mboost.me/a/91j
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/91j HTTP/1.1
Host: mboost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 14 Jan 2023 23:50:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 Jan 2023 00:50:59 GMT
Location: https://mboost.me/a/91j
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0scy30yhxIFldaPlpUbkN1yIFiJueElRlC4Zp5yOA6l1D1t8PmGQdnWFiHYWnHgIGM2ZDPz7LN1x7py0WYvNdh5ear3nx3jGmX8Y64yGzF8y2EkS1GGHWHKrbJU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789a46edbda0b515-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15839
Expires: Sun, 15 Jan 2023 04:14:58 GMT
Date: Sat, 14 Jan 2023 23:50:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10287
Expires: Sun, 15 Jan 2023 02:42:26 GMT
Date: Sat, 14 Jan 2023 23:50:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 23:42:04 GMT
content-type: application/json
age: 535
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2433
Expires: Sun, 15 Jan 2023 00:31:32 GMT
Date: Sat, 14 Jan 2023 23:50:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gY790UpUgblPM/quDmoBxzVNOVPh8DVnU0tzFKmbzbYCR4C5ikT77lY7fatzS4LLzYs8JOQ0cgo=
x-amz-request-id: TJEWVQ96JWGDNYH2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 22:55:08 GMT
age: 3351
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:50:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 523 B IP 142.250.74.131:0
Hash 84cc123cdd104a490c8c13d60fe988a7
520bbc6d62a0edb6f2a0b60f96be43b685dfd8c8
26bd3e0fe4870e07d942e43e0f98ae1a41a5608ba41ebd9de89e1e3229c2dfed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-5G1MH09G6M
142.250.74.40200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-5G1MH09G6M
IP 142.250.74.40:0
File type ASCII text, with very long lines (20080)
Hash d775007a169cf1caba4239d56015c509
a996427b64f54afaff18a7b5e35e088f07888b10
b2f8609c985488ef24d537d72d45a1aa1951c214c088d6279082204173804161
GET /gtag/js?id=G-5G1MH09G6M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 23:51:00 GMT
expires: Sat, 14 Jan 2023 23:51:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
142.250.74.74200 OK 716 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
IP 142.250.74.74:0
Hash 26a454fc04d8bcf5a022ffba803a7775
ee1bcb54460227048b8ac61dc23dd7be32950b52
030e0a49bb0eed5bc47044f4be09c957a95c71aa8bc5fca2553fe545e92bc79e
GET /css?family=Lato:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 23:51:00 GMT
date: Sat, 14 Jan 2023 23:51:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 23:33:45 GMT
age: 1035
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13976, version 1.0\012- data
Hash e7e52c955aa33e618baf437a16539524
13ecb55bb760d6980a1b1331085630ef5ed84e9f
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
GET /s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mboost.me
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 07:46:22 GMT
expires: Fri, 12 Jan 2024 07:46:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:50:23 GMT
content-type: font/woff2
age: 230678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14148, version 1.0\012- data
Hash 69b28056044be6438ce7e5214c66ba82
39ee8d4427a6062f942513b5b219a320068c7ae7
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mboost.me
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 17:11:32 GMT
expires: Wed, 10 Jan 2024 17:11:32 GMT
cache-control: public, max-age=31536000
age: 369568
last-modified: Tue, 26 Apr 2022 16:41:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13904, version 1.0\012- data
Hash 5589842cc46587294240b2cc0c7a0f98
f1bb816b059acaaca4e925375c0c440f48810c6e
fdfdf90531f4bce8ee5fbb9da2e6736f462011670e5af0b0db44d6152c049076
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mboost.me
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 13:50:30 GMT
expires: Sun, 14 Jan 2024 13:50:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:11 GMT
content-type: font/woff2
age: 36030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4599
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:00 GMT
Last-Modified: Sat, 14 Jan 2023 22:34:21 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 14 Jan 2023 22:41:07 GMT
expires: Sun, 15 Jan 2023 00:41:07 GMT
cache-control: public, max-age=7200
age: 4193
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
router.infolinks.com/usync/lcmanage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/lcmanage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/lcmanage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f58c97b4f3-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qf+ChKw2ARtbfxlrUcbNKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jeCcW/a1Lli8KCVFY5tLK9XaJmc=
ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
104.18.33.19302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:00 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 789a46f6eeb10b31-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8M-5CcpI4qqyVloEP8qEQAA; Path=/; Domain=casalemedia.com; Expires=Sun, 14 Jan 2024 23:51:00 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1871; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Apr 2023 23:51:00 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1871; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Apr 2023 23:51:00 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5K%2FZmD%2FU%2FmfpDbMmlKRAM0ePArzcoqXYbJL%2BRcXhXQKWp0Ya5ofqUfEB6NZSVNnbIiebWrmDB52CiVHPdXW0ELraWlmLLMX6eV2sttgREDEzJkBkcFNdAXLT4yMYRJFJ2fhWhFZ0DBw1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4f446caf76ceff6ffcd5a2f38764f44a
d16033665d33d3f88e4911b8e66d9651156e77ce
5a9fd60925ac60bd4512ba1d16ac042f3aed819c1e034e3cfb1ebb9409b6fdd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Last-Modified: Sat, 14 Jan 2023 22:22:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
2.18.172.23302 Moved Temporarily 154 B URL HTTP/1.1 cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
IP 2.18.172.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 154
Content-Type: text/html
Location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
Set-Cookie: data-inf=setstatuscode~~41;Expires=Fri, 14 Apr 2023 23:51:01 GMT;path=/;domain=.media.net;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
X-MNET-HL2: E
Expires: Sat, 14 Jan 2023 23:51:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 14 Jan 2023 23:51:01 GMT
Connection: keep-alive
router.infolinks.com/dyn/iq-usync
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/dyn/iq-usync
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyn/iq-usync HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f6ddbfb4f3-OSL
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=598ce3ddaee8c90
51.89.9.252204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=598ce3ddaee8c90
IP 51.89.9.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
185.89.210.46307 Redirection 1.3 kB URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
IP 185.89.210.46:0
Hash afd53c47ba2bb303bb15d631deab6174
4b0ce96367a687ede22e29e9855532cd38c9a600
fef55e70478577d51a8bfbac97361cbb83d788cdb33dc37470de5f74f25e2d89
GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 6e2c5572-1f90-4753-adc5-f09ddf7e3689
Set-Cookie: uuid2=3625960961439022533; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 400de606693e6019e14dabbf397d6837
b894326e556c85ddbeb615955805fd3fc654b79a
4d333674dec9ce863404c5f6b80513e70023724f8db764fbc230ee4c2802f23f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4601
Cache-Control: max-age=145227
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c2c237-1d7"
Expires: Mon, 16 Jan 2023 16:11:28 GMT
Last-Modified: Sat, 14 Jan 2023 14:54:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fmboost.me%252Fa%252F91j&pid=12306&adnxs_uid=$UID
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fmboost.me%252Fa%252F91j&pid=12306&adnxs_uid=$UID
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fmboost.me%252Fa%252F91j&pid=12306&adnxs_uid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fmboost.me%25252Fa%25252F91j%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 6671555f-28bb-4c9d-b2f6-5e60b4b0f3d9
Set-Cookie: uuid2=8889930751324578104; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ad312d637689e5bad810aad96fbcbdaa
6fdddace49961ed53f69f9b95a925927f782a915
fec1cab8c10ea908f54c4d1da49e1a603b384a14e7698cf2d78b1bc851cc394e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 588
Cache-Control: max-age=142272
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c2c659-1d7"
Expires: Mon, 16 Jan 2023 15:22:13 GMT
Last-Modified: Sat, 14 Jan 2023 15:12:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
185.89.210.46302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: 691d35e6-059d-4806-a87f-b76254d260ab
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cd9cc328fb5d6fdf8da24ff3622b7f33
6c3548099e6895b778f6b597a0e44075d57ed099
fffa94c5855965d725ed0ac13be34cb5c10b6692fc798764f50ec1347b7357e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 13:55:56 GMT
Expires: Sat, 21 Jan 2023 13:55:55 GMT
Etag: "6c3548099e6895b778f6b597a0e44075d57ed099"
Cache-Control: max-age=568493,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a46f7dd0bb50f-OSL
u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
34.98.64.218200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 318ac1651b36049882eb573b4f3b6939
19bbd4afc1f640e4f1437ffd9fb457cc0c798cc4
a78e24fec00a00faad694623292dc44cde2b7e6578963cb7ae21e9de3308421c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=157558
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c2ef36-1d7"
Expires: Mon, 16 Jan 2023 19:36:59 GMT
Last-Modified: Sat, 14 Jan 2023 18:06:46 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fmboost.me%25252Fa%25252F91j%26pid%3D12306%26adnxs_uid%3D%24UID
185.89.210.46302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fmboost.me%25252Fa%25252F91j%26pid%3D12306%26adnxs_uid%3D%24UID
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fmboost.me%25252Fa%25252F91j%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fmboost.me%2Fa%2F91j&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: c81de623-dd6f-42e0-919a-66ddeaf917c9
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ups.analytics.yahoo.com/ups/58422/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOU_w2MCEImCdHd3LyPbug_R9WInNrwFEgEBAQGRxGPNYwAAAAAA_eMAAA&S=AQAAAudgG6AHja-pG4LUCayNLd0; Expires=Mon, 15 Jan 2024 05:51:01 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
91.228.74.168302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
IP 91.228.74.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=I6YmZybzIGE4pyRjIqRoNS33JzA483VsJ_ce8eqx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EFcBDQGGKM2aswA; expires=Fri, 14-Apr-2023 23:51:01 GMT; path=/; domain=.quantserve.com
mc=63c33fe5-2a771-a8bbd-f082b; expires=Wed, 14-Feb-2024 23:51:01 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 95cdc42c7aafc79bcf39c7289570e91a
9df4a3f9ecc93dbadd78ea06679661c3d80a70e4
2d94c01c17995d40d71121b16d24ac0dd716418e35006f3acb5f178f2c3849b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2106
Cache-Control: max-age=123632
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c2779b-1d7"
Expires: Mon, 16 Jan 2023 10:11:33 GMT
Last-Modified: Sat, 14 Jan 2023 09:36:27 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a5581613f9a4041f0c93eac85f7f0e5c
8bb18529dbfddc332ffceb35de51161686dbc0ee
3abe91cc743af5f8ca69539aa9f994cb48aeb803fbf1fbe6a2044be076b86b29
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 23:51:01 GMT
Last-Modified: Sat, 14 Jan 2023 22:38:16 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4tWyu5Lrts2rGWQRGQvPK1pbbq90ExsEtQba_GtYpznrim1tqrYswQ==
Age: 4366
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 34ed762b9bdf9831c1387f626764323c
34206de4002d8add9ed84a19bd53f5c4be10477c
34af5157301b88098f386744a5107c0f6baddcb088af79db6383a8b4fbdce67d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90235
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c1f93b-1d7"
Expires: Mon, 16 Jan 2023 00:54:56 GMT
Last-Modified: Sat, 14 Jan 2023 00:37:15 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z7Dtf8ULIhNqoaYzsdbU9ze3bJF70cnRj_A-gWvUVQFxb4jG57GQJA==
Age: 1061
router.infolinks.com/dyn/mnet-usync?uid=0000EEA
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/mnet-usync?uid=0000EEA
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Fri, 14 Jan 2022 23:51:01 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f7ce91b4f3-OSL
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58422/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 23:51:01 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOU_w2MCEKamEH08TjZ0P298o6KMk7UFEgEBAQGRxGPNYwAAAAAA_eMAAA&S=AQAAAmy6NcBcvaPhbEAATti2uTE; Expires=Mon, 15 Jan 2024 05:51:01 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
104.18.33.19200 OK 142 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
IP 104.18.33.19:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 7e69263caeb8274135b86bc2daaab245
4561e5553d1ac0e2f0d4455a4d829c865d269f4a
71b382acf0cd341221dbc74e9db82e8a8c279bfaf428a9a71b099ff62b5ba8db
GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html
cf-ray: 789a46f75ef90b31-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmJomtFlhxeFy%2Ft8NxPhvSN5oe8W%2FE6H2TCKk4Eca3S9BEQrAgYHryGzG1%2B9KAbwAUxP0RrjtuvZUNBnpv64Cq0wyeoLyQsbGwQZRDVdpMaUN2bOcG6vPb2aNR3V22bVJoMd%2FM9E1ucGwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
198.47.127.18302 Found 272 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
IP 198.47.127.18:0
File type HTML document, ASCII text
Hash ebb92a4e4bfa9f49081d6d5490b87169
e986871fb2a1067935b9f45ff4ba155383056b29
fd3de728a94f948ba814f33b0020466ae949a4c493784a6b7a5f23687385747d
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sat, 14 Jan 2023 23:51:00 GMT
content-length: 272
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 400de606693e6019e14dabbf397d6837
b894326e556c85ddbeb615955805fd3fc654b79a
4d333674dec9ce863404c5f6b80513e70023724f8db764fbc230ee4c2802f23f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Last-Modified: Sat, 14 Jan 2023 22:37:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
region1.google-analytics.com/g/collect?v=2&tid=G-5G1MH09G6M>m=2oe1a1&_p=1737742808&cid=1038445069.1673740261&ul=en-us&sr=1280x1024&_s=1&sid=1673740260&sct=1&seg=0&dl=https%3A%2F%2Fmboost.me%2Fa%2F91j&dt=Check%20us%20out%20first!%20%7C%20MediaBooster&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-5G1MH09G6M>m=2oe1a1&_p=1737742808&cid=1038445069.1673740261&ul=en-us&sr=1280x1024&_s=1&sid=1673740260&sct=1&seg=0&dl=https%3A%2F%2Fmboost.me%2Fa%2F91j&dt=Check%20us%20out%20first!%20%7C%20MediaBooster&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5G1MH09G6M>m=2oe1a1&_p=1737742808&cid=1038445069.1673740261&ul=en-us&sr=1280x1024&_s=1&sid=1673740260&sct=1&seg=0&dl=https%3A%2F%2Fmboost.me%2Fa%2F91j&dt=Check%20us%20out%20first!%20%7C%20MediaBooster&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mboost.me
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mboost.me
date: Sat, 14 Jan 2023 23:51:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
router.infolinks.com/gsd?evt=afterGSD&pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&jsv=1840.014-3.025&_cb=16737402609620
172.66.42.247200 OK 536 B URL HTTP/2 router.infolinks.com/gsd?evt=afterGSD&pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&jsv=1840.014-3.025&_cb=16737402609620
IP 172.66.42.247:0
Hash 8332652e88644ac8823df796e8cf6ed5
ef6d1c82c49ac281e3c31ec8dec6e59990fb5030
530002edc5aa8a788664953e3045ebac89f15ab6f24c8e3e1f9bf204522f3a53
GET /gsd?evt=afterGSD&pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&jsv=1840.014-3.025&_cb=16737402609620 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-type: text/javascript;charset=UTF-8
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: max-age=0
p3p: CP="NON DSP NID OUR COR"
set-cookie: cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be; Domain=infolinks.com; Expires=Mon, 13-Jan-2025 23:51:00 GMT; Path=/; SameSite=None; Secure
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f58c9cb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e8cf5f3caffab43010fb3250e5def56f
7231de9ec663e869a726b442f78f38d4f6320c97
b873a0ec706838a80dbc9f7f77fbf5016203d9e2515d1d34a327ef76a88522c8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 14 Jan 2023 21:03:04 GMT
Expires: Sun, 15 Jan 2023 21:03:04 GMT
ETag: "7231de9ec663e869a726b442f78f38d4f6320c97"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21a34783e5a8540efb89d03ec468678b
907bf52ff307717326d5739ab0927f6a5ab942d8
da6b679970dfdcbdceb4a42a23986d46443b2474644a2671ba75b53dafc95f72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3528
Cache-Control: max-age=98825
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c21126-1d7"
Expires: Mon, 16 Jan 2023 03:18:06 GMT
Last-Modified: Sat, 14 Jan 2023 02:19:18 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.156.0.31301 Moved Permanently 360 B URL HTTP/2 pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.156.0.31:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ef184c6b065a63adf6c94f609c0a0c72
12e8af72d7af8f029d4300991e1eda7ec9f2545b
b01d8ed4f119579d92815a648e454327ae4af8a4592e98462fb72f414ddba9af
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 14 Jan 2023 23:51:01 GMT
server: ATS/9.1.10.25
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
content-type: text/html
content-language: en
set-cookie: A3=d=AQABBOU_w2MCEMIH7cEDxtTKSRmv8CXX8lMFEgEBAQGRxGPNYwAAAAAA_eMAAA&S=AQAAAs6ZYp2aN5dZRpVSDSFwLzo; Expires=Mon, 15 Jan 2024 05:51:01 GMT; Max-Age=31557600; Domain=.advertising.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 360
X-Firefox-Spdy: h2
ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
54.93.156.152302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 54.93.156.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=b58be573-882c-4958-8528-79cc0824c0f7; Expires=Fri, 14 Apr 2023 23:51:01 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1673740261; Expires=Fri, 14 Apr 2023 23:51:01 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
198.47.127.18200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
IP 198.47.127.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d37a292be1cb14404731cdb3f9ab952e
088e4edbd57126bf1a04ad8971120cb4279df85a
d23e0cdda7960fb43fbc6d05f0fb2d6b6040df2dc1230dee10ab7316fe98442a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 14:15:44 GMT
Expires: Sat, 21 Jan 2023 14:15:43 GMT
Etag: "088e4edbd57126bf1a04ad8971120cb4279df85a"
Cache-Control: max-age=569681,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a46f8adc2b50f-OSL
router.infolinks.com/dyn/apn-usync?user_id=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/apn-usync?user_id=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/apn-usync?user_id=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f82ef6b4f3-OSL
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
198.47.127.18200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
IP 198.47.127.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:50:59 GMT
content-length: 0
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
54.93.156.152200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 54.93.156.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOU_w2MCEPP5O9BK3ZXkGlPl8pb7mogFEgEBAQGRxGPNYwAAAAAA_eMAAA&S=AQAAAh14aelx-ibnE6KchNkLhQk; Expires=Mon, 15 Jan 2024 05:51:01 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
216.52.2.30204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
IP 216.52.2.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 14 Jan 2023 23:51:01 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap6ams1
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cd9cc328fb5d6fdf8da24ff3622b7f33
6c3548099e6895b778f6b597a0e44075d57ed099
fffa94c5855965d725ed0ac13be34cb5c10b6692fc798764f50ec1347b7357e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 13:55:56 GMT
Expires: Sat, 21 Jan 2023 13:55:55 GMT
Etag: "6c3548099e6895b778f6b597a0e44075d57ed099"
Cache-Control: max-age=568493,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a46f7ddf10b39-OSL
p.rfihub.com/cm?pub=43153&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=43153&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=43153&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 14 Jan 2023 23:51:01 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjU3NjMzNTUzMRTiM9QtS7LMSfP0dTUryNIFAAE8Z7MlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_1slzmtoZm5sbmJgZGZoZGEKALgvDjIQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 8 Feb 2024 23:51:01 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjU3NjMzNTUzMRTiM9QtS7LMSfP0dTUryNIFAAE8Z7MlAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 8 Feb 2024 23:51:01 GMT; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5109685625736655641
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 59f61b6a017137010b124b219ca6136e
b6155334914b9c99f9349a387887476bc7cc1a8e
a851ba536ff61dbe81f553a46df4ac5494be033217c144b026c5c72bcf229c28
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 14 Jan 2023 20:50:53 GMT
Expires: Sun, 15 Jan 2023 20:50:53 GMT
ETag: "b6155334914b9c99f9349a387887476bc7cc1a8e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7faf42637ea43ac6f0ca23f81bdf1a6b
7131978c3921b47040838e74ba862034f09f7b4d
2c105c6130a00fff88d291d46c0759d483859bd21de5c7c3511265b1506175d6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 19:14:54 GMT
Expires: Thu, 19 Jan 2023 19:14:53 GMT
Etag: "7131978c3921b47040838e74ba862034f09f7b4d"
Cache-Control: max-age=414831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a46f8fdfab50f-OSL
router.infolinks.com/dyn/qc-usync?&uid=I6YmZybzIGE4pyRjIqRoNS33JzA483VsJ_ce8eqx
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/qc-usync?&uid=I6YmZybzIGE4pyRjIqRoNS33JzA483VsJ_ce8eqx
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/qc-usync?&uid=I6YmZybzIGE4pyRjIqRoNS33JzA483VsJ_ce8eqx HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=I6YmZybzIGE4pyRjIqRoNS33JzA483VsJ_ce8eqx; Domain=infolinks.com; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Fri, 14 Jan 2022 23:51:01 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f87f4db4f3-OSL
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 23:51:01 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOU_w2MCEJyhc7A0SECw4SFiRU1COqYFEgEBAQGRxGPNYwAAAAAA_eMAAA&S=AQAAAmlCNi9AjGda4kvK4noAmAs; Expires=Mon, 15 Jan 2024 05:51:01 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
router.infolinks.com/dyn/r1-usync?uid=OPTOUT
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/r1-usync?uid=OPTOUT
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/r1-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: R1USERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Fri, 14 Jan 2022 23:51:01 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f8af75b4f3-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 06cd5906f8d849585f54d7e600f04fbb
a7f46ba7f04d8787837c47d376391bae1a96972f
3d1f8e5a87a5a009366015902740efd52cf3aab33adc0b82f2defdc2c0b391f3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133266
Date: Sat, 14 Jan 2023 23:51:01 GMT
Etag: "63c29990-1d7"
Expires: Mon, 16 Jan 2023 12:52:07 GMT
Last-Modified: Sat, 14 Jan 2023 12:01:20 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K6G6Zi3qyW1pyRMgVUAfzfEmZQmacRjwC01cIPybdi-s8yHgM5yf6A==
Age: 3047
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e94c770c54fb1794cd09b789ab9d7ccf
df7942050a08f20facf1b5fb912fd5a43fba08f6
3cc221d4875fcc26775c9348e2d826a3e1a923f48d761b2c041613292b2f9681
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 23:33:46 GMT
Expires: Wed, 18 Jan 2023 23:33:45 GMT
Etag: "df7942050a08f20facf1b5fb912fd5a43fba08f6"
Cache-Control: max-age=343963,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a46f93ed70b39-OSL
s.cpx.to/ca.png?ref=https%3A%2F%2Fmboost.me%2Fa%2F91j&pid=12306&adnxs_uid=0
52.210.53.232200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?ref=https%3A%2F%2Fmboost.me%2Fa%2F91j&pid=12306&adnxs_uid=0
IP 52.210.53.232:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?ref=https%3A%2F%2Fmboost.me%2Fa%2F91j&pid=12306&adnxs_uid=0 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: image/png
Date: Sat, 14 Jan 2023 23:51:01 GMT
Expires: Sat, 14 Jan 2023 23:51:01 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache, no-cache
Set-Cookie: cpSess=4d6c0ec4ab4300e; Expires=Sun, 14 Jan 2024 23:51:01 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive
sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
69.166.1.12302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
IP 69.166.1.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-113
X-Xss-Protection: 0
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=47c1a8f8-c8d6-41b3-984b-1db43184d673
Server: sonobi-go
Set-Cookie: __uis=47c1a8f8-c8d6-41b3-984b-1db43184d673; expires=Mon, 13 Feb 2023 23:51:00 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s85113|Y8M/6; path=/; domain=.go.sonobi.com; SameSite=None; secure
b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
50.31.142.127302 Found 70 B URL HTTP/1.1 b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
IP 50.31.142.127:0
File type HTML document, ASCII text
Hash 16ccc9da763aca428789e4f469fc7ff1
4a873c523b8d9bdbc30b8c48189817413a19ee7a
5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1
GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Sat, 14 Jan 2023 23:51:01 GMT
router.infolinks.com/dyn/zeta-usync?uid=5109685625736655641
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zeta-usync?uid=5109685625736655641
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zeta-usync?uid=5109685625736655641 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5109685625736655641; Domain=infolinks.com; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Fri, 14 Jan 2022 23:51:01 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f92ff6b4f3-OSL
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.211.10200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2791)
Size 126 kB (125837 bytes)
Hash d41f9eb373f6d389916d2354e8106f45
92822b81e8af2d74ff91b05dc563155584696144
6a7265e29c29d383677a1a779b58337c684fd85847d7106a1ac46b91eef6ee69
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125837
date: Sat, 14 Jan 2023 23:51:01 GMT
expires: Sat, 14 Jan 2023 23:51:01 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
67.202.105.31200 OK 75 B URL HTTP/2 de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
IP 67.202.105.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 1ca09ed98f39d2adb7fab3878d13c0cb
da2a6f2431a34dfcc99b6f4500833f783f149d19
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
GET /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sun, 15 Jan 2023 23:51:01 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Sat, 14 Jan 2023 23:51:01 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
resources.infolinks.com/static/skins/loader.gif
172.66.42.247200 OK 962 B URL HTTP/2 resources.infolinks.com/static/skins/loader.gif
IP 172.66.42.247:0
File type GIF image data, version 89a, 30 x 30\012- data
Hash d817e8fd864b84f7d546807d800588ea
6a66609f160ee1640b0d0eddd5fdd96a95a1c4ef
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
GET /static/skins/loader.gif HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 962
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1631, status=webp_bigger
etag: "65f-54142035d0066"
expires: Mon, 13 Feb 2023 21:13:15 GMT
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
via: 1.1 google
cf-cache-status: HIT
age: 9466
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46fa3916b4f3-OSL
X-Firefox-Spdy: h2
resources.infolinks.com/js/1840.014-3.025/in_search.js
172.66.42.247200 OK 94 kB URL HTTP/2 resources.infolinks.com/js/1840.014-3.025/in_search.js
IP 172.66.42.247:0
Hash e7884b09a2e3375da41c1fc78356f840
5c6c4247bea73df74f36f02ce6673e23e43a5493
c38277129efb0fcc5d284af5696320be7e3b3d05f9c2b101e8cd323490cbaf30
GET /js/1840.014-3.025/in_search.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:33:56 GMT
etag: W/"37760-5f12edb79b968"
cache-control: max-age=2592000
expires: Mon, 13 Feb 2023 20:18:39 GMT
via: 1.1 google
cf-cache-status: HIT
age: 12742
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46f9a892b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673740261310
213.19.147.44302 Found 35 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673740261310
IP 213.19.147.44:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673740261310 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
router.infolinks.com/dyn/sonobi-usync?uid=47c1a8f8-c8d6-41b3-984b-1db43184d673
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/sonobi-usync?uid=47c1a8f8-c8d6-41b3-984b-1db43184d673
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/sonobi-usync?uid=47c1a8f8-c8d6-41b3-984b-1db43184d673 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=47c1a8f8-c8d6-41b3-984b-1db43184d673; Domain=infolinks.com; Expires=Fri, 14-Apr-2023 23:51:01 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Fri, 14 Jan 2022 23:51:01 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f9f8d6b4f3-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zmn-usync?uid=
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zmn-usync?uid=
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zmn-usync?uid= HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f9f8d9b4f3-OSL
X-Firefox-Spdy: h2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
54.236.119.116302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
IP 54.236.119.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-length: 0
location: https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Sun, 14 Jan 2024 23:51:01 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
resources.infolinks.com/js/vidice/2.0/vidice.js
172.66.42.247200 OK 88 kB URL HTTP/2 resources.infolinks.com/js/vidice/2.0/vidice.js
IP 172.66.42.247:0
File type Unicode text, UTF-8 text, with very long lines (46979), with CRLF line terminators
Hash 9ad896d19f9e04f44b116a452bf8b8b7
c72c409421b22a51242f9b95e2c7c9f913c460a0
0c67d4ec0d23ddc306fbfd0482fa6aef9c7d751b45b9d1fb1ac78c77c2bcacc6
GET /js/vidice/2.0/vidice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: application/javascript
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
etag: W/"5344d-5d6649709d511"
cache-control: max-age=2592000
expires: Mon, 13 Feb 2023 21:04:39 GMT
via: 1.1 google
cf-cache-status: HIT
age: 9982
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46fb09dbb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
resources.infolinks.com/js/pbice/3.025/pbice.js
172.66.42.247200 OK 88 kB URL HTTP/2 resources.infolinks.com/js/pbice/3.025/pbice.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (45562), with escape sequences
Hash bf648a3a455df42300cc2fd325fcd3a0
3cd4b443b1153ed93136294a79690ce3c1fa538a
5c912222278bf0a03d310603f7c593a24ecc0fd17cd52ef1dcdb0043fc0f75b2
GET /js/pbice/3.025/pbice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: application/javascript
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
etag: W/"45adc-5c5f8851c3ea8"
cache-control: max-age=2592000
expires: Mon, 13 Feb 2023 20:24:51 GMT
via: 1.1 google
cf-cache-status: HIT
age: 12370
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46f9a894b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rt3009.infolinks.com/action/getads.htm?hks=%5B%5D&rid=42cb7fcc-e948-4373-af3a-27e6da7a46f7&jsv=1840.014-3.025&sr=1280X1002&rts=1673740261742&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&tzo=-0000&c=c&strg=true&rsd=d6r9E2_EnTIzm3QwQxeNjx_0omy_nI8iwB8KKlXjUZtxyeoqIUYTCay36km-Jxb4cCxwYO8LyzzEvjENTmXUhk_bW1gfxQVu0zSE4WdjwyesN3ewEkiKY-DnhWYsbUcMr486pGPU5eWGJKVyQsuIVoUPxv3nLdRS&rsk=12&rcs=Xspuw8DrFfJRWi4oP8CPSg&cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be&hbnr=false
172.66.42.247200 OK 0 B URL HTTP/2 rt3009.infolinks.com/action/getads.htm?hks=%5B%5D&rid=42cb7fcc-e948-4373-af3a-27e6da7a46f7&jsv=1840.014-3.025&sr=1280X1002&rts=1673740261742&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&tzo=-0000&c=c&strg=true&rsd=d6r9E2_EnTIzm3QwQxeNjx_0omy_nI8iwB8KKlXjUZtxyeoqIUYTCay36km-Jxb4cCxwYO8LyzzEvjENTmXUhk_bW1gfxQVu0zSE4WdjwyesN3ewEkiKY-DnhWYsbUcMr486pGPU5eWGJKVyQsuIVoUPxv3nLdRS&rsk=12&rcs=Xspuw8DrFfJRWi4oP8CPSg&cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be&hbnr=false
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/getads.htm?hks=%5B%5D&rid=42cb7fcc-e948-4373-af3a-27e6da7a46f7&jsv=1840.014-3.025&sr=1280X1002&rts=1673740261742&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&tzo=-0000&c=c&strg=true&rsd=d6r9E2_EnTIzm3QwQxeNjx_0omy_nI8iwB8KKlXjUZtxyeoqIUYTCay36km-Jxb4cCxwYO8LyzzEvjENTmXUhk_bW1gfxQVu0zSE4WdjwyesN3ewEkiKY-DnhWYsbUcMr486pGPU5eWGJKVyQsuIVoUPxv3nLdRS&rsk=12&rcs=Xspuw8DrFfJRWi4oP8CPSg&cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be&hbnr=false HTTP/1.1
Host: rt3009.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
x-application-context: application:prod
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46fa6949b4f3-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
185.89.210.46302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ssp.disqus.com/match?bidder=14&buyeruid=0&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
AN-X-Request-Uuid: c48a6e71-55ab-466e-9736-92e6ab64030e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
resources.infolinks.com/js/1840.014-3.025/bubble.js
172.66.42.247200 OK 86 kB URL HTTP/2 resources.infolinks.com/js/1840.014-3.025/bubble.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 33e56533b7a7e5ab869b4f5a0b77eecd
f67a141a2232c5d326dd6d1366f67cee2258c811
7a4c1b63d9836bf549117e6df52270617999ab5d7c083567a3a22a5296f9ce5f
GET /js/1840.014-3.025/bubble.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:33:56 GMT
etag: W/"26f1b-5f12edb79b580"
cache-control: max-age=2592000
expires: Mon, 13 Feb 2023 20:41:07 GMT
via: 1.1 google
cf-cache-status: HIT
age: 11394
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46f9988bb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bf7d9b668796b823c9af31c8b26c8822
aa1a6894cfc52f492bf853af4daa03c5ca80a512
8579351c5b2a8be5a0df85d0f017be844d49d8ccfef9a9f50c7035dd569e6b67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 13:57:51 GMT
Expires: Sat, 21 Jan 2023 13:57:50 GMT
Etag: "aa1a6894cfc52f492bf853af4daa03c5ca80a512"
Cache-Control: max-age=568608,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a46fbf8bfb50f-OSL
ssp.disqus.com/match?bidder=14&buyeruid=0&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
54.236.119.116302 Found 0 B URL HTTP/2 ssp.disqus.com/match?bidder=14&buyeruid=0&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
IP 54.236.119.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder=14&buyeruid=0&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:02 GMT
content-length: 0
location: http://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4Ag==%26buyeruid%3D%7BUID%7D
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
67.202.105.21204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
IP 67.202.105.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP003
date: Sat, 14 Jan 2023 23:51:01 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Sun, 15 Jan 2023 00:50:12 GMT
Date: Sat, 14 Jan 2023 23:51:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Sun, 15 Jan 2023 00:50:12 GMT
Date: Sat, 14 Jan 2023 23:51:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcab30cec-aee2-45fb-abc6-f5fa756655b4.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcab30cec-aee2-45fb-abc6-f5fa756655b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f0683862b6f86f1dbf71a69968174df
76d87452f0944626196eb7fa54492e5a3eaaa3b0
d2ae2476f0b8b00c7ce4c11c24c3d558ac76fec3ea430d510ca024dd8f1b037a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcab30cec-aee2-45fb-abc6-f5fa756655b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9382
x-amzn-requestid: d906e5ef-dd02-4440-949c-6e5a0d7a02f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: et_YbH04IAMFR2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c245cf-6b14c4fd24f21e936c2e238c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 06:03:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q2RCYs7dZY9kkcxdIVo2AzBm3jG-kvdhA4btQdCDv2gSSS_ZWXd-9w==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:57:02 GMT
etag: "76d87452f0944626196eb7fa54492e5a3eaaa3b0"
content-type: image/jpeg
age: 6840
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98b4bbbd2711ea868a79154cf2b53000
a3688a7892c5abeac934a5d0a13d4a64c359a2c3
e1565fb3b967e5aefec75f9943780da4a0de245dbc67469402de845e5b028e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3866
x-amzn-requestid: 0d1e5cba-18d2-4632-b45c-1a4db0b83228
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewIRcFg6oAMFttA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320d5-0d59bb2977949c053e99727b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DhDulNcsTyy_OdLR0kogtF8v9jkKyVlyMunJnHTdRKg4wij0xwpUKA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:30 GMT
etag: "a3688a7892c5abeac934a5d0a13d4a64c359a2c3"
content-type: image/jpeg
age: 7952
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b6c3a2c1-b88e-4eb9-9c22-788748559fea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewISXEQ9oAMFbkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320db-0a9f9ac1084e4f02006598cf;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a8kL20Yet_IuO2ZztlKmenTGOFa4BCYHi2B-4B1W1eq5-tCqGK3isg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:35 GMT
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
age: 7947
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kXpAcGM2UzmXWcbf7AJhy_J3Ssq-vWbcHErGAme2fThP9xa72SOPpA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 09:13:30 GMT
age: 52652
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/infolinks?zcc=1&cb=1673740261157
213.19.147.44302 Found 9.5 kB URL HTTP/2 sync.1rx.io/usersync2/infolinks?zcc=1&cb=1673740261157
IP 213.19.147.44:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /usersync2/infolinks?zcc=1&cb=1673740261157 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13ae882d-7dbb-434a-9884-257b0066893d.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13ae882d-7dbb-434a-9884-257b0066893d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c4575eec0c301e834e81fa86fa6cf74
e1e29ce787a925a069ef301fda053b0746f2be6f
f38b38bfabb4099ca0b07b7a5698aecddff62e7b510118a8d3bf8bedb924677d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13ae882d-7dbb-434a-9884-257b0066893d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9412
x-amzn-requestid: cad1eb97-97c1-48c5-8157-02e1f23d115e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSg-FrloAMF9cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0cad2-7b409d827cce81523767680d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:06:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kfzukLwsSpDsuBzA4HnPN-Yd7-Zb-kcW3UcFxQNGI93hCYVWUh2q7w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:56:30 GMT
age: 78872
etag: "e1e29ce787a925a069ef301fda053b0746f2be6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash 10d6cb80de93b9d728d600ac20d35787
73b8eaf66c028d2cea9af54e7f735fda9386f81b
ab4b5e6260d943409119d269c956a9f7fe20cc06dc9e4b50f39ff49854a75075
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Jan 2023 23:51:02 GMT
expires: Sat, 14 Jan 2023 23:51:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3412763198521528992
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4Ag==%26buyeruid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4Ag==%26buyeruid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4Ag==%26buyeruid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 0
rt3009.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22apple%20itunes%22%2C%22scs%22%3A%22v3iwI1ABdW%22%7D%5D&rid=42cb7fcc-e948-4373-af3a-27e6da7a46f7&jsv=1840.014-3.025&sr=1280X1002&rts=1673740261669&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&tzo=-0000&c=c&strg=true&rsd=d6r9E2_EnTIzm3QwQxeNjx_0omy_nI8iwB8KKlXjUZtxyeoqIUYTCay36km-Jxb4cCxwYO8LyzzEvjENTmXUhk_bW1gfxQVu0zSE4WdjwyesN3ewEkiKY-DnhWYsbUcMr486pGPU5eWGJKVyQsuIVoUPxv3nLdRS&rsk=12&rcs=Xspuw8DrFfJRWi4oP8CPSg&cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be&hbnr=false
172.66.42.247200 OK 6.1 kB URL HTTP/2 rt3009.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22apple%20itunes%22%2C%22scs%22%3A%22v3iwI1ABdW%22%7D%5D&rid=42cb7fcc-e948-4373-af3a-27e6da7a46f7&jsv=1840.014-3.025&sr=1280X1002&rts=1673740261669&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&tzo=-0000&c=c&strg=true&rsd=d6r9E2_EnTIzm3QwQxeNjx_0omy_nI8iwB8KKlXjUZtxyeoqIUYTCay36km-Jxb4cCxwYO8LyzzEvjENTmXUhk_bW1gfxQVu0zSE4WdjwyesN3ewEkiKY-DnhWYsbUcMr486pGPU5eWGJKVyQsuIVoUPxv3nLdRS&rsk=12&rcs=Xspuw8DrFfJRWi4oP8CPSg&cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be&hbnr=false
IP 172.66.42.247:0
File type HTML document, ASCII text, with very long lines (7156)
Hash d175f0097f959eb23b4cb7e420ac4b81
70d8c0e119ee86dc1f3e8be129840504ec75856a
20b97d623e9f81c37947e2fe9ee80be4e87e0b4c02db0b10d50289bac1c67c9d
GET /action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22apple%20itunes%22%2C%22scs%22%3A%22v3iwI1ABdW%22%7D%5D&rid=42cb7fcc-e948-4373-af3a-27e6da7a46f7&jsv=1840.014-3.025&sr=1280X1002&rts=1673740261669&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j&tzo=-0000&c=c&strg=true&rsd=d6r9E2_EnTIzm3QwQxeNjx_0omy_nI8iwB8KKlXjUZtxyeoqIUYTCay36km-Jxb4cCxwYO8LyzzEvjENTmXUhk_bW1gfxQVu0zSE4WdjwyesN3ewEkiKY-DnhWYsbUcMr486pGPU5eWGJKVyQsuIVoUPxv3nLdRS&rsk=12&rcs=Xspuw8DrFfJRWi4oP8CPSg&cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be&hbnr=false HTTP/1.1
Host: rt3009.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f9f8dab4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230111/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 14 Jan 2023 13:18:12 GMT
expires: Sat, 28 Jan 2023 13:18:12 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 37970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain= HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 23:51:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain= HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 23:51:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1569)
Hash 405113cd450d20a7a8794680fe6d9085
aa285e8e9e3a07ea817e5bbc81d36c40f3edfe40
884ddf0329fcc7c276fd337734c4454c42c4e9c8ca3ed4371d544c8c3acbdfd9
GET /pagead/js/r20230111/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8889
x-xss-protection: 0
date: Sat, 14 Jan 2023 19:03:53 GMT
expires: Sat, 28 Jan 2023 19:03:53 GMT
cache-control: public, max-age=1209600
age: 17229
etag: 3049769697470197148
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1506)
Hash 5b7f8f3b88683f1be8c3cd38c6eac34c
40ac969c50aa9e810c739114f36da64b9c0032c6
b058db00e166a46363182af58e3b632f131aa773e6721f14808c400ead7943a8
GET /pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7538
x-xss-protection: 0
date: Sat, 14 Jan 2023 18:59:22 GMT
expires: Sat, 28 Jan 2023 18:59:22 GMT
cache-control: public, max-age=1209600
age: 17500
etag: 18140588555649875417
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.3200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.3:0
File type C++ source, ASCII text, with very long lines (1715)
Hash a8db1d294d47636bdece683a03f1d6b6
15e358bcc0adbcba147ccf495a6841ef3d1ab81a
ebe4f61c36a8010492eaf28943f4b94d9ae585ebf1134cf4eb67e084bba2d6f9
GET /mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 00:37:41 GMT
expires: Tue, 11 Apr 2023 00:37:41 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 342801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
router.infolinks.com/usync/manage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j
172.66.42.247200 OK 2.5 kB URL HTTP/2 router.infolinks.com/usync/manage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j
IP 172.66.42.247:0
Hash da9950ace5c9ae735a1328c21b393ecd
cb01da72c78f28ffb62e61b3aee89ee84ddbf0a2
7b2a823214af2e895a85b03175d035f37fb5469f5edfd989b36a7c13a8f0f4bc
GET /usync/manage?pid=3188496&wsid=0&pdom=mboost.me&purl=https%3A%2F%2Fmboost.me%2Fa%2F91j HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f58c99b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/pagead/drt/ui
142.250.74.132302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 142.250.74.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 23:51:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:52:41 GMT
expires: Tue, 09 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 449902
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rt3009.infolinks.com/action/doq.htm?pcode=utf-8&r=16737402611921
172.66.42.247200 OK 0 B URL HTTP/2 rt3009.infolinks.com/action/doq.htm?pcode=utf-8&r=16737402611921
IP 172.66.42.247:0
POST /action/doq.htm?pcode=utf-8&r=16737402611921 HTTP/1.1
Host: rt3009.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://mboost.me
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
access-control-allow-origin: https://mboost.me
vary: Origin
access-control-allow-credentials: true
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cuid=54b8e70a-587f-4ad0-874f-5ceb5499e8be; Domain=infolinks.com; Expires=Mon, 13-Jan-2025 23:51:01 GMT; Path=/; SameSite=None
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789a46f84c6bb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
resources.infolinks.com/js/1840.014-3.025/ice.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/1840.014-3.025/ice.js
IP 172.66.42.247:0
GET /js/1840.014-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:33:56 GMT
etag: W/"2ce35-5f12edb799a27"
cache-control: max-age=2592000
expires: Mon, 13 Feb 2023 20:18:37 GMT
via: 1.1 google
cf-cache-status: HIT
age: 12743
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46f4fbfdb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.mboost.me/v1/login/check
172.67.214.146200 OK 0 B URL HTTP/2 api.mboost.me/v1/login/check
IP 172.67.214.146:0
GET /v1/login/check HTTP/1.1
Host: api.mboost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mboost.me/
Origin: https://mboost.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
access-control-allow-origin: https://mboost.me
vary: Origin
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2GebX7KyVdzSg2cM5qeDCfCSPk4WYK1i%2BQDjGjOUPXIZl1hMb4ZoFReVJCCFmjm09YBnabZWXyryny%2B%2F8b%2FIb0rlokkJ2VO9A4VjgtM55ZWHZW8DWVfgF2aAE%2FT4WKr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a46f3ffe5b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:51:01 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-eb946f02-bcca-4851-852c-5cdda13c9cc4-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Sun, 14 Jan 2024 23:51:01 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673740261310
etag: RXeb946f02bcca4851852c5cdda13c9cc4003
X-Firefox-Spdy: h2
mboost.me/a/91j
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /a/91j HTTP/1.1
Host: mboost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYWvJ659Gw6dbdPqVnpZtO%2BdcU9N5TfzTr%2FDK4JG27Glfc0lpQ0E64UKw1guBVa70%2B25rySx%2Fev7HGBKDaST7Ft08h8dV9IITz3Uz9L6UWM4ovQFCyv5%2BxB%2FcX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a46efa8e7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.infolinks.com/js/infolinks_main.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/infolinks_main.js
IP 172.66.42.247:0
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mboost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:51:00 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 19:06:53 GMT
etag: W/"e02-5f215d1ecea08"
cache-control: max-age=3600
expires: Sun, 15 Jan 2023 00:07:40 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2600
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a46f3eafbb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2