8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.179.174:443

GET /i/pub-0337387298854186?ers=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fundingchoicesmessages.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 13 Aug 2024 15:02:26 GMT
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
Content-Security-Policy: script-src 'nonce-9j5BExCOPEKyj4vjY88suw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: cross-origin
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDiaXr_dyibw4sPMZ4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgYWhoZ6BubxBQYAv0VAjA"
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

8.8.8.8:53

104.22.74.216:443

GET /tag?o=5175773613260800&upapi=true HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: btloader.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 13 Aug 2024 15:02:26 GMT
Content-Type: application/javascript
Content-Length: 18806
Connection: keep-alive
Cache-Control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
Content-Encoding: gzip
Etag: "a991142793e27bb371fbf1631d33a562"
Last-Modified: Tue, 13 Aug 2024 14:56:58 GMT
Vary: Origin, Accept-Encoding
Via: 1.1 google
CF-Cache-Status: HIT
Age: 200
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 8b29960ecd12cdba-LHR

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.26.4.120:443

GET /uptodown.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: scripts.ssm.codes
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 13 Aug 2024 15:02:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Cf-Bgj: minify
Cf-Polished: origSize=157790
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
etag: W/"e38d5bc32408fb03c69677a8170a7f3d"
last-modified: Thu, 01 Aug 2024 09:31:42 GMT
vary: Accept-Encoding
x-goog-generation: 1722504702033676
x-goog-hash: crc32c=/fIeAw==
x-goog-hash: md5=441bwyQI+wPGlneoFwp/PQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 157790
x-guploader-uploadid: AHxI1nNsnWtLwDV02KmfEP1Z4j_BnuMiRN8jbHwgrmzZy466obQzQmx_OoRKN-2F8vtg-rHImv0XIIhx_Q
CF-Cache-Status: HIT
Age: 408599
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfalIKAh7Oavi9YzfUzSTvDyk3cklf9Wk9w0sVL4tYgPWoLp7PTphJOmG8F%2BWFWJW%2FFG7TMs1Vqa%2BuNUrmc3nb2gBSL9kVMZGIQPaFAvzBRDR7l4MU8w0mwcJOD%2FZCzPOr6k"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8b29960ead989526-LHR
Content-Encoding: gzip

8.8.8.8:53

142.250.179.131:80

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

HTTP/1.1 200 OK
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Tue, 13 Aug 2024 14:02:54 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3572

142.250.179.131:80

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFISB6AKY0OzCbS%2BEJ1LbPY%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

HTTP/1.1 200 OK
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Tue, 13 Aug 2024 14:08:53 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3213

142.250.179.131:80

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFISB6AKY0OzCbS%2BEJ1LbPY%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

HTTP/1.1 200 OK
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Tue, 13 Aug 2024 14:08:53 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3213

142.250.179.131:80

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

HTTP/1.1 200 OK
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Tue, 13 Aug 2024 14:02:54 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3572

8.8.8.8:53

104.26.5.120:443

GET /topics/topics_frame.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssm.codes
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 13 Aug 2024 15:02:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 04 Jul 2024 11:38:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
Cache-Control: public, stale-if-error=7890000, stale-while-revalidate=7890000, s-maxage=31536000, max-age=300
CF-Cache-Status: HIT
Age: 441431
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ViWmLFMMCMLoZwo8SWCTCZQ4fbkYeZQGEnabSHQIUP%2BeUJ62tYye8H2B7QQNa3rEj8%2BQogR52HEr2zPaJHn03noa6JeE4tVCRs07oOW8EZ5eTy%2Be%2FBwdM8ru8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8b299613ff66636d-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

104.26.5.120:443

POST /cdn-cgi/rum? HTTP/1.1
Accept: */*
Content-Type: application/json
Referer: https://ssm.codes/topics/topics_frame.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: ssm.codes
Content-Length: 1107
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Aug 2024 15:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 8b2996193d91636d-LHR
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

8.8.8.8:53

104.16.79.73:443

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://ssm.codes/topics/topics_frame.html
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.cloudflareinsights.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 13 Aug 2024 15:02:27 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
ETag: W/"2024.6.1"
Last-Modified: Thu, 06 Jun 2024 15:52:56 GMT
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8b2996181ef44183-LHR
Content-Encoding: gzip

8.8.8.8:53

104.77.160.144:80

GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Wed, 01 May 2024 09:28:59 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com

HTTP/1.1 200 OK
Content-Length: 1036
Content-Type: application/octet-stream
Content-MD5: 5xIscz+eN7ugykyYXOEdbQ==
Last-Modified: Thu, 11 Jul 2024 01:45:51 GMT
ETag: 0x8DCA14B323B2CC0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9549e7d5-401e-0049-3a40-d31501000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 13 Aug 2024 15:02:56 GMT
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53