motos.espirituracer.com/
172.67.201.233301 Moved Permanently 0 B IP 172.67.201.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: motos.espirituracer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 12:29:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Dec 2022 13:29:28 GMT
Location: https://motos.espirituracer.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2B5b1lk45gFmfeYX6Z3ircSPlCL3vzWTJHAJGy1eTshjwws3Q%2FCXMsY%2F4hT0PnZ4BVIWra5qmvMglQSuEhfpl3OdPCn5hh2mI%2BY1n7SSIFtGf04f5Z5saocmcU8kQlGSXWYUWAVT1QPxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 772bd41f29690b51-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5930
Expires: Thu, 01 Dec 2022 14:08:19 GMT
Date: Thu, 01 Dec 2022 12:29:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3453
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:29 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 681
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7824
Expires: Thu, 01 Dec 2022 14:39:53 GMT
Date: Thu, 01 Dec 2022 12:29:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: w4FMxMYiu3BUF3zEMDoVJaSUyuWGAcwh3b2HF0CBppaXBb2fTTqKEDHnLGW/8qWf4SzffeHEETA=
x-amz-request-id: GET6XMMA5XMJWVRK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:45:39 GMT
age: 2630
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 12:29:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0ec8791cbada4a689082400c14e7cf2c
86e6769fc2cd4cc4c6ea17e50ee3b9c43ec345cc
7f4f0b74654308db1122b84d65fe513c817b22567576ec94db5cc21d86e1d39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120301
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:29 GMT
Etag: "6387d116-117"
Expires: Fri, 02 Dec 2022 21:54:30 GMT
Last-Modified: Wed, 30 Nov 2022 21:54:30 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 12:11:15 GMT
cache-control: public,max-age=3600
age: 1094
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0ec8791cbada4a689082400c14e7cf2c
86e6769fc2cd4cc4c6ea17e50ee3b9c43ec345cc
7f4f0b74654308db1122b84d65fe513c817b22567576ec94db5cc21d86e1d39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=120301
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:29 GMT
Etag: "6387d116-117"
Expires: Fri, 02 Dec 2022 21:54:30 GMT
Last-Modified: Wed, 30 Nov 2022 21:54:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3454
Cache-Control: max-age=164094
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:29 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:04:23 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/js/froogaloop2.min.js
151.101.246.109403 Forbidden 5.4 kB URL HTTP/2 f.vimeocdn.com/js/froogaloop2.min.js
IP 151.101.246.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5364), with no line terminators
Hash e93c5d5e9322783df3325319a34e59bf
59fe46b9ecde66156d6e34b22827e78c8cf73f4f
f99424c50c737152a5da0291de7204b0d805a39b6df33eed73bf778f94b671cb
GET /js/froogaloop2.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
cache-control: pragma, no-cache, max-age=0
accept-ranges: bytes
date: Thu, 01 Dec 2022 12:29:30 GMT
via: 1.1 varnish
x-served-by: cache-hel1410034-HEL
x-cache: MISS
x-cache-hits: 0
content-length: 5364
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.223.160.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.160.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: otHKWlosQqUAt3ebfWKmlw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K/3zdnhuO12o5/PIvTWp+f5xoFc=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5f8ca2c81dcc5ac917c680961696a2b3
e5052c4f49eb37b8fe194c9d74151b27eafe51cf
c4f77da6c94d588e1579eef47176830dd7136436219da5732a4f6f89168c757e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Etag: "6384fd0f-117"
Last-Modified: Thu, 01 Dec 2022 10:52:35 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=UA-113488451-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113488451-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 82847a56b580a7b63872e5fe9baa24e0
75f486f38c1b5f82ef86032aab60bd2df066c483
2ecec73f9a6774ec83fcebd6f3675b101a67af5c3910c85d4c04ce13d4dfdcbe
GET /gtag/js?id=UA-113488451-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:29:30 GMT
expires: Thu, 01 Dec 2022 12:29:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/js/froogaloop2.min.js
151.101.246.109403 Forbidden 5.4 kB URL HTTP/2 f.vimeocdn.com/js/froogaloop2.min.js
IP 151.101.246.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5364), with no line terminators
Hash e93c5d5e9322783df3325319a34e59bf
59fe46b9ecde66156d6e34b22827e78c8cf73f4f
f99424c50c737152a5da0291de7204b0d805a39b6df33eed73bf778f94b671cb
GET /js/froogaloop2.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
cache-control: pragma, no-cache, max-age=0
accept-ranges: bytes
date: Thu, 01 Dec 2022 12:29:30 GMT
via: 1.1 varnish
x-served-by: cache-hel1410034-HEL
x-cache: MISS
x-cache-hits: 0
content-length: 5364
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5f8ca2c81dcc5ac917c680961696a2b3
e5052c4f49eb37b8fe194c9d74151b27eafe51cf
c4f77da6c94d588e1579eef47176830dd7136436219da5732a4f6f89168c757e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Last-Modified: Thu, 01 Dec 2022 10:52:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ae165702a1526b5e16ef89c10aa13fb7
160ed9b15a0d08666627e3e8c57a658647e9ea6e
585e2f59c46f0e60dbf41ca789ade8bc387e004abf4ab8e9b6243c0b895879d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "585E2F59C46F0E60DBF41CA789ADE8BC387E004ABF4AB8E9B6243C0B895879D2"
Last-Modified: Wed, 30 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 18:29:30 GMT
Date: Thu, 01 Dec 2022 12:29:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 3.2 kB IP 142.250.74.131:0
Hash 924031df5fac34a00b2ca4de16456b75
50c93d58a5001f63d003e251398d738fb55f2378
eced9b38db110242978cfeaea333857442903884e9d0899c97d733d1a66ead76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 6.4 kB IP 142.250.74.131:0
Hash 630b7873c24f25cd5b19674abdfc24cf
5a0815491df6e39bc7f394874ded9d6e7b2216f7
4b333fd181fab45654eeff67f30a4c587e3d974a939892c1eb71fdbaaa931c8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 10:46:55 GMT
expires: Thu, 01 Dec 2022 12:46:55 GMT
cache-control: public, max-age=7200
age: 6156
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/tag/js/gpt.js
142.250.74.2200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.2:0
Hash 4fdaf16a4e50db1882589c05a98bc816
16cf940c2121bb4dc86ba68493233c41bf8367db
3aebe0d24fc4df747a6dd6d2cb4add58ff2c22c6ba2ad6fbfad6fa03f7709a01
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27268
date: Thu, 01 Dec 2022 12:29:31 GMT
expires: Thu, 01 Dec 2022 12:29:31 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1408 / 187 of 1000 / last-modified: 1669896651"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5873176462648467
142.250.74.34200 OK 65 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5873176462648467
IP 142.250.74.34:0
File type ASCII text, with very long lines (575), with CRLF line terminators
Hash 7ef92fa41759060f1e976acee0da17c4
ded6cd8d058af16c7507d291e8f2e1527f493843
63b0bbd3a3aee65d36dd6c1fdbfff869b9018ee3ee6d54069bb4ed6e1efabdb9
GET /pagead/js/adsbygoogle.js?client=ca-pub-5873176462648467 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://motos.espirituracer.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:29:31 GMT
expires: Thu, 01 Dec 2022 12:29:31 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3001095175017486014
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.2 kB IP 142.250.74.131:0
Hash 94e0a05fc26b992cb1f56b500808ef1c
79197b76fe27db488266920958e9ab4955bf4c6a
7c4a825ab6340291771b9877744dab852e614f9d18042469ffd6750ba84844e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.6 kB IP 142.250.74.131:0
Hash cf556afaedf0fa55ff87c268005eeea6
848a5838f134496c4cf5b97d584b2f8a94f1467c
fa562adad64559b779329fe3e6f3b864f1c33cb0b7e1b999c91e44ddaede7dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 784 B IP 142.250.74.131:0
Hash 013fb74ab5b2b3b859c8d38cc0b66f24
8cec5266942c418ab87e24b971510c4dbd6145f8
3868f42651b3da8a3ea914e88163bccc17a7c32c9743260b8e00b434b8ded71f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 07:10:43 GMT
expires: Fri, 01 Dec 2023 07:10:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 19128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.35200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.35:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:53:10 GMT
expires: Wed, 29 Nov 2023 21:53:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 138981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 5.0 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
Hash 2178af38358db508fc4eaa7b0d6c2761
654e4da7781c8b783333ee4bd650e6ba954960ed
345f59274783c58dd8c57ca16fd75f0c5ae658a8e8643750356a25f79920b40a
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 11:25:00 GMT
expires: Fri, 01 Dec 2023 11:25:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 3871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=motos.espirituracer.com
142.250.74.130200 OK 1.6 kB URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=motos.espirituracer.com
IP 142.250.74.130:0
File type ASCII text, with very long lines (576), with CRLF line terminators
Hash 109fee201f97b2f5eae367ef1941328e
b7a949b0c440e8817f250f0e4439679dc045195e
a110a5af01e446643897285462a332219c30335c88408a1c7acb130ca378d3d0
GET /pagead/ppub_config?ippd=motos.espirituracer.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://motos.espirituracer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Thu, 01 Dec 2022 12:29:31 GMT
expires: Thu, 01 Dec 2022 12:29:31 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 64
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 12:44:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071038
142.250.74.130200 OK 133 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071038
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 133 kB (133261 bytes)
Hash 28036597aca2cffc3078c528f5e12edf
0087fe2ab1d7580a251f579f55bb5cb9348239c9
d130cb132fa7ebc97308c096baa66db137c8e3c45eb4105f7bf47c8760f726b3
GET /gpt/pubads_impl_2022112901.js?cb=31071038 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 133261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:54:49 GMT
expires: Wed, 29 Nov 2023 11:54:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:37:49 GMT
content-type: text/javascript
age: 174882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 01 Dec 2022 11:45:52 GMT
expires: Thu, 15 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
age: 2619
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=motos.espirituracer.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=motos.espirituracer.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=motos.espirituracer.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 12:29:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=motos.espirituracer.com
216.58.207.194200 OK 7.0 kB URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=motos.espirituracer.com
IP 216.58.207.194:0
Hash ce325821e238935faa4bd6cee6afa448
b592d1d6852625bd3f44d228f6aa3de1c8756f5f
95ebd4dc8b4a3753f9e1fb30b9dd3043bde79bab96421580828e1a6e9e3c1e9d
GET /adsid/integrator.js?domain=motos.espirituracer.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 12:29:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15877
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:29:32 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Oswald:wght@450&display=swap
142.250.74.74200 OK 997 B URL HTTP/2 fonts.googleapis.com/css2?family=Oswald:wght@450&display=swap
IP 142.250.74.74:0
Hash d5d3d2fff0f2fa9610b2956d1fc68374
58330e90011869bf84fd9d6967b403cb4a162e04
7bd913102cf68b1ca9d761ecdb9959360eee7a1f9abed4c3b20db6e9b1c1bbf2
GET /css2?family=Oswald:wght@450&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 12:29:30 GMT
date: Thu, 01 Dec 2022 12:29:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 676 B IP 142.250.74.131:0
Hash ba13642b0da85a362a894916f612526e
45b1090812ffce519ceec7de619f723a080131ec
ae2a3305649e6a5038ca8c0fbb42349fb0ecb74ca92c17460da7a53ac97f7a35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 52595
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 63086
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 52652
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=motos.espirituracer.com&callback=_gfp_s_&client=ca-pub-5873176462648467&gpid_exp=1
216.58.207.226200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=motos.espirituracer.com&callback=_gfp_s_&client=ca-pub-5873176462648467&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (401), with no line terminators
Hash 71c1cd1e07ac29e6fce3e022fbf03853
17bce3cfb6e2eeda2bdc3b94b69244bb1115a2c2
7c071adb479e895b4863dbefcbb4165bf80185f5483dc659f9a8d2cc0aa538d7
GET /gampad/cookie.js?domain=motos.espirituracer.com&callback=_gfp_s_&client=ca-pub-5873176462648467&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 12:29:32 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 52657
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 49557
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 52922
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14598), with no line terminators
Hash f768b696b9ab63cbdd02547402a5624e
4390a0b2987f13175a63bc9b62755747365da879
8cf3e5adeafc688744572fa812e20cf5f277e1fb32af4eba8fedee864e1f8486
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://motos.espirituracer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 01 Dec 2022 12:29:32 GMT
server: cafe
content-length: 11021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=motos.espirituracer.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=motos.espirituracer.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=motos.espirituracer.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 12:29:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 165546aa7ca45740cfa6f9da95218843
6b4f648f1e0db224142a991f14793e85143782c9
6f6df2fba804d6520ddc4b6d078691604c319284d50e7f32ed35312fa62653e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 01 Dec 2022 12:29:32 GMT
expires: Thu, 01 Dec 2022 12:29:32 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 3.4 kB URL HTTP/2 aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type ASCII text, with very long lines (2969), with no line terminators
Hash 7e8f19fc017c34b947db7f50148d9415
c897b035917fc5859dd4d52de8bcfd8d09668f18
a39f1d45c6d35e6aa0976ae9cae1f111a11b2c7b568768e29cf72b33c797b5a2
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 01 Dec 2022 12:29:32 GMT
expires: Fri, 01 Dec 2023 12:29:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 2.0 kB URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
Hash 8e4e6c39d0b95764828e5847ad4a3268
b2a74380944bace9f373632856542d73bb07c88b
93cc9b78e1fa08317e7399f2616939c29059ccb67f9ac1fd19bd2d0b306592ad
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 01 Dec 2022 12:29:32 GMT
date: Thu, 01 Dec 2022 12:29:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-sYXMIxRIvrsfsDW74oHfvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 920992c4818e7d17517e3dfef67a22c1
407b7e56fbb4faacca123af367b6cfdf0b7b2d99
527197c1e55e0b319d64e59070906d60084827233a6d7498cf63145ab665c424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
142.250.74.70200 OK 60 kB URL HTTP/2 s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (2322)
Hash 36b0ba015b3250f6bda9e89b898f4707
635c67d8b08f40705e87e9c81cb138aef9c2ecdb
c70af3ba570296102947920e68bfe252d08de33b0464a910dd8e5d3ac58410f3
GET /879366/html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 60311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 13:00:22 GMT
expires: Thu, 01 Dec 2022 13:00:22 GMT
cache-control: public, max-age=86400
age: 84551
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 920992c4818e7d17517e3dfef67a22c1
407b7e56fbb4faacca123af367b6cfdf0b7b2d99
527197c1e55e0b319d64e59070906d60084827233a6d7498cf63145ab665c424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:29:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
motos.espirituracer.com/
104.21.76.224200 OK 40 kB IP 104.21.76.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 7943d58dcc4b49a328c51387e4300f0c
3f9cbfc6ced0f118a88c1325b3600c6e07ba4934
78f9b23f92c91eb6b07cbe9b0e140662a357929a681b75afc7654110e0c228ce
GET / HTTP/1.1
Host: motos.espirituracer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:29:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
last-modified: Thu, 01 Dec 2022 12:04:14 GMT
x-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: https://segurosmotos.espirituracer.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
x-powered-by: espirituRACER
permissions-policy: camera=(), microphone=();
content-security-policy: frame-ancestors 'self';
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTZbHckNH4wiQbOilhalzNv19KzlebwAeB7lD1gnlQGNItShheW46CZqA5vjZKTFa0qDxdvSBxwkVORQ%2BtoDMJkBZaaM0YBBrKz9jTJKtk7AzweQ%2FyQAh0Ho1NQjXN86%2FiFJBWzuXF3VvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772bd422ab97b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvufUwCqOJgUjpA-3VSngtyw-lrztb3tUU3Zaod019frV4mJbcgWF0fdg04oq4AlD_UGK0vuWWqiNKvuRNfNxHpFwz-LkT6Vc5W1B9IbgLWFZRya9T1GlxvHKjGkW2v5M57K-mY4EMhRqJivO9GRD6U50QwTqpsCyF-NGEtp_1jOZUDJQDmgoTD16U0nS43Useab3CloGkwbGn9vkQxh5eyovHbK5hfltrYNH7g1e3400RJZLjZZtahnrl74jiYxD6JMW4U36LdchU1hYi-vwwLTjbpjeJgztImQZL1KCOGM4KBoeU3Zq3Zjq8Ch6CqfNab3ba4t7oW8fq3QF_UsRnyWbOqkaAKGYYx4aF_UZ4ZoeNSXongXzRzFYwI_VQuerUirynMJd5sB0AzYUljylW2cZDoUH-nZ64LD80bQ1IwHc_TTGk6fTxMJYzWqTNvAOwDT_1RGVPJ97cUDMxetarrnn__mVFaE-e6NpyKDJI_FKLTx92AWxqlBy_j0ohG2b97y8SrFiIwOqmwn2UQaQToCrtsbxy7ZLi3Hy-1H0C4zJBs9F8Kd8hwSM9E7PzL1zuu2H9nDcL3Fi6MwIu8vyIdMeDdKr72YKpcUXhtQkqcvUPi81Jn5Qn5vDw_uU0IH5YRuy7BPuxbUXRDjJ7vLGnEB0DSkhIyl7nzuEfSRrZj4FeSFXNUHE6bk-wtoMX6HjjQhkoyN4QvxWtl-XEGWN2NcLAq_Tkq6ASBZf3S4LFsd9f_4-5X86lH0VhP2dSOGZ2fkEngtFTFmFQsqf2QlBruTDb31yFEo7rcKXA8OUvHB1SVLPiVYsVk2rGfquC5zTKdYBgpdwx-Ptb-kDdkJCHGBBIOgwG3og-0eJxK1WBKlysG8gHOc7-M9YYnZwKxhSGgLzHpcQTIb0E5gNdytAk250wef_Ot8_2jc3fuSERunLdr2mE3UKfqLQLceHzCyDpS5shUdTlOo5yoNcmjl5oqzlWZt8KW9voBlBRE6Wk_cdnjcbeBFcLF-c-cWbULs8WkcEb3GeLkHoZS3hU-kyVFO72YL1t80qGdPJn4F0IvN4J1CP7JqmdMxB87RHUhqFGuh5n1x256w0P1PgWWXma5bslJt8AyQoENgVJiROZL6HxmXWUyJDyN5FUo94Wtyd27qJomXKXbh9ymvF2L-sCX42LYA1olpjEY-IWE-McAvGyIe68q9oy8_JmDtfm4kfvt9O36JlGbk-bJAlXs8nxSjRK80YKyLqqzgO2BtFdZf3qWVbKops2NXGXYvNzjG63urslW8onhnQAxYbMvzZXLjEXhmHaNNRxTBZ_G81mVHs1HcUZhXQ&sai=AMfl-YS4rqrHwKUo4yv8-Ccdn6w956eG-tbh0yM6H_qA_4KnZqn-t_dcJnJgTDP5LP4TJfOqeuAXvc8WDEUeAkkZvXqnJn2-sznk9t49LLg0OvgNoDP4sRHIqIxYCLz56ILLjeWXWJ6aHIolp-P7B5pZlC6fBzRMHeWamVqqRpQlssd8EaJ2werNLjCYouwk35KQw-L-axmqn6m-dyWwdFlvDcVey75xjqMcnqKiWZ8e-1h_HfIfXINovu83Ofc-EcUvYMGqz20xaYdVhJl9EihewdkxEjV5pk0sLyiAnTKnvOqOrv2FDVg&sig=Cg0ArKJSzFA3_FK3jzHhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=160&cisv=r20221110.51993&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvufUwCqOJgUjpA-3VSngtyw-lrztb3tUU3Zaod019frV4mJbcgWF0fdg04oq4AlD_UGK0vuWWqiNKvuRNfNxHpFwz-LkT6Vc5W1B9IbgLWFZRya9T1GlxvHKjGkW2v5M57K-mY4EMhRqJivO9GRD6U50QwTqpsCyF-NGEtp_1jOZUDJQDmgoTD16U0nS43Useab3CloGkwbGn9vkQxh5eyovHbK5hfltrYNH7g1e3400RJZLjZZtahnrl74jiYxD6JMW4U36LdchU1hYi-vwwLTjbpjeJgztImQZL1KCOGM4KBoeU3Zq3Zjq8Ch6CqfNab3ba4t7oW8fq3QF_UsRnyWbOqkaAKGYYx4aF_UZ4ZoeNSXongXzRzFYwI_VQuerUirynMJd5sB0AzYUljylW2cZDoUH-nZ64LD80bQ1IwHc_TTGk6fTxMJYzWqTNvAOwDT_1RGVPJ97cUDMxetarrnn__mVFaE-e6NpyKDJI_FKLTx92AWxqlBy_j0ohG2b97y8SrFiIwOqmwn2UQaQToCrtsbxy7ZLi3Hy-1H0C4zJBs9F8Kd8hwSM9E7PzL1zuu2H9nDcL3Fi6MwIu8vyIdMeDdKr72YKpcUXhtQkqcvUPi81Jn5Qn5vDw_uU0IH5YRuy7BPuxbUXRDjJ7vLGnEB0DSkhIyl7nzuEfSRrZj4FeSFXNUHE6bk-wtoMX6HjjQhkoyN4QvxWtl-XEGWN2NcLAq_Tkq6ASBZf3S4LFsd9f_4-5X86lH0VhP2dSOGZ2fkEngtFTFmFQsqf2QlBruTDb31yFEo7rcKXA8OUvHB1SVLPiVYsVk2rGfquC5zTKdYBgpdwx-Ptb-kDdkJCHGBBIOgwG3og-0eJxK1WBKlysG8gHOc7-M9YYnZwKxhSGgLzHpcQTIb0E5gNdytAk250wef_Ot8_2jc3fuSERunLdr2mE3UKfqLQLceHzCyDpS5shUdTlOo5yoNcmjl5oqzlWZt8KW9voBlBRE6Wk_cdnjcbeBFcLF-c-cWbULs8WkcEb3GeLkHoZS3hU-kyVFO72YL1t80qGdPJn4F0IvN4J1CP7JqmdMxB87RHUhqFGuh5n1x256w0P1PgWWXma5bslJt8AyQoENgVJiROZL6HxmXWUyJDyN5FUo94Wtyd27qJomXKXbh9ymvF2L-sCX42LYA1olpjEY-IWE-McAvGyIe68q9oy8_JmDtfm4kfvt9O36JlGbk-bJAlXs8nxSjRK80YKyLqqzgO2BtFdZf3qWVbKops2NXGXYvNzjG63urslW8onhnQAxYbMvzZXLjEXhmHaNNRxTBZ_G81mVHs1HcUZhXQ&sai=AMfl-YS4rqrHwKUo4yv8-Ccdn6w956eG-tbh0yM6H_qA_4KnZqn-t_dcJnJgTDP5LP4TJfOqeuAXvc8WDEUeAkkZvXqnJn2-sznk9t49LLg0OvgNoDP4sRHIqIxYCLz56ILLjeWXWJ6aHIolp-P7B5pZlC6fBzRMHeWamVqqRpQlssd8EaJ2werNLjCYouwk35KQw-L-axmqn6m-dyWwdFlvDcVey75xjqMcnqKiWZ8e-1h_HfIfXINovu83Ofc-EcUvYMGqz20xaYdVhJl9EihewdkxEjV5pk0sLyiAnTKnvOqOrv2FDVg&sig=Cg0ArKJSzFA3_FK3jzHhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=160&cisv=r20221110.51993&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvufUwCqOJgUjpA-3VSngtyw-lrztb3tUU3Zaod019frV4mJbcgWF0fdg04oq4AlD_UGK0vuWWqiNKvuRNfNxHpFwz-LkT6Vc5W1B9IbgLWFZRya9T1GlxvHKjGkW2v5M57K-mY4EMhRqJivO9GRD6U50QwTqpsCyF-NGEtp_1jOZUDJQDmgoTD16U0nS43Useab3CloGkwbGn9vkQxh5eyovHbK5hfltrYNH7g1e3400RJZLjZZtahnrl74jiYxD6JMW4U36LdchU1hYi-vwwLTjbpjeJgztImQZL1KCOGM4KBoeU3Zq3Zjq8Ch6CqfNab3ba4t7oW8fq3QF_UsRnyWbOqkaAKGYYx4aF_UZ4ZoeNSXongXzRzFYwI_VQuerUirynMJd5sB0AzYUljylW2cZDoUH-nZ64LD80bQ1IwHc_TTGk6fTxMJYzWqTNvAOwDT_1RGVPJ97cUDMxetarrnn__mVFaE-e6NpyKDJI_FKLTx92AWxqlBy_j0ohG2b97y8SrFiIwOqmwn2UQaQToCrtsbxy7ZLi3Hy-1H0C4zJBs9F8Kd8hwSM9E7PzL1zuu2H9nDcL3Fi6MwIu8vyIdMeDdKr72YKpcUXhtQkqcvUPi81Jn5Qn5vDw_uU0IH5YRuy7BPuxbUXRDjJ7vLGnEB0DSkhIyl7nzuEfSRrZj4FeSFXNUHE6bk-wtoMX6HjjQhkoyN4QvxWtl-XEGWN2NcLAq_Tkq6ASBZf3S4LFsd9f_4-5X86lH0VhP2dSOGZ2fkEngtFTFmFQsqf2QlBruTDb31yFEo7rcKXA8OUvHB1SVLPiVYsVk2rGfquC5zTKdYBgpdwx-Ptb-kDdkJCHGBBIOgwG3og-0eJxK1WBKlysG8gHOc7-M9YYnZwKxhSGgLzHpcQTIb0E5gNdytAk250wef_Ot8_2jc3fuSERunLdr2mE3UKfqLQLceHzCyDpS5shUdTlOo5yoNcmjl5oqzlWZt8KW9voBlBRE6Wk_cdnjcbeBFcLF-c-cWbULs8WkcEb3GeLkHoZS3hU-kyVFO72YL1t80qGdPJn4F0IvN4J1CP7JqmdMxB87RHUhqFGuh5n1x256w0P1PgWWXma5bslJt8AyQoENgVJiROZL6HxmXWUyJDyN5FUo94Wtyd27qJomXKXbh9ymvF2L-sCX42LYA1olpjEY-IWE-McAvGyIe68q9oy8_JmDtfm4kfvt9O36JlGbk-bJAlXs8nxSjRK80YKyLqqzgO2BtFdZf3qWVbKops2NXGXYvNzjG63urslW8onhnQAxYbMvzZXLjEXhmHaNNRxTBZ_G81mVHs1HcUZhXQ&sai=AMfl-YS4rqrHwKUo4yv8-Ccdn6w956eG-tbh0yM6H_qA_4KnZqn-t_dcJnJgTDP5LP4TJfOqeuAXvc8WDEUeAkkZvXqnJn2-sznk9t49LLg0OvgNoDP4sRHIqIxYCLz56ILLjeWXWJ6aHIolp-P7B5pZlC6fBzRMHeWamVqqRpQlssd8EaJ2werNLjCYouwk35KQw-L-axmqn6m-dyWwdFlvDcVey75xjqMcnqKiWZ8e-1h_HfIfXINovu83Ofc-EcUvYMGqz20xaYdVhJl9EihewdkxEjV5pk0sLyiAnTKnvOqOrv2FDVg&sig=Cg0ArKJSzFA3_FK3jzHhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=160&cisv=r20221110.51993&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 12:29:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 12:44:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 12:29:33 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvufUwCqOJgUjpA-3VSngtyw-lrztb3tUU3Zaod019frV4mJbcgWF0fdg04oq4AlD_UGK0vuWWqiNKvuRNfNxHpFwz-LkT6Vc5W1B9IbgLWFZRya9T1GlxvHKjGkW2v5M57K-mY4EMhRqJivO9GRD6U50QwTqpsCyF-NGEtp_1jOZUDJQDmgoTD16U0nS43Useab3CloGkwbGn9vkQxh5eyovHbK5hfltrYNH7g1e3400RJZLjZZtahnrl74jiYxD6JMW4U36LdchU1hYi-vwwLTjbpjeJgztImQZL1KCOGM4KBoeU3Zq3Zjq8Ch6CqfNab3ba4t7oW8fq3QF_UsRnyWbOqkaAKGYYx4aF_UZ4ZoeNSXongXzRzFYwI_VQuerUirynMJd5sB0AzYUljylW2cZDoUH-nZ64LD80bQ1IwHc_TTGk6fTxMJYzWqTNvAOwDT_1RGVPJ97cUDMxetarrnn__mVFaE-e6NpyKDJI_FKLTx92AWxqlBy_j0ohG2b97y8SrFiIwOqmwn2UQaQToCrtsbxy7ZLi3Hy-1H0C4zJBs9F8Kd8hwSM9E7PzL1zuu2H9nDcL3Fi6MwIu8vyIdMeDdKr72YKpcUXhtQkqcvUPi81Jn5Qn5vDw_uU0IH5YRuy7BPuxbUXRDjJ7vLGnEB0DSkhIyl7nzuEfSRrZj4FeSFXNUHE6bk-wtoMX6HjjQhkoyN4QvxWtl-XEGWN2NcLAq_Tkq6ASBZf3S4LFsd9f_4-5X86lH0VhP2dSOGZ2fkEngtFTFmFQsqf2QlBruTDb31yFEo7rcKXA8OUvHB1SVLPiVYsVk2rGfquC5zTKdYBgpdwx-Ptb-kDdkJCHGBBIOgwG3og-0eJxK1WBKlysG8gHOc7-M9YYnZwKxhSGgLzHpcQTIb0E5gNdytAk250wef_Ot8_2jc3fuSERunLdr2mE3UKfqLQLceHzCyDpS5shUdTlOo5yoNcmjl5oqzlWZt8KW9voBlBRE6Wk_cdnjcbeBFcLF-c-cWbULs8WkcEb3GeLkHoZS3hU-kyVFO72YL1t80qGdPJn4F0IvN4J1CP7JqmdMxB87RHUhqFGuh5n1x256w0P1PgWWXma5bslJt8AyQoENgVJiROZL6HxmXWUyJDyN5FUo94Wtyd27qJomXKXbh9ymvF2L-sCX42LYA1olpjEY-IWE-McAvGyIe68q9oy8_JmDtfm4kfvt9O36JlGbk-bJAlXs8nxSjRK80YKyLqqzgO2BtFdZf3qWVbKops2NXGXYvNzjG63urslW8onhnQAxYbMvzZXLjEXhmHaNNRxTBZ_G81mVHs1HcUZhXQ&sai=AMfl-YS4rqrHwKUo4yv8-Ccdn6w956eG-tbh0yM6H_qA_4KnZqn-t_dcJnJgTDP5LP4TJfOqeuAXvc8WDEUeAkkZvXqnJn2-sznk9t49LLg0OvgNoDP4sRHIqIxYCLz56ILLjeWXWJ6aHIolp-P7B5pZlC6fBzRMHeWamVqqRpQlssd8EaJ2werNLjCYouwk35KQw-L-axmqn6m-dyWwdFlvDcVey75xjqMcnqKiWZ8e-1h_HfIfXINovu83Ofc-EcUvYMGqz20xaYdVhJl9EihewdkxEjV5pk0sLyiAnTKnvOqOrv2FDVg&sig=Cg0ArKJSzFA3_FK3jzHhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&vt=11&dtpt=143&dett=3&cstd=160&cisv=r20221110.51993&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvufUwCqOJgUjpA-3VSngtyw-lrztb3tUU3Zaod019frV4mJbcgWF0fdg04oq4AlD_UGK0vuWWqiNKvuRNfNxHpFwz-LkT6Vc5W1B9IbgLWFZRya9T1GlxvHKjGkW2v5M57K-mY4EMhRqJivO9GRD6U50QwTqpsCyF-NGEtp_1jOZUDJQDmgoTD16U0nS43Useab3CloGkwbGn9vkQxh5eyovHbK5hfltrYNH7g1e3400RJZLjZZtahnrl74jiYxD6JMW4U36LdchU1hYi-vwwLTjbpjeJgztImQZL1KCOGM4KBoeU3Zq3Zjq8Ch6CqfNab3ba4t7oW8fq3QF_UsRnyWbOqkaAKGYYx4aF_UZ4ZoeNSXongXzRzFYwI_VQuerUirynMJd5sB0AzYUljylW2cZDoUH-nZ64LD80bQ1IwHc_TTGk6fTxMJYzWqTNvAOwDT_1RGVPJ97cUDMxetarrnn__mVFaE-e6NpyKDJI_FKLTx92AWxqlBy_j0ohG2b97y8SrFiIwOqmwn2UQaQToCrtsbxy7ZLi3Hy-1H0C4zJBs9F8Kd8hwSM9E7PzL1zuu2H9nDcL3Fi6MwIu8vyIdMeDdKr72YKpcUXhtQkqcvUPi81Jn5Qn5vDw_uU0IH5YRuy7BPuxbUXRDjJ7vLGnEB0DSkhIyl7nzuEfSRrZj4FeSFXNUHE6bk-wtoMX6HjjQhkoyN4QvxWtl-XEGWN2NcLAq_Tkq6ASBZf3S4LFsd9f_4-5X86lH0VhP2dSOGZ2fkEngtFTFmFQsqf2QlBruTDb31yFEo7rcKXA8OUvHB1SVLPiVYsVk2rGfquC5zTKdYBgpdwx-Ptb-kDdkJCHGBBIOgwG3og-0eJxK1WBKlysG8gHOc7-M9YYnZwKxhSGgLzHpcQTIb0E5gNdytAk250wef_Ot8_2jc3fuSERunLdr2mE3UKfqLQLceHzCyDpS5shUdTlOo5yoNcmjl5oqzlWZt8KW9voBlBRE6Wk_cdnjcbeBFcLF-c-cWbULs8WkcEb3GeLkHoZS3hU-kyVFO72YL1t80qGdPJn4F0IvN4J1CP7JqmdMxB87RHUhqFGuh5n1x256w0P1PgWWXma5bslJt8AyQoENgVJiROZL6HxmXWUyJDyN5FUo94Wtyd27qJomXKXbh9ymvF2L-sCX42LYA1olpjEY-IWE-McAvGyIe68q9oy8_JmDtfm4kfvt9O36JlGbk-bJAlXs8nxSjRK80YKyLqqzgO2BtFdZf3qWVbKops2NXGXYvNzjG63urslW8onhnQAxYbMvzZXLjEXhmHaNNRxTBZ_G81mVHs1HcUZhXQ&sai=AMfl-YS4rqrHwKUo4yv8-Ccdn6w956eG-tbh0yM6H_qA_4KnZqn-t_dcJnJgTDP5LP4TJfOqeuAXvc8WDEUeAkkZvXqnJn2-sznk9t49LLg0OvgNoDP4sRHIqIxYCLz56ILLjeWXWJ6aHIolp-P7B5pZlC6fBzRMHeWamVqqRpQlssd8EaJ2werNLjCYouwk35KQw-L-axmqn6m-dyWwdFlvDcVey75xjqMcnqKiWZ8e-1h_HfIfXINovu83Ofc-EcUvYMGqz20xaYdVhJl9EihewdkxEjV5pk0sLyiAnTKnvOqOrv2FDVg&sig=Cg0ArKJSzFA3_FK3jzHhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&vt=11&dtpt=143&dett=3&cstd=160&cisv=r20221110.51993&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvufUwCqOJgUjpA-3VSngtyw-lrztb3tUU3Zaod019frV4mJbcgWF0fdg04oq4AlD_UGK0vuWWqiNKvuRNfNxHpFwz-LkT6Vc5W1B9IbgLWFZRya9T1GlxvHKjGkW2v5M57K-mY4EMhRqJivO9GRD6U50QwTqpsCyF-NGEtp_1jOZUDJQDmgoTD16U0nS43Useab3CloGkwbGn9vkQxh5eyovHbK5hfltrYNH7g1e3400RJZLjZZtahnrl74jiYxD6JMW4U36LdchU1hYi-vwwLTjbpjeJgztImQZL1KCOGM4KBoeU3Zq3Zjq8Ch6CqfNab3ba4t7oW8fq3QF_UsRnyWbOqkaAKGYYx4aF_UZ4ZoeNSXongXzRzFYwI_VQuerUirynMJd5sB0AzYUljylW2cZDoUH-nZ64LD80bQ1IwHc_TTGk6fTxMJYzWqTNvAOwDT_1RGVPJ97cUDMxetarrnn__mVFaE-e6NpyKDJI_FKLTx92AWxqlBy_j0ohG2b97y8SrFiIwOqmwn2UQaQToCrtsbxy7ZLi3Hy-1H0C4zJBs9F8Kd8hwSM9E7PzL1zuu2H9nDcL3Fi6MwIu8vyIdMeDdKr72YKpcUXhtQkqcvUPi81Jn5Qn5vDw_uU0IH5YRuy7BPuxbUXRDjJ7vLGnEB0DSkhIyl7nzuEfSRrZj4FeSFXNUHE6bk-wtoMX6HjjQhkoyN4QvxWtl-XEGWN2NcLAq_Tkq6ASBZf3S4LFsd9f_4-5X86lH0VhP2dSOGZ2fkEngtFTFmFQsqf2QlBruTDb31yFEo7rcKXA8OUvHB1SVLPiVYsVk2rGfquC5zTKdYBgpdwx-Ptb-kDdkJCHGBBIOgwG3og-0eJxK1WBKlysG8gHOc7-M9YYnZwKxhSGgLzHpcQTIb0E5gNdytAk250wef_Ot8_2jc3fuSERunLdr2mE3UKfqLQLceHzCyDpS5shUdTlOo5yoNcmjl5oqzlWZt8KW9voBlBRE6Wk_cdnjcbeBFcLF-c-cWbULs8WkcEb3GeLkHoZS3hU-kyVFO72YL1t80qGdPJn4F0IvN4J1CP7JqmdMxB87RHUhqFGuh5n1x256w0P1PgWWXma5bslJt8AyQoENgVJiROZL6HxmXWUyJDyN5FUo94Wtyd27qJomXKXbh9ymvF2L-sCX42LYA1olpjEY-IWE-McAvGyIe68q9oy8_JmDtfm4kfvt9O36JlGbk-bJAlXs8nxSjRK80YKyLqqzgO2BtFdZf3qWVbKops2NXGXYvNzjG63urslW8onhnQAxYbMvzZXLjEXhmHaNNRxTBZ_G81mVHs1HcUZhXQ&sai=AMfl-YS4rqrHwKUo4yv8-Ccdn6w956eG-tbh0yM6H_qA_4KnZqn-t_dcJnJgTDP5LP4TJfOqeuAXvc8WDEUeAkkZvXqnJn2-sznk9t49LLg0OvgNoDP4sRHIqIxYCLz56ILLjeWXWJ6aHIolp-P7B5pZlC6fBzRMHeWamVqqRpQlssd8EaJ2werNLjCYouwk35KQw-L-axmqn6m-dyWwdFlvDcVey75xjqMcnqKiWZ8e-1h_HfIfXINovu83Ofc-EcUvYMGqz20xaYdVhJl9EihewdkxEjV5pk0sLyiAnTKnvOqOrv2FDVg&sig=Cg0ArKJSzFA3_FK3jzHhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&vt=11&dtpt=143&dett=3&cstd=160&cisv=r20221110.51993&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 12:29:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 12:44:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 12:29:33 GMT
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
142.250.74.34200 OK 5.7 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (7583), with no line terminators
Hash d7b761b3f7946db144b65b980e22849d
fce303a0d0e78aceb1394acfdbcef049a8c51b95
f863a5f37abb220424b96a3a886832acb9b1bfee906d04b8a91bc3cb040123c6
GET /getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 01 Dec 2022 12:29:33 GMT
server: cafe
content-length: 5734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 00aed856b780e79d7f63e87d8cdaf601
041dd50bd3e76de17c3ec3923eb83a30eebf3915
cf280348072036ac2cda5559fbea0b949ad30f021f740e62d3a28d834b0a3d92
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95735
Date: Thu, 01 Dec 2022 12:29:33 GMT
Etag: "6387637b-1d7"
Expires: Fri, 02 Dec 2022 15:05:08 GMT
Last-Modified: Wed, 30 Nov 2022 14:06:51 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GHTj8IuKwlriXCD4VbdXUBNV17sB0QtorfOQ0VXX5zlWrl-uc6SV3Q==
Age: 3497
static.adsafeprotected.com/main.19.8.372.js
54.230.111.5200 OK 62 kB URL HTTP/2 static.adsafeprotected.com/main.19.8.372.js
IP 54.230.111.5:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9b38677a9d3edbfaea519b8404454ba1
42191543e3d05e890be121d1a2397050efb43f93
bd8df4fcf7d40c26c7d685c613d8f1ab76664728d3ffa26cbaf1fb6d8b280a10
GET /main.19.8.372.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Dec 2022 11:37:04 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 10:29:50 GMT
etag: W/"d14aacec1caaa9c45272c77a4a3a1219"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: ZY6.KDkwZ16Aqmox5fB0LbjKMMmKcaXd
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L-NUUM4uTxfKLYgEhuY3QSPLjZEzYP7PnXTnGftkhzhehpYOltpu3g==
age: 3150
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rfw/st/1249020/67005065/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-6429655924489616&ias_chanId=1&ias_placementId=18532123411&bidurl=https://motos.espirituracer.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLsy-3pcxOHnnbYFCGFMxD&adsafe_url=https%3A%2F%2Faec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Faec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8b6070cc-457d-71be-b0f8-cfa4d802e2cf,c:vy0fr9,sl:inView,em:true,fr:false,thd:1,mn:jsserver-primary-7dfd966686-j4l76,rg:ie,pt:1-5-15,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:g,bru:g,an:n,oam:0,mtim:194,mot:0,app:0,maw:0,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:215,oid:cfa7c5e9-7173-11ed-87cc-9a55e2353a68,v:19.8.372,sp:1,st:0,fwm:1,wr:1280.1024,sr:1280.1024,ov:0
34.248.3.167302 Found 0 B URL HTTP/2 fw.adsafeprotected.com/rfw/st/1249020/67005065/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-6429655924489616&ias_chanId=1&ias_placementId=18532123411&bidurl=https://motos.espirituracer.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLsy-3pcxOHnnbYFCGFMxD&adsafe_url=https%3A%2F%2Faec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Faec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8b6070cc-457d-71be-b0f8-cfa4d802e2cf,c:vy0fr9,sl:inView,em:true,fr:false,thd:1,mn:jsserver-primary-7dfd966686-j4l76,rg:ie,pt:1-5-15,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:g,bru:g,an:n,oam:0,mtim:194,mot:0,app:0,maw:0,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:215,oid:cfa7c5e9-7173-11ed-87cc-9a55e2353a68,v:19.8.372,sp:1,st:0,fwm:1,wr:1280.1024,sr:1280.1024,ov:0
IP 34.248.3.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rfw/st/1249020/67005065/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-6429655924489616&ias_chanId=1&ias_placementId=18532123411&bidurl=https://motos.espirituracer.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLsy-3pcxOHnnbYFCGFMxD&adsafe_url=https%3A%2F%2Faec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Faec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8b6070cc-457d-71be-b0f8-cfa4d802e2cf,c:vy0fr9,sl:inView,em:true,fr:false,thd:1,mn:jsserver-primary-7dfd966686-j4l76,rg:ie,pt:1-5-15,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:g,bru:g,an:n,oam:0,mtim:194,mot:0,app:0,maw:0,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:215,oid:cfa7c5e9-7173-11ed-87cc-9a55e2353a68,v:19.8.372,sp:1,st:0,fwm:1,wr:1280.1024,sr:1280.1024,ov:0 HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 01 Dec 2022 12:29:34 GMT
content-length: 0
location: https://static.adsafeprotected.com/passback_970x250.js
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: app15.ie.303net.net
X-Firefox-Spdy: h2
static.adsafeprotected.com/IAS_PassbackAds_970x250.png
54.230.111.5200 OK 29 kB URL HTTP/2 static.adsafeprotected.com/IAS_PassbackAds_970x250.png
IP 54.230.111.5:0
File type PNG image data, 970 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d3f43da9d0d0679ec0dfea58b2f1d45
ce9c2753b784f7521779d86a2c45c2ad0a8cf673
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
GET /IAS_PassbackAds_970x250.png HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 28949
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:18 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 20:04:18 GMT
cache-control: max-age=604800
etag: "9d3f43da9d0d0679ec0dfea58b2f1d45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PzXDXqQoCUlOnY_HYZWXfWA7nfHjPHmA-lqMNj6nm54324P3oc_JfA==
age: 577517
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP4Hy4XdWhjYy-jPo6RFJ-lK8DFpCJAMqLMGCLHidsH45CvaUaOoHVcUpMIZMMznuISTADMJpkb9ydguec8_nT1FmRTM78rYFWXAjlUjN1bDCjvhj0RcGWWzQmZ9DK3kPTopWOrw&sai=AMfl-YREL6xwFa87Sr4WsnebGKGL_uvk5YlvHx4meNBqFtcSJhiRjRfPvBUmNfBFgMzhzlrpRcPtld39P6bywg_C76ZOOGokqSSLim451Fw4_9MNrwT-G2QI4qZ8PRtP3yoAcgpJhqXgfU2EHUJyQpDc&sig=Cg0ArKJSzNtZ8Ms4soRyEAE&cid=CAQSTADq26N95OoawQWNj_3uT-_QLT-hM0zvIZhzs9VWAEVBuFh7l3PUXv_x3r3_gtzPniQ954wX_w4Outis4jqJGeEdKxKq-It8BhzJtb8YASAT&id=lidar2&mcvt=1004&p=524,149,774,1119&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=448157925&rs=4&la=1&cr=0&vs=4&r=v&rst=1669897771703&rpt=254&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP4Hy4XdWhjYy-jPo6RFJ-lK8DFpCJAMqLMGCLHidsH45CvaUaOoHVcUpMIZMMznuISTADMJpkb9ydguec8_nT1FmRTM78rYFWXAjlUjN1bDCjvhj0RcGWWzQmZ9DK3kPTopWOrw&sai=AMfl-YREL6xwFa87Sr4WsnebGKGL_uvk5YlvHx4meNBqFtcSJhiRjRfPvBUmNfBFgMzhzlrpRcPtld39P6bywg_C76ZOOGokqSSLim451Fw4_9MNrwT-G2QI4qZ8PRtP3yoAcgpJhqXgfU2EHUJyQpDc&sig=Cg0ArKJSzNtZ8Ms4soRyEAE&cid=CAQSTADq26N95OoawQWNj_3uT-_QLT-hM0zvIZhzs9VWAEVBuFh7l3PUXv_x3r3_gtzPniQ954wX_w4Outis4jqJGeEdKxKq-It8BhzJtb8YASAT&id=lidar2&mcvt=1004&p=524,149,774,1119&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=448157925&rs=4&la=1&cr=0&vs=4&r=v&rst=1669897771703&rpt=254&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvP4Hy4XdWhjYy-jPo6RFJ-lK8DFpCJAMqLMGCLHidsH45CvaUaOoHVcUpMIZMMznuISTADMJpkb9ydguec8_nT1FmRTM78rYFWXAjlUjN1bDCjvhj0RcGWWzQmZ9DK3kPTopWOrw&sai=AMfl-YREL6xwFa87Sr4WsnebGKGL_uvk5YlvHx4meNBqFtcSJhiRjRfPvBUmNfBFgMzhzlrpRcPtld39P6bywg_C76ZOOGokqSSLim451Fw4_9MNrwT-G2QI4qZ8PRtP3yoAcgpJhqXgfU2EHUJyQpDc&sig=Cg0ArKJSzNtZ8Ms4soRyEAE&cid=CAQSTADq26N95OoawQWNj_3uT-_QLT-hM0zvIZhzs9VWAEVBuFh7l3PUXv_x3r3_gtzPniQ954wX_w4Outis4jqJGeEdKxKq-It8BhzJtb8YASAT&id=lidar2&mcvt=1004&p=524,149,774,1119&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=448157925&rs=4&la=1&cr=0&vs=4&r=v&rst=1669897771703&rpt=254&isd=0&lsd=0&met=ce&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 01 Dec 2022 12:29:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f2371e131db785d8e09e48a0f4fe7dd7
2bea3581e3f2b8307230317284f5b9307a4fa4de
ce6c5c124729c66d89dce2d83d96c344ed26915108ed2ed152ff1a008b7022ba
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104033
Date: Thu, 01 Dec 2022 12:29:34 GMT
Etag: "638783d9-1d7"
Expires: Fri, 02 Dec 2022 17:23:27 GMT
Last-Modified: Wed, 30 Nov 2022 16:24:57 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N_FUVikO_lIHgLBZWuwkMUX18GaebAi2CP3jGqC_0UYRg3daMWCjCg==
Age: 3510
dt.adsafeprotected.com/dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fs0,pingTime:-2,time:268,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:641,beZ:642,mfA:835,cmA:836,inA:836,inZ:839,prA:839,prZ:845,si:856,poA:858,poZ:872,cmZ:872,mfZ:872,loA:893,loZ:899,ltA:908,ltZ:908,mdA:642,mdZ:760%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:268,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:214,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B73~100%5D,as:%5B73~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:216,sinceFw:50,readyFired:true%7D&br=g
54.68.77.207200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fs0,pingTime:-2,time:268,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:641,beZ:642,mfA:835,cmA:836,inA:836,inZ:839,prA:839,prZ:845,si:856,poA:858,poZ:872,cmZ:872,mfZ:872,loA:893,loZ:899,ltA:908,ltZ:908,mdA:642,mdZ:760%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:268,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:214,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B73~100%5D,as:%5B73~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:216,sinceFw:50,readyFired:true%7D&br=g
IP 54.68.77.207:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fs0,pingTime:-2,time:268,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:641,beZ:642,mfA:835,cmA:836,inA:836,inZ:839,prA:839,prZ:845,si:856,poA:858,poZ:872,cmZ:872,mfZ:872,loA:893,loZ:899,ltA:908,ltZ:908,mdA:642,mdZ:760%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:268,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:214,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B73~100%5D,as:%5B73~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:216,sinceFw:50,readyFired:true%7D&br=g HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:29:34 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt09.or.303net.net
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fyk,pingTime:-10,time:659,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220002000220002002220222222202000222000220200000000000222202200002202222200000000000020020000022200022222220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002022022222222000000000020222202022222220002220022020000220200000002000022202220000022200202202220022000200222022220220022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1669897773003%7C%7Cdee8fdfbec208a945a37a5179c90f449%7C%7Cdf16c081c25306654a0efb89b8761a08%7C%7C1f9f84b09326a4e5d1c72c98ac856c55%7C%7Ce900778181dedee32ebada5a02f39c6f%7C%7Cd42686f7b5383f3cc83c29f1f70e3cc1%7C%7C9064acfd122e845c49e535b352ca89c0%7C%7C92cf5d35e9cc73018ce61564ca8b8cd7%7C%7C1663701684%7D
54.68.77.207200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fyk,pingTime:-10,time:659,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220002000220002002220222222202000222000220200000000000222202200002202222200000000000020020000022200022222220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002022022222222000000000020222202022222220002220022020000220200000002000022202220000022200202202220022000200222022220220022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1669897773003%7C%7Cdee8fdfbec208a945a37a5179c90f449%7C%7Cdf16c081c25306654a0efb89b8761a08%7C%7C1f9f84b09326a4e5d1c72c98ac856c55%7C%7Ce900778181dedee32ebada5a02f39c6f%7C%7Cd42686f7b5383f3cc83c29f1f70e3cc1%7C%7C9064acfd122e845c49e535b352ca89c0%7C%7C92cf5d35e9cc73018ce61564ca8b8cd7%7C%7C1663701684%7D
IP 54.68.77.207:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fyk,pingTime:-10,time:659,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220002000220002002220222222202000222000220200000000000222202200002202222200000000000020020000022200022222220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002022022222222000000000020222202022222220002220022020000220200000002000022202220000022200202202220022000200222022220220022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1669897773003%7C%7Cdee8fdfbec208a945a37a5179c90f449%7C%7Cdf16c081c25306654a0efb89b8761a08%7C%7C1f9f84b09326a4e5d1c72c98ac856c55%7C%7Ce900778181dedee32ebada5a02f39c6f%7C%7Cd42686f7b5383f3cc83c29f1f70e3cc1%7C%7C9064acfd122e845c49e535b352ca89c0%7C%7C92cf5d35e9cc73018ce61564ca8b8cd7%7C%7C1663701684%7D HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:29:35 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt16.or.303net.net
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fIk,pingTime:1,time:1279,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1279,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:214,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1084~100%5D,as:%5B1084~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:813,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:216,sis:318%7D&br=g
54.68.77.207200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fIk,pingTime:1,time:1279,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1279,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:214,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1084~100%5D,as:%5B1084~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:813,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:216,sis:318%7D&br=g
IP 54.68.77.207:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1249020&asId=8b6070cc-457d-71be-b0f8-cfa4d802e2cf&tv=%7Bc:vy0fIk,pingTime:1,time:1279,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1279,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:214,wc:0.0.1280.1024,ac:149.609.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1084~100%5D,as:%5B1084~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:813,fm:toLCS9P+11%7C12%7C13%7C14%7C15*.1249020-67005065%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:216,sis:318%7D&br=g HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:29:35 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt14.or.303net.net
X-Firefox-Spdy: h2
static.adsafeprotected.com/sca.17.6.2.js
54.230.111.5200 OK 23 kB URL HTTP/2 static.adsafeprotected.com/sca.17.6.2.js
IP 54.230.111.5:0
Hash aed398586440ec9726d44912bfa4a5a4
73c6ece9201bcaf49ce893bbc3781ca86f9f67c1
919fb9029f7a4451bbfc752d34bc12f78a89e1db378e2862ae079614b3b7644f
GET /sca.17.6.2.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DU_jKwAomJfR1_B7iUlwKyJk8ok52qTcISR3g8uwB71yCJZ-LeyJdg==
age: 6123198
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C500%2C500italic%2C700%2C700italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Clatin-ext%2Ccyrillic
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C500%2C500italic%2C700%2C700italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Clatin-ext%2Ccyrillic
IP 142.250.74.74:0
GET /css?family=Roboto%3A400%2C400italic%2C500%2C500italic%2C700%2C700italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Clatin-ext%2Ccyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 12:29:30 GMT
date: Thu, 01 Dec 2022 12:29:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.ipzmarketing.com/assets/signup_form/v1.js
104.21.76.231200 OK 0 B URL HTTP/2 assets.ipzmarketing.com/assets/signup_form/v1.js
IP 104.21.76.231:0
GET /assets/signup_form/v1.js HTTP/1.1
Host: assets.ipzmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:29:30 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"5a24c87727e5e7e781805c300133b40c"
last-modified: Fri, 11 Mar 2022 16:17:47 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 15341431
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7mLPJEL%2Ba1zzIHGlS5oXdgxEXSS23uPFfje%2FR%2BeqvlrHf1ZG3man71WUpgPXcU1SmUBEPg80b0nK3ZLZtIoBfjbKgO6ts3pN2zN9Zr1CdySqUIO%2BBz01jN28i11MtdKVMrVYyHz819ebg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772bd4299fcbb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rjss/st/1249020/67005065/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-6429655924489616&ias_chanId=1&ias_placementId=18532123411&bidurl=https://motos.espirituracer.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLsy-3pcxOHnnbYFCGFMxD
34.248.3.167200 OK 0 B URL HTTP/2 fw.adsafeprotected.com/rjss/st/1249020/67005065/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-6429655924489616&ias_chanId=1&ias_placementId=18532123411&bidurl=https://motos.espirituracer.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLsy-3pcxOHnnbYFCGFMxD
IP 34.248.3.167:0
GET /rjss/st/1249020/67005065/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-6429655924489616&ias_chanId=1&ias_placementId=18532123411&bidurl=https://motos.espirituracer.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLsy-3pcxOHnnbYFCGFMxD HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:29:33 GMT
content-type: application/javascript;charset=utf-8
pragma: no-cache
cache-control: no-cache
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: fw.adsafeprotected.com
access-control-allow-credentials: true
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Fjalla+One
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Fjalla+One
IP 142.250.74.74:0
GET /css?family=Fjalla+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 12:29:30 GMT
date: Thu, 01 Dec 2022 12:29:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Fjalla+One%3A400%2C700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Fjalla+One%3A400%2C700
IP 142.250.74.74:0
GET /css?family=Fjalla+One%3A400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 12:29:30 GMT
date: Thu, 01 Dec 2022 12:29:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.adsafeprotected.com/passback_970x250.js
54.230.111.5200 OK 0 B URL HTTP/2 static.adsafeprotected.com/passback_970x250.js
IP 54.230.111.5:0
GET /passback_970x250.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aec43e532b16cb6924749e2ea0b2159a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Nov 2022 20:05:11 GMT
cache-control: max-age=604800
etag: W/"094948b2d1170876fb8e76e432d87da6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Nsvn_WVb9xO2G6_kLUw-gxnr28P7Oh_DZhG5PrCYewToCfMpE4NGVg==
age: 577464
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP 216.58.211.14:0
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 12:29:30 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+429; expires=Sat, 30-Nov-2024 12:29:30 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
webanalysis.dev/js/script.js
199.59.243.222200 OK 0 B URL HTTP/2 webanalysis.dev/js/script.js
IP 199.59.243.222:0
Analyzer Verdict Alert fortinet Malware
GET /js/script.js HTTP/1.1
Host: webanalysis.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 12:29:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: parking_session=fc960300-7be6-0e0a-ee55-45a6ec377dde; expires=Thu, 01-Dec-2022 12:44:30 GMT; Max-Age=900; path=/; HttpOnly
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_g6HnE7Cqq6HjrIFAqT+pU3LNw0KkoIbKzaSkQi53O8tdsWdzwoQIy1RDwuWoJrthnM2SKPYOSyH5bl6CpOzG5Q==
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2