sac.ayads.co/sublime/37375
104.20.11.37200 OK 0 B URL HTTP/2 sac.ayads.co/sublime/37375
IP 104.20.11.37:0
GET /sublime/37375 HTTP/1.1
Host: sac.ayads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
pragma: public
expires: Wed, 30 Nov 2022 10:43:28 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 03:16:54 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7722a39219670b65-OSL
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=ehkpejyso&e=1841806559274
54.230.111.45200 OK 0 B URL HTTP/2 sopalk.com/r/p.html?f=ehkpejyso&e=1841806559274
IP 54.230.111.45:0
GET /r/p.html?f=ehkpejyso&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yxk1A2OjuNVPh6QgY5v3D8iUa2Mf4zPfv-xpO4JMP-yEoY83qqvoFg==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
jetpack.wordpress.com/jetpack-comment/?blogid=183903148&postid=89993&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Rispondi&jetpack_comments_nonce=614b0a1410&greeting_reply=Rispondi+a+%25s&color_scheme=transparent&lang=it_IT&jetpack_version=11.5.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=0eb976b29086136c458b6ecf176a99d1f3312d7b
192.0.78.32200 OK 0 B URL HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=183903148&postid=89993&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Rispondi&jetpack_comments_nonce=614b0a1410&greeting_reply=Rispondi+a+%25s&color_scheme=transparent&lang=it_IT&jetpack_version=11.5.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=0eb976b29086136c458b6ecf176a99d1f3312d7b
IP 192.0.78.32:0
GET /jetpack-comment/?blogid=183903148&postid=89993&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Rispondi&jetpack_comments_nonce=614b0a1410&greeting_reply=Rispondi+a+%25s&color_scheme=transparent&lang=it_IT&jetpack_version=11.5.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=0eb976b29086136c458b6ecf176a99d1f3312d7b HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 4.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.76:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://guruhitech.com
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Wed, 30 Nov 2022 03:01:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Wed, 30 Nov 2022 03:01:32 GMT
etag: W/"5e5c32e11030f411462907ffac99a722"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -XDFNLIe6VEINVbmPpNrJwuT8XzzUu_cs2S2AU7xjXO5qZDP1vEV2Q==
age: 24116
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.206200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.206:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:43:29 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
expires: Wed, 07 Dec 2022 09:43:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
sopalk.com/r/p.html?f=qjqucgligk&e=1841806559274
54.230.111.45200 OK 0 B URL HTTP/2 sopalk.com/r/p.html?f=qjqucgligk&e=1841806559274
IP 54.230.111.45:0
GET /r/p.html?f=qjqucgligk&e=1841806559274 HTTP/1.1
Host: sopalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 16:28:25 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QqAvzVxIhiMCrJF2bpwZv6RVkjztDByG5mtRx8uNS7wH7fJb3TeylQ==
age: 62105
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dashicons.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dashicons.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dashicons.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://guruhitech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:43:28 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
content-encoding: br
expires: Thu, 30 Nov 2023 09:43:28 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2