ww1.pawastreams.top/marseille-vs-psg/48841/
172.67.150.183301 Moved Permanently 0 B URL HTTP/1.1 ww1.pawastreams.top/marseille-vs-psg/48841/
IP 172.67.150.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /marseille-vs-psg/48841/ HTTP/1.1
Host: ww1.pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 20:34:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 21:34:15 GMT
Location: https://ww1.pawastreams.top/marseille-vs-psg/48841/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjkL7ili5n%2F66PtClR5%2B0TcUbMdM0%2Fz3Ac%2BDH9ZZaaH%2BL7UqN07NBXXA0CBcRjhJyEGd2An9TBeqehpEeu1SFnxMSLhjiyczIqHhfvAWXy3Z87ocYTRk%2F5wB%2BXgfkH20t41WcfHh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79672521da32b4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4141
Expires: Wed, 08 Feb 2023 21:43:17 GMT
Date: Wed, 08 Feb 2023 20:34:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6014
Expires: Wed, 08 Feb 2023 22:14:30 GMT
Date: Wed, 08 Feb 2023 20:34:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19254
Expires: Thu, 09 Feb 2023 01:55:10 GMT
Date: Wed, 08 Feb 2023 20:34:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:34:13 GMT
content-type: application/json
age: 3
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yaeuARnrA+kSyBijEVttA+4SLprfV/Ajt3Tu3xRb/yWnaQNyZtLLuXclbuSkmu5vsR0b+oBLe5s=
x-amz-request-id: 5JGNXDB5KEDR73QZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 19:46:05 GMT
age: 2891
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
IP 142.250.74.163:0
Hash e9efb9fd7ebdce6af5b705038a811e48
2cfc15b34e1ec75012cf9a073c3c2f97de9ac95c
751e3ccecc5f96392200baa880af72ac92ebc43d10a92f42668fc166376835b1
POST /s/gts1p5/LRRImAdXvF0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 20:14:52 GMT
age: 1164
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Wed, 08 Feb 2023 22:53:20 GMT
Date: Wed, 08 Feb 2023 20:34:16 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.193.125101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.193.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bz2JQoV94zyTaSiBT5WlMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bRMZmbhIO/0se4A+1Cr+bYmFL0Q=
ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/LRRImAdXvF0
IP 142.250.74.163:0
Hash e9efb9fd7ebdce6af5b705038a811e48
2cfc15b34e1ec75012cf9a073c3c2f97de9ac95c
751e3ccecc5f96392200baa880af72ac92ebc43d10a92f42668fc166376835b1
POST /s/gts1p5/LRRImAdXvF0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 9.0 kB IP 142.250.74.163:0
Hash 71e5b6bdb5017e5f6bab1582bbb0a739
0cc2187ee0ebbc4acb776e901a8a9941b31cecb4
63adc387dc4db1ab5fdc499ceba473a55f8c64f9f14407f0b4d14f69d0188ef2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 1.3 kB IP 142.250.74.163:0
Hash 55cee1428725a08975be9c103754ad43
092d09cff62037d397d031cadfbe1b42df71b346
88a201f7216709c09a9450d4b77c74322d7ea086c70bcab982004850d84847c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
Hash a4dc1adafd3d7ee66d93261c4c127bbf
fc6e8637ef43fd0e0b8dc0d1ecfdb81f1a04d859
4e7169a2feac0dc482c97b14be4460054e094713771acaa94ae8f0069e284b42
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 13:09:06 GMT
expires: Wed, 07 Feb 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 113111
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:52:41 GMT
expires: Tue, 06 Feb 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 178896
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
Hash 40441b1d686ac1333a2b5c42b16a0099
93a81f314add0f2b3f1c5141b2e060bfc6e7c7c9
0e4b9c4ecf37c4c7dbf7f6cf121361117e14ab7e6d7160bcf865b3b07807ff1f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 253937
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 2.6 kB IP 142.250.74.163:0
Hash 3a3a75c0236e61736d143c36be8facbe
38a1da38c5413c3d63a20a1c009648da5e51846e
081663d5ab31f8da9fb5b1c5132281c34cf74f33617aa0441b791cd584716ced
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/videojs-hls-quality-selector@1.1.1/dist/videojs-hls-quality-selector.min.js
151.101.65.229200 OK 12 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-hls-quality-selector@1.1.1/dist/videojs-hls-quality-selector.min.js
IP 151.101.65.229:0
Hash 88e7ed3c1c383398b21f501d0ffa9c88
9786177ebf99cebb88f6945f0b79c3e2e7a8d9ab
d1d0cac2041ccaafffea3194f676d0830ea10e1eeccc75e5e1ecc5287c221c94
GET /npm/videojs-hls-quality-selector@1.1.1/dist/videojs-hls-quality-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.1
x-jsd-version-type: version
etag: W/"159b-ajQkQPq7XzevC002e6ih3PU1JEA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 1879336
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2158
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3153
Cache-Control: max-age=89001
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:18 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:17:39 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
cdn.jsdelivr.net/npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js
151.101.65.229200 OK 1.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (3580), with no line terminators
Hash ea067e1639f0139422abd8017fe8787c
20d277fa13df92a0415ba5257d9fa0851310bdc3
618c5c8f0bfaf9d4516d2d13d9af232604731eebcc2e78b09fb9ac059bed80b1
GET /npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.1
x-jsd-version-type: version
etag: W/"dfc-K08E5xkmhMvQd2dwLgQBEkVYPOw"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 20156
x-served-by: cache-fra-eddf8230123-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1515
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js
151.101.65.229200 OK 1.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (2399)
Hash bc6edbb62590f6be22e466c26f47b064
46bc4b5e6d31d04c54a10d3fc30ef8225692abd8
8c2c372b889c4ae521d95e95a98f3e06453ca3288d6dc283f39e9c35b79b48f2
GET /npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.0.0
x-jsd-version-type: version
etag: W/"a36-HIpJYiEHHCGTei+SnZfGpqpzQtA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 2490722
x-served-by: cache-fra-eddf8230091-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1214
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
151.101.65.229200 OK 10 kB URL HTTP/2 cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
IP 151.101.65.229:0
File type HTML document, ASCII text, with very long lines (30387)
Hash 5245fb2ca8b98e72f9b7ae0323d76020
eb6493f5f66936432464d98c47f2f0b200309b5b
75d36b8e1e822c4f74c51fa0a97f24ef4c45afc6059d3df9b0f4cc37acd1f231
GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 28276
x-served-by: cache-fra-eddf8230096-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10250
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
151.101.65.229200 OK 6.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (25391)
Hash 397585b48d8e13831b573102b4380f0a
33544d2f59b2980c7b9025eafab2c0ee5a9797c1
ac4aa1cee8cdbd20582f400b5e960d3f4105a9142afcdf0aff76d817891793e6
GET /npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.1.1
x-jsd-version-type: version
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 37346
x-served-by: cache-fra-eddf8230107-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6903
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
151.101.65.229200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (3010), with no line terminators
Hash a11054242cca130db5848f4b9d3ffaed
e507f254838103754b661b0ce51b6db68b884fe3
38e2fd24956be6f20f42772000e2d5ee1d5c305b0815a86795f56eee9dd8e8b9
GET /npm/cdnbye@latest/dist/clappr-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.20.10
x-jsd-version-type: version
etag: W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 23238
x-served-by: cache-fra-eddf8230109-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1148
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
151.101.65.229200 OK 48 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e2e47222bc960bf244e423e366318b53
a3c3e82c724f528d7794256a1d31afb232471298
9ab0a703d10e83cdccc3f52c8b7b3d64beb4b57e326b06aee79ce410e6eb083a
GET /npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.21.0
x-jsd-version-type: version
etag: W/"2c5b1-Hb5WHC2wG79jOsHQCLzlmXmj4b0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 42059
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47582
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/video.js/7.8.2/alt/video.core.min.js
104.17.24.14200 OK 51 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/7.8.2/alt/video.core.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (45362)
Hash 5c798a739dbf32d5d8e3e6ecf8520d89
9f0d56501221992462a2819e3fd35753aaa97296
5ba0074bb90e4084178c88424f806afa81acf58f8f7317f1e078b067d267849d
GET /ajax/libs/video.js/7.8.2/alt/video.core.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 51126
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecd9241-35e98"
last-modified: Tue, 26 May 2020 22:03:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2259318
expires: Mon, 29 Jan 2024 20:34:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFuxc%2FblBgMTukmOGbLNrbzhUzunso9PSank%2FEMmcISB2PbBQ%2BbceXycyFIDAhaK8S%2FFSTKHOEfiK4PEhteia2PneMq%2Bd1NL7w43AJzoliUiPcz733u5tqHlnMggahBrlV1yQmOW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7967252f1f120b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js
192.0.77.37200 OK 4.0 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js
IP 192.0.77.37:0
Hash 7f44ff2f3fd548281dd67f6af1fa9fdc
e6bdac376776e831f8235e2f5bbf868101aa6592
4ca67a05b16ac2de929fac684aeeef4355ae84c61b05067b4bb760b99f6b32c0
GET /c/6.1.1/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
192.0.77.37200 OK 6.8 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash b951f4936e61030acfc7fe211a85a4a2
3c7a3989bbc09713d971a283f249796ac6437fca
08f089c47d0d4bcb4d7a4ed8a1bd297d898152016ff79f0502a3909d66c313ea
GET /c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
jscdn.greeter.me/pawastreams.tophead.js
205.185.216.42200 OK 8.7 kB URL HTTP/2 jscdn.greeter.me/pawastreams.tophead.js
IP 205.185.216.42:0
File type exported SGML document, ASCII text, with very long lines (1670), with CRLF line terminators
Hash 98f016e94f4e1e714b870ed8bb0d7332
eae76d9884d4d8226ad9ce4f3e6314a2cdf01340
e25ddc3fbbfd63a4d004af8c82d695b56cf95b52237b75c584ff709b6419138d
GET /pawastreams.tophead.js HTTP/1.1
Host: jscdn.greeter.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:18 GMT
cache-control: max-age=3481
content-length: 8655
content-type: text/javascript
last-modified: Tue, 07 Feb 2023 13:07:54 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "98f016e94f4e1e714b870ed8bb0d7332"
x-amz-request-id: tx00000000000001ff02a18-0063e406d3-8600b7fe-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675888458.dop221.sk1.t,1675888458.cds018.sk1.hn,1675888458.cds071.sk1.c
X-Firefox-Spdy: h2
jscdn.greeter.me/pawastreams.topdynamic.js
205.185.216.42200 OK 8.0 kB URL HTTP/2 jscdn.greeter.me/pawastreams.topdynamic.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (7389), with CRLF line terminators
Hash 3e5dae1f6002b43b5d46874304607418
a4674f3d5a354edf51baa0b62c23e2ef82a37c84
29b407a6d9b76d2cc1ef6d31f188881ccd5e8f3e1ac5d8596e6d4fe47a5a01d3
GET /pawastreams.topdynamic.js HTTP/1.1
Host: jscdn.greeter.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:18 GMT
cache-control: max-age=3481
content-length: 7957
content-type: text/javascript
last-modified: Mon, 16 Jan 2023 13:43:50 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "3e5dae1f6002b43b5d46874304607418"
x-amz-request-id: tx00000000000001ffefc4d-0063e406d3-852b6119-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675888458.dop221.sk1.t,1675888458.cds018.sk1.hn,1675888458.cds020.sk1.c
X-Firefox-Spdy: h2
tg1.modoro360.com/api/adserver/spt?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490
95.101.10.154200 OK 6.6 kB URL HTTP/1.1 tg1.modoro360.com/api/adserver/spt?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490
IP 95.101.10.154:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2081)
Hash 43a68d12e561d9b61df7f567157faaf5
bef979c578949fe2069e5dfc510f06c1fb3751b2
03eabad8487a29ac024b764e9bd82d9f4cf5398c584b197df175bdb55b20ba07
GET /api/adserver/spt?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490 HTTP/1.1
Host: tg1.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Access-Control-Max-Age: 1728000
X-Bamboo-C-S: BYPASS
X-Bamboo-C-SkFe: 1
X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
Content-Length: 6610
Cache-Control: max-age=300
Expires: Wed, 08 Feb 2023 20:39:18 GMT
Date: Wed, 08 Feb 2023 20:34:18 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 4.4 kB IP 93.184.220.29:0
Hash 525341d187b993895da23f97bd349e5f
92d30e3ca15bfa70b83634c5db63ab1ae8e8d6d9
8fcf25a6a6a26e65d73f857f23ed38f3d0abf9130c33893443457cfc70b619bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3153
Cache-Control: max-age=89001
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:18 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:17:39 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 9b9530469460dbf1b64579b9c3bf2e53
cf5d7ccc68001f422f2a733702e01044af99e257
532b48f9dab14b46f160b42d5535cdaca92641d3e0d25b341dd48a4b54a601ec
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:18 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "58E98A6761753D3D4819834F3AFAA2C51CE7E33A"
Expires: Thu, 09 Feb 2023 08:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1249
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967252f992b1bfe-OSL
cdn.jsdelivr.net/npm/cdnbye@latest/dist/videojs-hlsjs-plugin.min.js
151.101.65.229200 OK 3.0 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/videojs-hlsjs-plugin.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (7658), with no line terminators
Hash 6054323277a16b17599737c2d2ce783c
5d66b31da736916a55d6835439010f81a615d870
562b42bba4029d2d06c29025dbe94127f72df954b6d7b8983b8d719db63dc536
GET /npm/cdnbye@latest/dist/videojs-hlsjs-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.20.10
x-jsd-version-type: version
etag: W/"1dea-jczigZaTjbLvFYcUZlhdnQPP2Ok"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 27226
x-served-by: cache-fra-eddf8230054-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3014
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-contrib-quality-levels@2.0.9/dist/videojs-contrib-quality-levels.min.js
151.101.65.229200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-contrib-quality-levels@2.0.9/dist/videojs-contrib-quality-levels.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (2648)
Hash 185de0c2aa2eb9a9fb5cd011b2f2a65b
69a9757656fe2cbbb3f48f15ba8519e44903f09a
b9c7b62a2f6add22fd4eb2935e9c1dc68a874ef065a5a089a5826092a58ca548
GET /npm/videojs-contrib-quality-levels@2.0.9/dist/videojs-contrib-quality-levels.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.9
x-jsd-version-type: version
etag: W/"aa8-VOPQwfOFCqeCRFvbaxama+MnYjg"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 7331184
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1134
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
151.101.65.229200 OK 75 kB URL HTTP/2 cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
IP 151.101.65.229:0
Hash 4633176f92e6565b380f0592b8165d52
bb243dff9e65fb894d8f917b3ed9eb2d5d6fe1f0
39d5c5d359c3c14daaf3ab9379b3498563be8230bd7e026371f32fb8285caba6
GET /npm/swarmcloud-hls@latest/dist/p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.6.3
x-jsd-version-type: version
etag: W/"2f8d3-PtvaTMOxMvO+lXnP0hda4YuqtuE"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 35452
x-served-by: cache-fra-eddf8230033-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58097
X-Firefox-Spdy: h2
swarm.video/pawas.js
104.21.17.85200 OK 135 kB IP 104.21.17.85:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 135 kB (134682 bytes)
Hash f7600596a28485f9b16645c6e55728e1
581f8c1ebccb47e298def02f0b301bfcc0761408
5e87f7ef695affb4175485d0e4c1551a35c12fe267fd8f906756969594fb3037
GET /pawas.js HTTP/1.1
Host: swarm.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:18 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=536843
etag: W/"8310b-185548120e7"
last-modified: Tue, 27 Dec 2022 16:53:46 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 2509219
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1aQCcpp5lBDznizZDGDPNCKCN1UOndbJgqYJ5CFO10S4wDpmyKZkrhO9PqpC9qUj6ZEVU0oWq%2FYDcgXvJ7bI5zMK7VqvRXcOMxvO8UG%2Bcvof2ItHP%2BalClp98rVXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967252f8e3bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP 142.250.74.163:0
Hash f0d9ae0c93cf32c49bde12f979278400
dc9f6d1ed742e3b2921db401465ecc7a0c3cdffc
8a199e28aa873ced3c767bdbfe79afc7b259cab248e2eb2cb8ea2609d23352c2
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 6.8 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash def52e568282a4f1a7dcdbc6b1236d41
efa80453c90692843415fea08a591063e552281e
80ffa89257c731a2d6771bdeb22c2b032975dcdf1b29581d78aac21e5bc90740
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7928
Expires: Wed, 08 Feb 2023 22:46:26 GMT
Date: Wed, 08 Feb 2023 20:34:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7928
Expires: Wed, 08 Feb 2023 22:46:26 GMT
Date: Wed, 08 Feb 2023 20:34:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7928
Expires: Wed, 08 Feb 2023 22:46:26 GMT
Date: Wed, 08 Feb 2023 20:34:18 GMT
Connection: keep-alive
c0.wp.com/c/6.1.1/wp-includes/js/imagesloaded.min.js
192.0.77.37200 OK 6.7 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/imagesloaded.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (5477)
Hash d80882bf9b994404504a5c657d096d33
8e9c52a5e4198019ae9200afd3c439ff6259c3d4
29549ed6183999718ec72f8f05c5f44defc203efa3e48716e6e66ff74fc80016
GET /c/6.1.1/wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 80529
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 82335
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
Hash 50e2927bef52e15a28f08fb3d616fabe
333cac7cda76464c70f64b1c9ae762fbbb87a2bb
a9fe220255ee022c276397f9cd803bd58092ee92791018e6bbcbfc569049b0ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xc32O6lBfn7jYg9I3VlZ5FnR9YpJtU3DbYD_ozsf_-R_Ih1-2e1-CQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:10 GMT
age: 82328
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
services.vlitag.com/adv1/?q=5e55d141408181154f504552cd25c8e3
104.22.59.199200 OK 153 kB URL HTTP/2 services.vlitag.com/adv1/?q=5e55d141408181154f504552cd25c8e3
IP 104.22.59.199:0
File type Unicode text, UTF-8 text, with very long lines (64974), with no line terminators
Size 153 kB (152752 bytes)
Hash b38e113b24846c2640838813c245f488
6045667b33fdf736501ffeb534f72aa9f17efdc1
dfaed21e702ce2d063ae09be6ebfac3d2a1a011e1bcb40b6cb4a628e5052c605
GET /adv1/?q=5e55d141408181154f504552cd25c8e3 HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-bgj: minify
cf-polished: origSize=549399
etag: W/"5e55d141408181154f504552cd25c8e3 2023-02-02T05:00:15 v1 default"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: HIT
age: 482
server: cloudflare
cf-ray: 7967252f995b0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbe359ce6fb136add75c8f3d3cc06330
e6584afcf39b6fad21eccbcce95c6645b8e1b3b8
29478bf1b8168dc457bb7d298448a78e1040bd3aa80cbf11cfa37475568590d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: d1ddb47f-3472-4015-8d55-72f435671f03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSPHiroAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070da-114975440d70915472cdba2f;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0w6JgtsKSRHLPJ3LyY6YUI8N7PS-gVlLuivQUq9jdyeYYm3STiJJIQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:13:34 GMT
age: 58844
etag: "e6584afcf39b6fad21eccbcce95c6645b8e1b3b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/hls.js@0.14.13
151.101.65.229200 OK 72 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@0.14.13
IP 151.101.65.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 099f0d69ae3bf4995159009f52f4d3d1
3d13c69919cafe188044cf6a7abef8d38b6419ee
7d624c2bd8770f8e475530d238f0639598d6359f9e5d676f7a51d1507d21135c
GET /npm/hls.js@0.14.13 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.14.13
x-jsd-version-type: version
etag: W/"3a8f5-ol2gYcX709ZKpqLteahgjiZOmjg"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 9443497
x-served-by: cache-fra-eddf8230081-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 71904
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-contrib-hls.js@latest
151.101.65.229200 OK 63 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-contrib-hls.js@latest
IP 151.101.65.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 15f39c98aece65d79b8f06473bbb6fd4
b12b3f7017a119a9cb841557f42bc5cacbbdaa80
032a275505fbae2e1057ebc72c8a79c801ffbce33113796d07063954a3ae3907
GET /npm/videojs-contrib-hls.js@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.2.0
x-jsd-version-type: version
etag: W/"35ce5-qfpgfeQEWgNuKxw4uDOhlbC6N08"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 26817
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62843
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
151.101.65.229200 OK 141 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (141142 bytes)
Hash 7e7fdfacdb1943ea810449001d165a53
fc230e8b4a933497a2da4a783574a5b07b889a7e
d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:18 GMT
age: 2864
x-served-by: cache-fra-eddf8230106-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f5a283373c14e17216db27abab79afd4
658960a2332d819bf88b0ec2a412c6bce6bfdb04
360ae63cb45751e562175a09889adcb39138760644d616a8c090b2199de26621
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 18:12:23 GMT
Expires: Tue, 14 Feb 2023 18:12:22 GMT
Etag: "658960a2332d819bf88b0ec2a412c6bce6bfdb04"
Cache-Control: max-age=509283,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796725300d22b506-OSL
st.chatango.com/js/gz/emb.js
208.93.230.24200 OK 24 kB URL HTTP/1.1 st.chatango.com/js/gz/emb.js
IP 208.93.230.24:0
File type ASCII text, with very long lines (1651)
Hash a543b2d0bd0671737d07034ada375e34
4f8a72210ccd1bbd1c254cf9138b7399503bb654
c237062303aaf130c2f1a7c9f7b71e6ba23e7c6f307c5d1f9ab2858371421cc3
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 20:34:18 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
ETag: "6388c38e-5cfc"
Expires: Wed, 08 Feb 2023 20:34:18 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
st.chatango.com/h5/gz/r1201220704/id.html
208.93.230.24200 OK 224 kB URL HTTP/1.1 st.chatango.com/h5/gz/r1201220704/id.html
IP 208.93.230.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size 224 kB (224208 bytes)
Hash 2ff04e3060ebf6d04a895f2af779e79c
4583ade36a3969fe2fc7ddfc754038ed4c35b424
98bfe8760d1b37a21984eae3adfb3dc9fbf7a1375e7f6c2db45bb14a72974c61
GET /h5/gz/r1201220704/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 20:34:19 GMT
Content-Type: text/html
Content-Length: 224208
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
ETag: "6388c38e-36bd0"
Expires: Thu, 08 Feb 2024 20:34:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 4.0 kB IP 142.250.74.163:0
Hash 3fe46c02a65963a0a922ef58ef97e1aa
86b5b133f11956b2df5ed31c2f50250f45c810c0
3d3b172b431fab0ecd93e50e00763f6dfff087446d2d019f2c1ca26191d96fb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/chatango-network/loader.js
151.101.129.44200 OK 38 kB URL HTTP/2 cdn.taboola.com/libtrc/chatango-network/loader.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (65509)
Hash 2dd357f4ebbda25ac28248249ef97a06
7045d5f06e4c29605af6f985245d153ac79aa072
9288ea1d60e97f7dc977e9dcb1bef12fbebe55438acdb91c5b5138efd03ffa3a
GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GqApn6yOKFjZj2WLPoVoh4Z8/SSnMwTwje39ClOoE7O2G6U2TTVH0Ivo2X05EpUCdxKBm94mXp8=
x-amz-request-id: 6T8GXC898EQF6X01
x-amz-replication-status: PENDING
last-modified: Wed, 08 Feb 2023 10:05:10 GMT
etag: "b0bfce115e14d47b25c9b59638bf6191"
x-amz-version-id: UwRDPaMGNntQ.x1hgS_kHvJNsrF4llGM
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:19 GMT
via: 1.1 varnish
age: 95
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1675888460.944921,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 37662
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 19:45:20 GMT
expires: Wed, 08 Feb 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 2939
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
st.chatango.com/cfg/nc/r.json?5751940020000264733614643
208.93.230.24200 OK 20 B URL HTTP/1.1 st.chatango.com/cfg/nc/r.json?5751940020000264733614643
IP 208.93.230.24:0
File type JSON data\012- , ASCII text
Hash 345dbbbf4120bf2cc616c0cda02d92de
d0e690c4cb67b9443d45d8342c5788c9583a0064
fc6476e99bc2028c9c0d7d28edafdcc7c2fdeb1630913f685887a25125f4f4e2
GET /cfg/nc/r.json?5751940020000264733614643 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 20:34:19 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
ETag: "6388c38e-14"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/impl.20230208-6-RELEASE.js
151.101.129.44200 OK 195 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20230208-6-RELEASE.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (65509)
Size 195 kB (194722 bytes)
Hash 316e06c998beaafe824b67085549e257
4fa0bbac88df39d0690cd5b0b6cf4df3e25d25a2
da9ec525b21259f1a8a62e2803fb608e3d2455d7477053c4e56d59225d4fac74
GET /libtrc/impl.20230208-6-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: WTqVvX6RJmAOVR8RijwEjg5qb6/Yt2gYmQ0JO9vAD8ouVRYVGTdnq5IwMg5CYFCGdqoY+FTGL+Y=
x-amz-request-id: SKSWHYH7P7SMF56C
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Feb 2023 09:47:50 GMT
etag: "bd6cd482cf3384797ca3f57e1f6e2e4f"
x-amz-version-id: 69slxkcaTFSEDnrZd4OBHj.8id0VDw2k
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:20 GMT
via: 1.1 varnish
age: 23
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 19
x-timer: S1675888460.193109,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
content-length: 194722
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675888516136&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fww1.pawastreams.top%2F
54.230.111.7204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675888516136&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fww1.pawastreams.top%2F
IP 54.230.111.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675888516136&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fww1.pawastreams.top%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 20:34:20 GMT
set-cookie: UID=1A14b82b0571f8d4d5a0c551675888460; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4Bk2bWLNHf-DgphaWCxLBMMzD1Z0_BJX_LK5jQYXcPvRlN3Mk1lgMA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6038
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:20 GMT
Last-Modified: Wed, 08 Feb 2023 18:53:42 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ust.chatango.com/groupinfo/p/a/pawastreamslive/gprofile.xml
208.93.230.24200 OK 122 B URL HTTP/1.1 ust.chatango.com/groupinfo/p/a/pawastreamslive/gprofile.xml
IP 208.93.230.24:0
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Hash 45a6d540254ff5fa3093661e951fa4df
f77dd8fda7d30ae5aa0414076cff4033055abaad
43ab8e28aedfc8d283b95ea564f6cc81cdcb62483d0e6d6ceb8979da1ec3c2bb
GET /groupinfo/p/a/pawastreamslive/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 20:34:20 GMT
Content-Type: text/xml
Content-Length: 122
Last-Modified: Mon, 26 Oct 2020 19:58:48 GMT
Connection: keep-alive
ETag: "5f972a78-7a"
Expires: Wed, 08 Feb 2023 20:34:20 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pixel.wp.com/g.gif?v=ext&blog=188027037&post=48841&tz=0&srv=ww1.pawastreams.top&j=1%3A11.7.1&host=ww1.pawastreams.top&ref=&fcp=1929&rand=0.8850559519213138
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=188027037&post=48841&tz=0&srv=ww1.pawastreams.top&j=1%3A11.7.1&host=ww1.pawastreams.top&ref=&fcp=1929&rand=0.8850559519213138
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=188027037&post=48841&tz=0&srv=ww1.pawastreams.top&j=1%3A11.7.1&host=ww1.pawastreams.top&ref=&fcp=1929&rand=0.8850559519213138 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.5882544255242533
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.5882544255242533
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.5882544255242533 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
104.21.95.63200 OK 7.1 kB URL HTTP/2 adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
IP 104.21.95.63:0
File type PNG image data, 159 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 9144b08276094534499e409d4be115ed
a2d3460da5082c8a65f7b26d0e07d710fd8d5997
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
GET /wp-content/uploads/2020/06/adipolo_logo.png HTTP/1.1
Host: adipolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: image/png
content-length: 7068
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
etag: "5ed61610-1b9c"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 11509587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBhcTRSsYwhWzpJSQi8gcoPx0JeiOnGig6UiZpcaa9VZAUPxroDBzV9re4%2B42PwMI2J3Zwou6k6KpTUkYzokxChYSUFrZm1m%2Bmbe%2FXx0Pyz87qc4CcbzCTNEvEsSXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796725441d4bb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jscdn.greeter.me/A-letterbigger_Savir.png
205.185.216.42200 OK 945 B URL HTTP/2 jscdn.greeter.me/A-letterbigger_Savir.png
IP 205.185.216.42:0
File type PNG image data, 19 x 22, 8-bit colormap, non-interlaced\012- data
Hash f07519ec5fbc46385f386b577e6e2a1d
ebca5469f271fc6c0b7f7ebf4b5de8947a7863ab
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
GET /A-letterbigger_Savir.png HTTP/1.1
Host: jscdn.greeter.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
cache-control: max-age=359
content-length: 945
content-type: image/png
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "f07519ec5fbc46385f386b577e6e2a1d"
x-amz-request-id: tx00000000000001fbc32a9-0063e3faa4-8600b7fe-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675888461.dop221.sk1.t,1675888461.cds018.sk1.hn,1675888461.cds014.sk1.c
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 70 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
File type C source, ASCII text, with very long lines (36073)
Hash 337a0a47116c08836af84c4bc683547d
609cce76302b5f51b380885c0c291c271b051006
5baa8c71106aded215d394dd2c4b9f71cb34cce9eedf115659b0aa935aea2b9a
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:20 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 749828
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63762abe47268709c0482e7d&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=634e511c15009653b86c1490
95.101.10.130200 OK 608 B URL HTTP/2 feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63762abe47268709c0482e7d&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=634e511c15009653b86c1490
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (4020), with no line terminators
Hash ac1da31a139bcac70f1d4f7198507552
ada2ac13ab1559423ee6846f3f3237fa42d6516d
7d0d39164486c04582a72f73b90e854390d69a38d425c1b87e4b4f1ba21b152d
GET /backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63762abe47268709c0482e7d&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=634e511c15009653b86c1490 HTTP/1.1
Host: feed.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-envoy-upstream-service-time: 18
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, max-age=3600
expires: Wed, 08 Feb 2023 21:34:21 GMT
date: Wed, 08 Feb 2023 20:34:21 GMT
content-length: 608
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9832fe4128627097ffa18c6a816202b4
38d0b9fdc59f32884f91a04d8a0cb83e4041631d
ddd4fa58a1f04e0571b9724ff0b4efb187e36c3d6609510c192986dd75285073
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2743
Cache-Control: max-age=91117
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:21 GMT
Etag: "63e2bd83-117"
Expires: Thu, 09 Feb 2023 21:52:58 GMT
Last-Modified: Tue, 07 Feb 2023 21:07:15 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2d101eb2b2eda0bdc39ebd44248fbf74
342d224afcef5ab28b1e007bc09634f8add4e469
3089dee6d63983e4a72fd9bc1a503aeb4d07d34cdab50a79ef2e76c6c91e12be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3955
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:21 GMT
Last-Modified: Wed, 08 Feb 2023 19:28:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2d101eb2b2eda0bdc39ebd44248fbf74
342d224afcef5ab28b1e007bc09634f8add4e469
3089dee6d63983e4a72fd9bc1a503aeb4d07d34cdab50a79ef2e76c6c91e12be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2179
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:21 GMT
Last-Modified: Wed, 08 Feb 2023 19:58:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b99de359cc41eeb01bfc548f92f1f325
06adeadaf4ece1878f5ec34111b0b64d6c3adc6b
09f82ccdecac8bcd1b4e62225f42dcca4548549ed34fba73aad5555e5c646f69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09F82CCDECAC8BCD1B4E62225F42DCCA4548549ED34FBA73AAD5555E5C646F69"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11302
Expires: Wed, 08 Feb 2023 23:42:43 GMT
Date: Wed, 08 Feb 2023 20:34:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b99de359cc41eeb01bfc548f92f1f325
06adeadaf4ece1878f5ec34111b0b64d6c3adc6b
09f82ccdecac8bcd1b4e62225f42dcca4548549ed34fba73aad5555e5c646f69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09F82CCDECAC8BCD1B4E62225F42DCCA4548549ED34FBA73AAD5555E5C646F69"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11302
Expires: Wed, 08 Feb 2023 23:42:43 GMT
Date: Wed, 08 Feb 2023 20:34:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9832fe4128627097ffa18c6a816202b4
38d0b9fdc59f32884f91a04d8a0cb83e4041631d
ddd4fa58a1f04e0571b9724ff0b4efb187e36c3d6609510c192986dd75285073
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2743
Cache-Control: max-age=91117
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:21 GMT
Etag: "63e2bd83-117"
Expires: Thu, 09 Feb 2023 21:52:58 GMT
Last-Modified: Tue, 07 Feb 2023 21:07:15 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0fc3e2be9a02b14fdb24e92d26da8838
d55b2ea7ea9d97de65bd0833926173f205591b6e
55958bd04c967f293dd41c5f4cd5fc52eaaad9738af71c0910fad08b11996c24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4439
Cache-Control: max-age=152165
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:21 GMT
Etag: "63e3a55b-139"
Expires: Fri, 10 Feb 2023 14:50:26 GMT
Last-Modified: Wed, 08 Feb 2023 13:36:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=vFWbZF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBvd09zQlZhWVZZakpWRDV4ZEtYQXQ0VXZKNkZxZmRDNzU1TFNYSnZ3dlQ; expires=Mon, 04 Mar 2024 20:34:21 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 190706
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4483
Cache-Control: max-age=119136
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:21 GMT
Etag: "63e3242a-139"
Expires: Fri, 10 Feb 2023 05:39:57 GMT
Last-Modified: Wed, 08 Feb 2023 04:25:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
69.16.175.42200 OK 17 kB URL HTTP/2 content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 640x360, components 3\012- data
Hash 0ee97d2dcd219d582aee0cecbb70cafd
16ba027494a626e2cec019fed6af4e257c041fcf
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
GET /60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg HTTP/1.1
Host: content1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-length: 16959
content-type: image/jpeg
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdsyDXrw3KAhEgbbjsfabJGA_5etl2VH6goN-xFfc8RLOq-jk5RxSMwv02NweK-9HAo4GmB6d9xf-IEVglsQYUpKUw
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16959
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type, range
server: UploadServer
x-hw: 1675888461.dop203.sk1.t,1675888461.cds211.sk1.hn,1675888461.cds262.sk1.c
cache-control: public, max-age=2592000
X-Firefox-Spdy: h2
services.vlitag.com/cli/5e55d141408181154f504552cd25c8e3.json?hn=https://ww1.pawastreams.top
104.22.59.199200 OK 42 B URL HTTP/2 services.vlitag.com/cli/5e55d141408181154f504552cd25c8e3.json?hn=https://ww1.pawastreams.top
IP 104.22.59.199:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ad8d1d0b492f4b9db2158519b717a138
4ebd76a56b2e2e635f0c2ba41a187b920b7b99bb
b050376bba9edbd843774ba864c9201194c9fe40d71c0084197afa91488766a6
GET /cli/5e55d141408181154f504552cd25c8e3.json?hn=https://ww1.pawastreams.top HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/json; charset=utf-8
content-length: 42
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ww1.pawastreams.top
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79672544bbd6b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
172.67.150.183301 Moved Permanently 0 B URL HTTP/1.1 pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
IP 172.67.150.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2021/04/discord-300x102.png HTTP/1.1
Host: pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 20:34:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 21:34:21 GMT
Location: https://ww1.pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IncG2nFA4ft5eMjn2UoqvCTHHOR5%2FYwfjiEXsgSsjihk8ZdBWN0ur5CA3sSXCF2WpZTxOsVaUhsT8jTI2zGUVEYtioz%2BpeKLloci81pL1nItJG1pJUWNAKwIbxRjdfRvCSM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79672545cbe4b515-OSL
alt-svc: h2=":443"; ma=60
services.vlitag.com/vld/1675666446/vl.json?page_url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F
104.22.59.199200 OK 13 B URL HTTP/2 services.vlitag.com/vld/1675666446/vl.json?page_url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F
IP 104.22.59.199:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7babbbdeca820a7e691913c68428f1c
873007e1c38b8fbea1d265afa40bb15ad6cc4fb5
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
GET /vld/1675666446/vl.json?page_url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/json; charset=utf-8
content-length: 13
cache-control: public, immutable, max-age=31536000
access-control-allow-origin: https://ww1.pawastreams.top
x-robots-tag: noindex, nofollow, noarchive, nosnippet
last-modified: Wed, 08 Feb 2023 14:59:27 GMT
cf-cache-status: HIT
age: 2592
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79672545fde4b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=634e511c15009653b86c1490
69.16.175.10200 OK 122 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=634e511c15009653b86c1490
IP 69.16.175.10:0
File type Unicode text, UTF-8 text, with very long lines (44568), with LF, NEL line terminators
Size 122 kB (121530 bytes)
Hash 8a7f228ce31ac212db9f0bddd19e44b9
830dc8aacbab3aa065120c512d6cef200eedef5b
ff90f03c8a52503206a04afaf0ede1642eb4ae6795bde58306c5a5c4a751d226
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=634e511c15009653b86c1490 HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
etag: "1675773500"
cache-control: max-age=600
content-encoding: gzip
content-length: 121530
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 12:38:20 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1675888461.dop023.sk1.t,1675888461.cds071.sk1.hn,1675888461.cds240.sk1.c
X-Firefox-Spdy: h2
pawastreams.live/wp-content/uploads/2021/04/discord-300x102.png
172.67.132.148301 Moved Permanently 642 B URL HTTP/2 pawastreams.live/wp-content/uploads/2021/04/discord-300x102.png
IP 172.67.132.148:0
Hash a52fc079f3fbd53ed270e141097c464b
ad1a709ec76f61a8ce191e9137d46e6ed29d6b4c
386614ff9559ba2207bdbc29990e443292eed77d6a772debc6af034f3fbc3389
GET /wp-content/uploads/2021/04/discord-300x102.png HTTP/1.1
Host: pawastreams.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: text/html
location: http://pawastreams.top/wp-content/uploads/2021/04/discord-300x102.png
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkZ9dcvnD7E9Eb%2BS%2FdRmg7b5Hl7twN9jxKnNCMkgG969RgZNjEThJahnetK%2BBXYl%2FvfkVqx%2FPWoSWg2%2Fue8QU9XFwbLsmJMtIVRlDI2ZFYxpy0ndJdi%2Fqq%2FKwfjE4ewrDklo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79672544bdd60afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
servt.modoro360.com/track?pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&cb=1675888517255&r=ww1.pawastreams.top&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
184.73.238.126200 OK 0 B URL HTTP/2 servt.modoro360.com/track?pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&cb=1675888517255&r=ww1.pawastreams.top&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
IP 184.73.238.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&cb=1675888517255&r=ww1.pawastreams.top&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 559020
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cfb5cea106e1d8b8793a7281cd6a959a
f9a1abecfc41d8d363aa32ee386f4d6dbe2b4c14
489e8b59e4fd0f56a1282369107e71f9d9e0f14dbe8b6ef345ae9fe1369c488c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 11:03:48 GMT
Expires: Wed, 15 Feb 2023 11:03:47 GMT
Etag: "f9a1abecfc41d8d363aa32ee386f4d6dbe2b4c14"
Cache-Control: max-age=569965,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967254649afb506-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 73 kB URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 975c3c30908de41b5b029348b0935a7e
67e3f96a0a996308dbff57db7364520ce6a2a44e
8dc2e2b5c56a05889b5bce325bc26092adfa06788cb7475b349bd513c9c1992e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:22 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 05:46:32 GMT
Expires: Wed, 15 Feb 2023 05:46:31 GMT
Etag: "1cfbd7a2b6c0d46f92cfdbe81112f39ee1765cd7"
Cache-Control: max-age=550928,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79672547abafb506-OSL
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
141.95.4.204200 OK 15 kB URL HTTP/1.1 storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
IP 141.95.4.204:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 7bf4f6782dee3b520a65ff84286e3691
f3d9a3c61e38006d07e182939838e4673e32805e
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
GET /v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico HTTP/1.1
Host: storage.de.cloud.ovh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 15086
Accept-Ranges: bytes
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
X-Timestamp: 1612097853.12655
Content-Type: image/x-icon
X-Trans-Id: tx72d1732e5cd044fe9adb8-0063e4074e
X-Openstack-Request-Id: tx72d1732e5cd044fe9adb8-0063e4074e
Date: Wed, 08 Feb 2023 20:34:22 GMT
ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=740842&site_id=17314&full_page_url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&adid=w4r48j.64&features=81952&vpbv=N121&tte=366&lifecycle_tte=5860
62.149.23.112200 OK 43 B URL HTTP/1.1 ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=740842&site_id=17314&full_page_url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&adid=w4r48j.64&features=81952&vpbv=N121&tte=366&lifecycle_tte=5860
IP 62.149.23.112:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /adunit/tracking?event=11&type=0&client_id=740842&site_id=17314&full_page_url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&adid=w4r48j.64&features=81952&vpbv=N121&tte=366&lifecycle_tte=5860 HTTP/1.1
Host: ghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 08 Feb 2023 20:34:21 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://ww1.pawastreams.top
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Set-Cookie: vmuid=754da83b91786b79; expires=Fri, 12 May 2023 20:34:22 GMT; domain=.aplhb.adipolo.com; path=/; secure; SameSite
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ba8280a44e5cca2706d6fb4cc1b63e00
b02884c54a886e1c67fb686496d7f585ac4da1c1
a527caf4c3b2ce7295e54fe42e81a7c8e5c80d26506fce05bf1220d95cee22cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5702
Cache-Control: max-age=97650
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:22 GMT
Etag: "63e2cb7a-139"
Expires: Thu, 09 Feb 2023 23:41:52 GMT
Last-Modified: Tue, 07 Feb 2023 22:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
servt.modoro360.com/track?r=ww1.pawastreams.top&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.81&apppkg=&fv=1&proto=https&d65=Test1&clsid=d9f3cdaf-43b2-4f53-9eaf-4b7478fe986e&rando=66&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1675888517919
184.73.238.126200 OK 172 kB URL HTTP/2 servt.modoro360.com/track?r=ww1.pawastreams.top&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.81&apppkg=&fv=1&proto=https&d65=Test1&clsid=d9f3cdaf-43b2-4f53-9eaf-4b7478fe986e&rando=66&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1675888517919
IP 184.73.238.126:0
Size 172 kB (172278 bytes)
Hash 78982ab9042de46bf4944a508dad010e
7d3af5e8e44d554250d42e9a25c3b50408a307f5
48b44887b16f32c5c00c548e1aec63492b5e1083fc5421946edcfc88aec57b4f
GET /track?r=ww1.pawastreams.top&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.81&apppkg=&fv=1&proto=https&d65=Test1&clsid=d9f3cdaf-43b2-4f53-9eaf-4b7478fe986e&rando=66&pid=634e511c15009653b86c1490&cid=63bece46bddf7a08590a2977&stagid=63762abe47268709c0482e7d&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1675888517919 HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:22 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:22 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22ww1.pawastreams.top%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1675888518239%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-khtrw6c3v4juktrc92ue%22%7D
3.66.99.101200 OK 2 B URL HTTP/2 audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22ww1.pawastreams.top%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1675888518239%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-khtrw6c3v4juktrc92ue%22%7D
IP 3.66.99.101:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22domain%22%3A%22ww1.pawastreams.top%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1675888518239%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-khtrw6c3v4juktrc92ue%22%7D HTTP/1.1
Host: audit-tcfv2.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:22 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash ab5f6e8d1300c6acc810b7319e75b127
1cfbd7a2b6c0d46f92cfdbe81112f39ee1765cd7
fe68182897bc0347da87e548aafed6e917fd1eb852f9e5925fd7a7df08cea96e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:22 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 05:46:32 GMT
Expires: Wed, 15 Feb 2023 05:46:31 GMT
Etag: "1cfbd7a2b6c0d46f92cfdbe81112f39ee1765cd7"
Cache-Control: max-age=550928,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79672547b8ecb4ed-OSL
services.vlitag.com/obj/1675666446/5e55d141408181154f504552cd25c8e3.json?cc=NO&hn=https://ww1.pawastreams.top
104.22.59.199200 OK 4.7 kB URL HTTP/2 services.vlitag.com/obj/1675666446/5e55d141408181154f504552cd25c8e3.json?cc=NO&hn=https://ww1.pawastreams.top
IP 104.22.59.199:0
File type JSON data\012- , ASCII text, with very long lines (32788), with no line terminators
Hash 8557382fda2f2eb1110adaa67d382595
d6f3e456171c03939fba848460c5975810f78063
ccb06c7896e17a24158147416465659344cbb4e1eda5af11e5899251c2715b33
GET /obj/1675666446/5e55d141408181154f504552cd25c8e3.json?cc=NO&hn=https://ww1.pawastreams.top HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
access-control-allow-origin: https://ww1.pawastreams.top
x-robots-tag: noindex, nofollow, noarchive, nosnippet
last-modified: Mon, 06 Feb 2023 14:52:51 GMT
cf-cache-status: HIT
age: 193290
server: cloudflare
cf-ray: 79672545fde6b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
104.110.14.155301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
IP 104.110.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
date: Wed, 08 Feb 2023 20:34:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=101427
expires: Fri, 10 Feb 2023 00:44:49 GMT
date: Wed, 08 Feb 2023 20:34:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 297bc65c49d69adf06bb81e5f61af373
92c640748ad77b6e75bd3ddf09fae0df8d9bc248
cf3fcdfb7668814a58e51e4fa2c7cddf187ba3750d58596cdb56013c14ce6f2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 01:55:53 GMT
Expires: Wed, 15 Feb 2023 01:55:52 GMT
Etag: "92c640748ad77b6e75bd3ddf09fae0df8d9bc248"
Cache-Control: max-age=537089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967254cdcd3b506-OSL
ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
95.101.10.8302 Moved Temporarily 0 B URL HTTP/1.1 ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
IP 95.101.10.8:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Content-Length: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1675888462883045-358
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ea3137014ac19b74e12586c8ce79881&_fw_gdpr=1&_fw_gdpr_consent=
Expires: Wed, 08 Feb 2023 20:34:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Feb 2023 20:34:22 GMT
Connection: keep-alive
Set-Cookie: UID=ea3137014ac19b74e12586c8ce79881; Domain=ads.stickyadstv.com; Expires=Fri, 10-Mar-2023 20:34:22 GMT; Path=/
ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
95.101.10.8200 OK 43 B URL HTTP/1.1 ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
IP 95.101.10.8:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1675888462907010-518
Content-Length: 43
Expires: Wed, 08 Feb 2023 20:34:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Feb 2023 20:34:22 GMT
Connection: keep-alive
Set-Cookie: UID=7fbbb629d8c2157c6447ddc40cdf76; Domain=ads.stickyadstv.com; Expires=Fri, 10-Mar-2023 20:34:22 GMT; Path=/
pxId=1953; Domain=ads.stickyadstv.com; Path=/
eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=aniview&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Feb 2023 20:34:22 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 44bf378d3750537baa26c6ee0d8a9bed
693e6f2b0c03f45e7fafa193a1827582c6161fc5
2e2eff7bd87e95bd7f7a330e30ff78a0cca8cdb07cc1915644e2f302598321fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103377
Date: Wed, 08 Feb 2023 20:34:22 GMT
Etag: "63e2eeb8-1d7"
Expires: Fri, 10 Feb 2023 01:17:19 GMT
Last-Modified: Wed, 08 Feb 2023 00:37:12 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MTHRsRqSc4GYEFJguVZDGzBdlIPBs5A9VKfW2sE9fhty2XIGDszjug==
Age: 2407
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 47d5d2c13e0d930328ae3ff166919175
06ac77ab3f2c9f6c82b4a4f45cf380a15066e022
2fc5f5eecbcad1e173a5bb29ea26ae20b59c55ac0c865bea206d7ac36bf078bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1688
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Last-Modified: Wed, 08 Feb 2023 20:06:15 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.207.234200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (2846)
Size 126 kB (125826 bytes)
Hash 98b1fe69946e421b8ece280ad4995eed
e6e0b95673083dd5319db64472e9505964998bc0
3ce90bb62a4f3d7a503d1a819ce1b7016837a27c17065adb97c94680a7cd870a
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125826
date: Wed, 08 Feb 2023 20:34:22 GMT
expires: Wed, 08 Feb 2023 20:34:22 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D
3.126.197.6302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D
IP 3.126.197.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 20:34:23 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=04eec687-993d-4e80-9779-fa3bd359b86a; Expires=Tue, 09 May 2023 20:34:23 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675888463; Expires=Tue, 09 May 2023 20:34:23 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18415)
Hash 43cebd7316cc6a13e665faaa57f4c4bf
9d7dfe5e0643609faa681b2fbb4bc5f6854f4168
74fb782b3d6944c34f649dd44d5ffcaa848903cca5c92923bdbff7ea83e65e0e
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 08 Feb 2023 02:44:35 GMT
Content-Encoding: gzip
Content-Length: 10007
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=22249
Expires: Thu, 09 Feb 2023 02:45:12 GMT
Date: Wed, 08 Feb 2023 20:34:23 GMT
Connection: keep-alive
Vary: Accept-Encoding
ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58543/occ?gdpr=1&gdpr_consent= HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 20:34:23 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age: 0
server: ATS/9.1.10.25
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D
3.126.197.6200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D
IP 3.126.197.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39302)
Hash efafbe512de3357b84904c9957502a16
55190acc03e7a2d01485f388301c714364c5bd0a
68a755d51b9e068e8da8fc88863417c9f303e97660dfeb5c0cb90568d77b05fb
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27248
date: Wed, 08 Feb 2023 20:34:23 GMT
expires: Wed, 08 Feb 2023 20:34:23 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1477 / 985 of 1000 / last-modified: 1675857979"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39302)
Hash 2a3309905569286c72b8b13ee6add72d
a2850734fc8b2932752db1144a1bbce00dca54e4
54094719fd235c71f455a2f6ef79c4da736f537ce2f4666388670bfa717cb52f
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27243
date: Wed, 08 Feb 2023 20:34:23 GMT
expires: Wed, 08 Feb 2023 20:34:23 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1477 / 36 of 1000 / last-modified: 1675857979"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff4eccae864be7aa8104ffcb8b26db47
1a8ec2a24c9e4b48876ab7698026647e1bbf3800
66bf8dff78373b87f00365097fcb6912ebb775a8593dc86679ae0302bccddc66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Last-Modified: Wed, 08 Feb 2023 19:30:34 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675888462498-980157918857-001198-001-001449&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%5BUSER_ID%5D
193.122.128.135204 No Content 0 B URL HTTP/2 sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675888462498-980157918857-001198-001-001449&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%5BUSER_ID%5D
IP 193.122.128.135:0
ASN #31898 ORACLE-BMC-31898
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /services?srv=cs&pid=70&uid=1675888462498-980157918857-001198-001-001449&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%5BUSER_ID%5D HTTP/1.1
Host: sync.technoratimedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 08 Feb 2023 20:34:23 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Mon, 07 Feb 2028 20:34:23 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://ww1.pawastreams.top/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 71112050
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F
2.18.172.195200 OK 108 B URL HTTP/2 api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F
IP 2.18.172.195:0
File type ASCII text, with no line terminators
Hash 1fcc6bfe72df08d2323bad76647e4134
ee8d477cee7d8c735171bb9ed406a220c27c2894
20e4695bf1623de6f3184c60ef5d192a791c9a03c3cdc62bf61a38d7ea04432a
GET /v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
content-length: 108
expires: Wed, 08 Feb 2023 20:49:23 GMT
x-envoy-upstream-service-time: 1
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 1123543983607601
date: Wed, 08 Feb 2023 20:34:23 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1675888463.2457379
x-cdn: akamai
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/hls-proxy.js
151.101.65.229200 OK 6.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/hls-proxy.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (18531), with no line terminators
Hash 4b6f08e5ec004ec4561b09e3e9a1f830
227a9a98e5729242b358ae727933eb7765353b5c
817c0152326c21a8ecb1980617aeca2cdb652b0311beb9694bbb97c166f699c5
GET /npm/swarmcloud-hls@latest/dist/hls-proxy.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.6.3
x-jsd-version-type: version
etag: W/"4863-cTbCe1452Y/zbylHXinW8g7XVVE"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 20:34:23 GMT
age: 35385
x-served-by: cache-fra-eddf8230027-FRA, cache-bma1645-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6851
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
142.250.74.162200 OK 13 kB URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (1493)
Hash 0dece4b354fc41d0430994be26247a47
1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d
71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 20:12:11 GMT
expires: Wed, 08 Feb 2023 21:12:11 GMT
cache-control: public, max-age=3600
age: 1332
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5eecee8746b80be9e0c125cd1a6fbe62
6bb07051e8d9ef26d47f7df9846f589178d77cbb
adc26481b4eb6697f772d1d79de38769c179963e7e9df9b093d368f031472345
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 13:56:50 GMT
Expires: Tue, 14 Feb 2023 13:56:49 GMT
Etag: "6bb07051e8d9ef26d47f7df9846f589178d77cbb"
Cache-Control: max-age=493945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967254e6eec0b65-OSL
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675888462498-980157918857-001198-001-001449%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
3.122.123.120200 OK 43 B URL HTTP/2 x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675888462498-980157918857-001198-001-001449%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
IP 3.122.123.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675888462498-980157918857-001198-001-001449%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
s0.2mdn.net/instream/video/client.js
172.217.21.166200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Wed, 08 Feb 2023 20:34:23 GMT
expires: Wed, 08 Feb 2023 20:34:23 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b53e0da8f590637e2223b3c6abb8f67a
d33bba465c0bc9383d9f7fd2041dcff152c78c62
a1ca30f645dca90d2054bade39fccf68089762f4ce6e518f090423f52929e531
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 20:34:23 GMT
Last-Modified: Wed, 08 Feb 2023 19:34:01 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EVaRF0_hmGKOwbW3_Xxdsl-vifrE93lpC4oTl7XUZPvwxbh-GQ6MIw==
Age: 3622
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.aniview.com/cookiesyncendpoint?biddername=9&key=ea3137014ac19b74e12586c8ce79881&_fw_gdpr=1&_fw_gdpr_consent=
3.209.120.228200 OK 0 B URL HTTP/2 sync.aniview.com/cookiesyncendpoint?biddername=9&key=ea3137014ac19b74e12586c8ce79881&_fw_gdpr=1&_fw_gdpr_consent=
IP 3.209.120.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?biddername=9&key=ea3137014ac19b74e12586c8ce79881&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: sync.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-length: 0
set-cookie: 1_C_9=ea3137014ac19b74e12586c8ce79881; Path=/; Domain=aniview.com; Expires=Sat, 18 Feb 2023 20:34:23 GMT; Secure; SameSite=None
1_C_9=ea3137014ac19b74e12586c8ce79881; Path=/; Expires=Sat, 18 Feb 2023 20:34:23 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5eecee8746b80be9e0c125cd1a6fbe62
6bb07051e8d9ef26d47f7df9846f589178d77cbb
adc26481b4eb6697f772d1d79de38769c179963e7e9df9b093d368f031472345
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 13:56:50 GMT
Expires: Tue, 14 Feb 2023 13:56:49 GMT
Etag: "6bb07051e8d9ef26d47f7df9846f589178d77cbb"
Cache-Control: max-age=493945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967254e6f75b506-OSL
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675888462498-980157918857-001198-001-001449&key=OPTOUT
52.3.190.65200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675888462498-980157918857-001198-001-001449&key=OPTOUT
IP 52.3.190.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675888462498-980157918857-001198-001-001449&key=OPTOUT HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-length: 0
set-cookie: 1_C_200=OPTOUT; Path=/; Domain=modoro360.com; Expires=Sat, 18 Feb 2023 20:34:23 GMT; Secure; SameSite=None
1_C_200=OPTOUT; Path=/; Expires=Sat, 18 Feb 2023 20:34:23 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675888462498-980157918857-001198-001-001449&key=V9uTizpkFfzq&ev=1&us_privacy=1---&pid=562704
52.3.190.65200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675888462498-980157918857-001198-001-001449&key=V9uTizpkFfzq&ev=1&us_privacy=1---&pid=562704
IP 52.3.190.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675888462498-980157918857-001198-001-001449&key=V9uTizpkFfzq&ev=1&us_privacy=1---&pid=562704 HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-length: 0
set-cookie: 1_C_10=V9uTizpkFfzq; Path=/; Domain=modoro360.com; Expires=Sat, 18 Feb 2023 20:34:23 GMT; Secure; SameSite=None
1_C_10=V9uTizpkFfzq; Path=/; Expires=Sat, 18 Feb 2023 20:34:23 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=&user_id=1675888462498-980157918857-001198-001-001449&gdpr=1&gdpr_consent=&us_privacy=1---
3.122.123.120200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?ssp=&user_id=1675888462498-980157918857-001198-001-001449&gdpr=1&gdpr_consent=&us_privacy=1---
IP 3.122.123.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?ssp=&user_id=1675888462498-980157918857-001198-001-001449&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ce0c9bc2a6db0953de294199054df32
349a4f1fa3240e2b9d0a2254453ecaa4d78113e5
992aaf5ee320fb9291ced258e2b6fa49170bf1b5d54ee6b74955cf32719ebd93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2047
Cache-Control: max-age=104797
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:24 GMT
Etag: "63e2f5af-1d7"
Expires: Fri, 10 Feb 2023 01:41:01 GMT
Last-Modified: Wed, 08 Feb 2023 01:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
8.43.72.97204 No Content 0 B URL HTTP/1.1 pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
IP 8.43.72.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=aniview HTTP/1.1
Host: pixel-us-east.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 75e7d8c39400a3c96acd3dc656a640eb
f023a4f1504d8c4cdc50f558d0ec2262a14976a0
e16c0e69631ccde9432e854b9f29a950304da09037f8490c80000a0d90df149d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3433
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:24 GMT
Last-Modified: Wed, 08 Feb 2023 19:37:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 065bf0978e18b49800c4a27cd695dbed
256bd3b1f125de9ad90995ee8b7ad07535dd05a3
5e0af6ae53002dd7f08417d03cab3920b7c71325b8eafaf18c9757be1a38970f
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:00:55 GMT
ETag: "256bd3b1f125de9ad90995ee8b7ad07535dd05a3"
Last-Modified: Wed, 08 Feb 2023 19:00:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 682
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79672559aa781bfe-OSL
token.rubiconproject.com/token?pid=10362
69.173.144.165204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=10362
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=10362 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
token.rubiconproject.com/token?pid=2249&pt=n
69.173.144.165302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2249&pt=n
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2249&pt=n HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
content-length: 0
token.rubiconproject.com/token?pid=25470
69.173.144.165204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
token.rubiconproject.com/token?pid=36584
69.173.144.165204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=36584
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=36584 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
match.adsrvr.org/track/cmf/rubicon
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/rubicon
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/rubicon HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:24 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22707437124%2Fapl%2Faniplay%2Faniplay_170&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=286726501622174&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3120990929&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2758&dt=1675888520740&scor=1574575672569723&ged=ve4_td2_tt2_pd2_la2000_er628.9.787.309_vi0.0.939.1268_vp100_eb24171
142.250.74.162200 OK 98 B URL HTTP/2 pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22707437124%2Fapl%2Faniplay%2Faniplay_170&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=286726501622174&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3120990929&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2758&dt=1675888520740&scor=1574575672569723&ged=ve4_td2_tt2_pd2_la2000_er628.9.787.309_vi0.0.939.1268_vp100_eb24171
IP 142.250.74.162:0
Hash 60a684ea33f5a8ea992e3166f6015d77
07c31ee8b077593f0af0a85d422d8d21da4e7212
4888fd03619b61ad7ff3c1968be6789eda2fd0a949b407994a507d709907d4ac
GET /gampad/ads?iu=%2F21939239661%2C22707437124%2Fapl%2Faniplay%2Faniplay_170&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=286726501622174&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3120990929&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2758&dt=1675888520740&scor=1574575672569723&ged=ve4_td2_tt2_pd2_la2000_er628.9.787.309_vi0.0.939.1268_vp100_eb24171 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
date: Wed, 08 Feb 2023 20:34:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 98
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ae540096912caee7a35af9218719a4b
8361b46cf179ea291f7eaed275ea152faf3d6cdc
9b7d5ae9c4e55049083f1d27ea424ce99d5488bbc4847eeb030f61b29907b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B7D5AE9C4E55049083F1D27EA424CE99D5488BBC4847EEB030F61B29907B588"
Last-Modified: Wed, 08 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6542
Expires: Wed, 08 Feb 2023 22:23:26 GMT
Date: Wed, 08 Feb 2023 20:34:24 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash c7bb4d52425eba75fa40b8dde518b31d
f40354e8579f4af3fb68a899891bbe58b73b5507
f7dbf6f91631cfc757781f9846e61ccdae6ccc731d1f61c094ccaa236946e1e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140864
Date: Wed, 08 Feb 2023 20:34:24 GMT
Etag: "63e37b51-1d7"
Expires: Fri, 10 Feb 2023 11:42:08 GMT
Last-Modified: Wed, 08 Feb 2023 10:37:05 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sE4D65OfyFZb-3WfQ3ua_7c6Z-yAVfLnm2hq8fEmgowwiXmi44fIIA==
Age: 3904
pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D
23.38.200.207302 Moved Temporarily 0 B URL HTTP/1.1 pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D
IP 23.38.200.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 441 9053ffc master iad-pixel-x16 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://token.rubiconproject.com/token?pid=35912&puid=b3b063e4-0751-4100-abd9-a1fe800721dd
Expires: Wed, 08 Feb 2023 20:34:23 GMT
Date: Wed, 08 Feb 2023 20:34:25 GMT
Connection: keep-alive
Set-Cookie: uuid=b3b063e4-0751-4100-abd9-a1fe800721dd; domain=.mathtag.com; path=/; expires=Thu, 07-Mar-2024 20:34:25 GMT; SameSite=None; Secure
i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
3.126.58.16302 0 B URL HTTP/1.1 i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
IP 3.126.58.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP/1.1
Host: i.w55c.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache, must-revalidate
Date: Wed, 08 Feb 2023 20:34:24 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
Pragma: no-cache
Server: PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=45OWJ3sX1PpR975; Domain=.w55c.net; Expires=Sun, 10-Mar-2024 06:34:25 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 75e7d8c39400a3c96acd3dc656a640eb
f023a4f1504d8c4cdc50f558d0ec2262a14976a0
e16c0e69631ccde9432e854b9f29a950304da09037f8490c80000a0d90df149d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:34:25 GMT
Last-Modified: Wed, 08 Feb 2023 19:37:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22707437124%2Fapl%2Faniplay%2Faniplay_130&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=444278301401699&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2759832215&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2793&dt=1675888520987&scor=1649615424829713&ged=ve4_td2_tt2_pd2_la2000_er587.9.746.309_vi0.0.898.1268_vp100_ts0_eb24171
142.250.74.162200 OK 98 B URL HTTP/2 pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22707437124%2Fapl%2Faniplay%2Faniplay_130&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=444278301401699&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2759832215&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2793&dt=1675888520987&scor=1649615424829713&ged=ve4_td2_tt2_pd2_la2000_er587.9.746.309_vi0.0.898.1268_vp100_ts0_eb24171
IP 142.250.74.162:0
Hash 60a684ea33f5a8ea992e3166f6015d77
07c31ee8b077593f0af0a85d422d8d21da4e7212
4888fd03619b61ad7ff3c1968be6789eda2fd0a949b407994a507d709907d4ac
GET /gampad/ads?iu=%2F21939239661%2C22707437124%2Fapl%2Faniplay%2Faniplay_130&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=444278301401699&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2759832215&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2793&dt=1675888520987&scor=1649615424829713&ged=ve4_td2_tt2_pd2_la2000_er587.9.746.309_vi0.0.898.1268_vp100_ts0_eb24171 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
date: Wed, 08 Feb 2023 20:34:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 98
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/gampad/ads?iu=%2F7047%2C22707437124%2Fapl%2Faniplay%2Faniplay_150&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=906870325920989&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4197253663&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2734&dt=1675888521011&scor=1953338727257521&ged=ve4_td2_tt2_pd2_la2000_er587.9.746.309_vi0.0.898.1268_vp100_ts0_eb24171
142.250.74.162200 OK 98 B URL HTTP/2 pagead2.googlesyndication.com/gampad/ads?iu=%2F7047%2C22707437124%2Fapl%2Faniplay%2Faniplay_150&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=906870325920989&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4197253663&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2734&dt=1675888521011&scor=1953338727257521&ged=ve4_td2_tt2_pd2_la2000_er587.9.746.309_vi0.0.898.1268_vp100_ts0_eb24171
IP 142.250.74.162:0
Hash 60a684ea33f5a8ea992e3166f6015d77
07c31ee8b077593f0af0a85d422d8d21da4e7212
4888fd03619b61ad7ff3c1968be6789eda2fd0a949b407994a507d709907d4ac
GET /gampad/ads?iu=%2F7047%2C22707437124%2Fapl%2Faniplay%2Faniplay_150&description_url=ww1.pawastreams.top&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=906870325920989&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4197253663&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=683E0297-9CBB-4276-88DB-E1EA120BD325&nel=0&eid=44748969%2C44765701%2C44777649&url=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&dlt=1675888517581&idt=2734&dt=1675888521011&scor=1953338727257521&ged=ve4_td2_tt2_pd2_la2000_er587.9.746.309_vi0.0.898.1268_vp100_ts0_eb24171 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
date: Wed, 08 Feb 2023 20:34:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 98
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TCX7ZFhV73kN0UBshXeb0qdSkY-8qdeNN6EgioqOUmSAnraEhAohMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:11 GMT
age: 82334
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
54.230.111.93200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
IP 54.230.111.93:0
GET /tcfv2/23/cmp2ui-en.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
cache-control: max-age=172800
date: Wed, 08 Feb 2023 17:34:05 GMT
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
etag: W/"b999c652510fc4edd897a1d667aaee33"
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DZqxW6_m3rPEPrHU2ussN6JVnnWB-r-D4HHE405anQI_2yJG0SKFlA==
age: 10818
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nflbite.to/images/nflbiteicon.png
104.21.24.190301 Moved Permanently 0 B URL HTTP/2 nflbite.to/images/nflbiteicon.png
IP 104.21.24.190:0
GET /images/nflbiteicon.png HTTP/1.1
Host: nflbite.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: text/html
location: https://www.nflbite.to/images/nflbiteicon.png
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=3600
cf-cache-status: HIT
age: 1105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUlNs1udLyYnnIXxttUUzNgWH8Y3hFIQLFFmMwEIhTcfHKgu0Tx%2FS4b%2Fkoqw2xzff83uuqFPwVbTr7YkxANbm8shS2DYSE%2F8eRJajxvc6FWkuABTuFQYjTGaLK17"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79672544b91ab4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
54.230.111.93200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
IP 54.230.111.93:0
GET /GVL-v2/vendor-list.json HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Wed, 08 Feb 2023 03:00:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Wed, 08 Feb 2023 03:00:34 GMT
etag: W/"dd5e6d444109736accfeca7278bfc7a1"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n-lcivPBfGvmrbJFsr_kSI_YU6M2BDcla9CkLK8e8_tmW8eFMnL-5A==
age: 63223
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%5BRX_UUID%5D
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%5BRX_UUID%5D
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 20:34:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675888462498-980157918857-001198-001-001449&key=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.19200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.19:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 121337
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.177200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.177:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:20 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 112554
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
player.aplhb.adipolo.com/prebidlink/19396/hbw_master_740842_17314.js
45.133.44.3200 OK 0 B URL HTTP/2 player.aplhb.adipolo.com/prebidlink/19396/hbw_master_740842_17314.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/19396/hbw_master_740842_17314.js HTTP/1.1
Host: player.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 08 Feb 2023 15:54:10 GMT
etag: W/"63e3c5a2-15848"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 08 Feb 2023 21:34:21 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
player.aplhb.adipolo.com/prebidlink/465524/wrapper_hb_740842_17314.js
45.133.44.3200 OK 0 B URL HTTP/2 player.aplhb.adipolo.com/prebidlink/465524/wrapper_hb_740842_17314.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/465524/wrapper_hb_740842_17314.js HTTP/1.1
Host: player.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 08 Feb 2023 15:54:10 GMT
etag: W/"63e3c5a2-685"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 08 Feb 2023 21:34:21 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%25%25VGUID%25%25
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%25%25VGUID%25%25
IP 198.148.27.140:0
GET /bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%25%25VGUID%25%25 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-lh5nt
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: ccpa=1---;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 10-Mar-2023 20:34:23 GMT;Max-Age=2592000;SameSite=None
V=V9uTizpkFfzq;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 03-Feb-2024 20:34:23 GMT;Max-Age=31104000;SameSite=None
pb_rtb_ev=3-1itr|8jz.0.1;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 08-Feb-2024 20:34:23 GMT;Max-Age=31536000;SameSite=None
INGRESSCOOKIE=70456c98d84729c7; path=/; HttpOnly; Secure; SameSite=None
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675888462498-980157918857-001198-001-001449&key=V9uTizpkFfzq&ev=1&us_privacy=1---&pid=562704
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7B%7BVID%7D%7D
185.76.9.15200 OK 0 B URL HTTP/2 vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7B%7BVID%7D%7D
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
GET /sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675888462498-980157918857-001198-001-001449%26key%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:23 GMT
content-type: text/html
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
etag: W/"63e28045-c234"
access-control-allow-origin: *
x-accel-expires: @1676925263
server: CDN77-Turbo
x-77-nzt: AblMCQ07H8ah
x-77-nzt-ray: c0a4cc28f0dc17304e07e463e84ba637
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F
45.133.44.3200 OK 0 B URL HTTP/2 player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /exchange_rates/313490/config.json?cb=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ww1.pawastreams.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:24 GMT
content-type: application/json
server: nginx
last-modified: Tue, 07 Feb 2023 12:01:24 GMT
etag: W/"63e23d94-2ab6"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 10 Feb 2023 20:34:24 GMT
access-control-allow-origin: https://ww1.pawastreams.top
x-proxy-cache: HIT
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=ww1.pawastreams.top&info=b4HqR180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBvd09zQlZhWVZZakpWRDV4ZEtYQXNSdElWemNTMmg1azdXSTVOZUIlMkZEbQ&idsd=1255077022,-1070535626&rtusCallerId=72&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=ww1.pawastreams.top&info=b4HqR180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBvd09zQlZhWVZZakpWRDV4ZEtYQXNSdElWemNTMmg1azdXSTVOZUIlMkZEbQ&idsd=1255077022,-1070535626&rtusCallerId=72&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=ww1.pawastreams.top&info=b4HqR180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBvd09zQlZhWVZZakpWRDV4ZEtYQXNSdElWemNTMmg1azdXSTVOZUIlMkZEbQ&idsd=1255077022,-1070535626&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=ww1.pawastreams.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1302636
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202306.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202306.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 05 Feb 2024 00:13:42 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
104.18.24.173302 Found 0 B URL HTTP/2 a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
IP 104.18.24.173:0
GET /i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP/1.1
Host: a.tribalfusion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 20:34:25 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 48
cache-control: no-cache, private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aynoeURwEfUS2QVqs9QuvZb9a2QSpanncOg0L6ugj; path=/; domain=.tribalfusion.com; expires=Tue, 09-May-2023 20:34:24 GMT; SameSite=None; Secure;
ANON_ID_old=aynoeURwEfUS2QVqs9QuvZb9a2QSpanncOg0L6ugj; path=/; domain=.tribalfusion.com; expires=Tue, 09-May-2023 20:34:24 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796725597bfafabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww1.pawastreams.top/marseille-vs-psg/48841/
172.67.150.183200 OK 0 B URL HTTP/2 ww1.pawastreams.top/marseille-vs-psg/48841/
IP 172.67.150.183:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /marseille-vs-psg/48841/ HTTP/1.1
Host: ww1.pawastreams.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 08 Feb 2023 20:32:22 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kftfsbOic%2B%2BvbktzFB7SUa6wpSY6WDjqG%2FEYM3%2FChA0Ds8CRHcYRxADTlwGX4GXShgyFy%2BKoOMpk28Ht0C%2B0gAgic2JWeoylRJSp7j2RDKPZrCtjPgGz0t0hqEpc5LAYiYoW908F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79672523bf2ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP 142.250.74.138:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 20:34:17 GMT
date: Wed, 08 Feb 2023 20:34:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
IP 142.250.74.138:0
GET /css?family=Open+Sans:400,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 20:34:17 GMT
date: Wed, 08 Feb 2023 20:34:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://st.chatango.com/
x-crto-bundle: UF1RA19tb3c4UXR2RmQyUEElMkJnUVFCNWU0ekIlMkZTN2d0T0tBREVnQlVxdWdyamQxTjJZYlVMRlVablJzQzE4Y0ZYWGRBTUpxVVVhbDBhU3VJZUU2bjh2YW4lMkZHR0pzblRId29CdFpkS1BlUjZOODFWcXNWR20yNEo2ZDVYN09PaXdGOXh1R0tFSlU2b3lpNG8wQ0ZieUMwYnFrRlElM0QlM0Q
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 8446666
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
serv.modoro360.com/api/adserver/tag/?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&AV_CHANNELID=63bece46bddf7a08590a2977&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ww1.pawastreams.top&AV_DADPOS=1&AV_TAG=63762abe47268709c0482e7d&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.81&responsive=1&sver=4&avtoken=517917&omv=1.0.1&AV_D65=Test1&clsid=d9f3cdaf-43b2-4f53-9eaf-4b7478fe986e&rando=66&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675888517920&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
52.23.135.149200 OK 0 B URL HTTP/2 serv.modoro360.com/api/adserver/tag/?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&AV_CHANNELID=63bece46bddf7a08590a2977&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ww1.pawastreams.top&AV_DADPOS=1&AV_TAG=63762abe47268709c0482e7d&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.81&responsive=1&sver=4&avtoken=517917&omv=1.0.1&AV_D65=Test1&clsid=d9f3cdaf-43b2-4f53-9eaf-4b7478fe986e&rando=66&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675888517920&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
IP 52.23.135.149:0
GET /api/adserver/tag/?AV_TAGID=63762abe47268709c0482e7d&AV_PUBLISHERID=634e511c15009653b86c1490&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fww1.pawastreams.top%2Fmarseille-vs-psg%2F48841%2F&AV_CHANNELID=63bece46bddf7a08590a2977&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ww1.pawastreams.top&AV_DADPOS=1&AV_TAG=63762abe47268709c0482e7d&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.81&responsive=1&sver=4&avtoken=517917&omv=1.0.1&AV_D65=Test1&clsid=d9f3cdaf-43b2-4f53-9eaf-4b7478fe986e&rando=66&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675888517920&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1 HTTP/1.1
Host: serv.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.pawastreams.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://ww1.pawastreams.top/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:22 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: aniC=1675888462498-980157918857-001198-001-001449; Expires=Tue, 28-Feb-23 20:34:22 GMT; Max-Age=1728000; Domain=modoro360.com; Path=/; Secure; HttpOnly; SameSite=None
aniC=; Expires=Tue, 28-Feb-23 20:34:22 GMT; Max-Age=1728000; Domain=modoro360.com; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-origin: https://ww1.pawastreams.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
access-control-max-age: 1728000
x-bamboo-c-s: BYPASS
x-bamboo-c-skfe: 1
x-bamboo-c-skst: 1
expires: Sat, 28 Jan 2023 06:47:42 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:34:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 20:34:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=ww1.pawastreams.top
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=ww1.pawastreams.top
IP 178.250.0.157:0
GET /syncframe?origin=rtus&topUrl=ww1.pawastreams.top HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:20 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=476f2a83-770b-43c1-a897-8bd823e001f9; expires=Mon, 04 Mar 2024 20:34:20 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 462204
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
player.aplhb.adipolo.com/prebidlink/465524/hb_740842_17314.js
45.133.44.3200 OK 0 B URL HTTP/2 player.aplhb.adipolo.com/prebidlink/465524/hb_740842_17314.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/465524/hb_740842_17314.js HTTP/1.1
Host: player.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.pawastreams.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:34:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Tue, 07 Feb 2023 15:22:34 GMT
etag: W/"63e26cba-4c34b"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 08 Feb 2023 21:34:21 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2