r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14734
Expires: Sun, 22 Jan 2023 05:52:26 GMT
Date: Sun, 22 Jan 2023 01:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10096
Expires: Sun, 22 Jan 2023 04:35:08 GMT
Date: Sun, 22 Jan 2023 01:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5621
Expires: Sun, 22 Jan 2023 03:20:33 GMT
Date: Sun, 22 Jan 2023 01:46:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 01:34:48 GMT
content-type: application/json
age: 724
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q462BqF6egMhSanJ8MVN6R8QZAlbpsBmZf7w8mnw30wE+SzPJY0UMCYJZU6kcRTinXZAe67G9GM=
x-amz-request-id: JFPWXVB33PZT0J6B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 00:47:04 GMT
age: 3588
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:52 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
app.upsellit.com/email/link.jsp?s=6sb6di_1670262754_1_send&l=1&a=1
208.118.62.69302 Found 485 B URL HTTP/1.1 app.upsellit.com/email/link.jsp?s=6sb6di_1670262754_1_send&l=1&a=1
IP 208.118.62.69:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 31a6cbf07e2f9df294792ddad449115f
e8107fa0241bfa7640381cbd366b350defd6ee44
eb5e5b6c5ed65f743cae52c8c185206ca567265ad6157e91bd9aae5777ec0afa
GET /email/link.jsp?s=6sb6di_1670262754_1_send&l=1&a=1 HTTP/1.1
Host: app.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://app.upsellit.com/email/link.jsp?s=6sb6di_1670262754_1_send&l=1&a=1
Connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 01:17:30 GMT
age: 1762
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2525
Cache-Control: max-age=115321
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:52 GMT
Etag: "63cbab28-1d7"
Expires: Mon, 23 Jan 2023 09:48:53 GMT
Last-Modified: Sat, 21 Jan 2023 09:06:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
app.upsellit.com/favicon.ico
208.118.62.69200 OK 1.2 kB URL HTTP/2 app.upsellit.com/favicon.ico
IP 208.118.62.69:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1443adf87c7509c26c545d094094d11e
d4930b956cc30245cf1be12ceb7ed41a71746b2f
5ad8b446aa2a6423f8bfe788ca8ac0b6b22e3490acf71354087264ada726f5aa
GET /favicon.ico HTTP/1.1
Host: app.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.upsellit.com/email/link.jsp?s=6sb6di_1670262754_1_send&l=1&a=1
Cookie: USIDataHound=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:52 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 11 Jan 2012 03:57:12 GMT
etag: "4f0d0898-47e"
expires: Tue, 21 Feb 2023 01:46:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash b6057916bed5dee7214085addd278afe
70157f25adf7080b611182b2e225b83422003e91
75008096256614953be7b7bfaa4c4da28876e0fe9987db3cf6e802bcbe6d8c78
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167527
Date: Sun, 22 Jan 2023 01:46:53 GMT
Etag: "63cc6a53-1d7"
Expires: Tue, 24 Jan 2023 00:19:00 GMT
Last-Modified: Sat, 21 Jan 2023 22:42:27 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WNiVLJgQsZOxca7SevCqU44W2DrC3_CEuqRW3h-AQu47S31ZkGBcFg==
Age: 5793
push.services.mozilla.com/
54.149.190.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.190.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TAPx5KSND2jMgw6HrijLzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: orZ+rihAJhgfuKmN/PSYMRhMupY=
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
104.17.25.14200 OK 5.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
IP 104.17.25.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash e16b069abea6a1a1f1d29ea7797a5647
102a0b280cb79044af8e14c5ebee6e4ffd14a99f
92119af570a9f35d60e08fece25c33337dd0448e2c269b978c63f02606869458
GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: text/css; charset=utf-8
content-length: 5195
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-81d1"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5730344
expires: Fri, 12 Jan 2024 01:46:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDi442FzPoCzuVvZ4zp811zNJrwNoHGoai11eX8N8APeZawbzSVOhI5vM5DkpwfqIF93McbGmXU%2FzKdBvfmkc1qbEh1Y5LVmHK7mLr0bjvorn5XwOhvrifOAzB3wOA3cjsWruMf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d49e5408500afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
104.17.25.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32074)
Hash 8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1314286
expires: Fri, 12 Jan 2024 01:46:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIzIFcQoogT58YXXAF9gRYeXYkfwW454gPR75iTzwoP2tP3YN%2BArKW%2FzS622ScBH8No2eWbklrj7Dypqp5kCO9bUsYfAeJ7oVHAqv081pTvuuc2zFfjo6dDnQ%2FN0dlonvJSlx9DH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d49e5438570afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
172.217.21.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 12:53:13 GMT
expires: Sun, 21 Jan 2024 12:53:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 46420
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-934577750
142.250.74.168200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-934577750
IP 142.250.74.168:0
File type ASCII text, with very long lines (7823)
Hash fb45eddd21bd747682e8979c63dbd5d5
52611bade4543f464e5cc1665192ee75f50903b8
d242d2c6d703e29d2c27b8638580353b760dec8607ccf13b12c5b65147919085
GET /gtag/js?id=AW-934577750 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 01:46:53 GMT
expires: Sun, 22 Jan 2023 01:46:53 GMT
cache-control: private, max-age=900
last-modified: Sun, 22 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67826
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 448aaf14b5999e00c5380e971f33b406
71ef78598f7558a5af06c691cc04dd27170cfa77
3334351554862fca8fd39917080831de2fc8055ea3b1c58e485301d9b9918389
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-135380185-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135380185-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 203e851194121e131dd6e7b270e0b886
d21365f52d122faf3c322543f35303c18055a967
3e7ca826f7a0857ae4eefb9e89e0228ab01308c7fb3162aeaa5fd598dd7d311b
GET /gtag/js?id=UA-135380185-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 01:46:53 GMT
expires: Sun, 22 Jan 2023 01:46:53 GMT
cache-control: private, max-age=900
last-modified: Sun, 22 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/v0/amp-analytics-0.1.js
142.250.74.161200 OK 32 kB URL HTTP/2 cdn.ampproject.org/v0/amp-analytics-0.1.js
IP 142.250.74.161:0
File type ASCII text, with very long lines (65534)
Hash b7e8424a35a7f8d0a2456cfc6f4f4979
b8db45f137c21357482d8665abafce4abc8003c2
db83b4211023c35b70471a6ded3fc24217a61a725b42fd5a2957412358055849
GET /v0/amp-analytics-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 31947
date: Sun, 22 Jan 2023 01:46:53 GMT
expires: Sun, 22 Jan 2023 01:46:53 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "ef77c302ec11006d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/TicketSmarter-Colored-Website-Logo-222x25.png
100.25.87.89200 OK 4.0 kB URL HTTP/2 ticketsmarter.com/content/uploaded/TicketSmarter-Colored-Website-Logo-222x25.png
IP 100.25.87.89:0
File type PNG image data, 222 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash ea3cb608f67dbaf8b0e44cd768056ca2
e1ce13595d3ea80badf3150658b6b8371c8df2db
d40cc25bd5cec3f97ee23f37edaf19a2b02ec45bfbc028d0076cf9076c0943e7
GET /content/uploaded/TicketSmarter-Colored-Website-Logo-222x25.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: image/png
content-length: 3970
server: nginx/1.20.0
last-modified: Fri, 17 Jan 2020 16:40:25 GMT
etag: "5e21e379-f82"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 448aaf14b5999e00c5380e971f33b406
71ef78598f7558a5af06c691cc04dd27170cfa77
3334351554862fca8fd39917080831de2fc8055ea3b1c58e485301d9b9918389
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ticketsmarter.com/dist/webpack/css/app.58bd00ca75b275526527.css
100.25.87.89200 OK 257 kB URL HTTP/2 ticketsmarter.com/dist/webpack/css/app.58bd00ca75b275526527.css
IP 100.25.87.89:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 257 kB (257181 bytes)
Hash f6a1394e8a4b05b0db64414c3c46d72a
16830442c0c46ee4d05340b054b330f5fa2825f6
e3ecc581b9c8a70b5dc92cce34f35dd057d000e420559694927424ea2eed878e
GET /dist/webpack/css/app.58bd00ca75b275526527.css HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: text/css
content-length: 257181
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:45:39 GMT
etag: "63c95793-3ec9d"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/St-Judes-Children-Hospital-TicketSmarter-Partnership.jpg
100.25.87.89200 OK 15 kB URL HTTP/2 ticketsmarter.com/content/uploaded/St-Judes-Children-Hospital-TicketSmarter-Partnership.jpg
IP 100.25.87.89:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 06ce0b7f6655c8bfc920bda53701e861
77391d15bea6e50aa89ea7710f669e693cbc85e8
b5aa94ea7024532330a04e3a319cf2fa5bdcd1d732f1cb9441a9bbb0ede4a4bb
GET /content/uploaded/St-Judes-Children-Hospital-TicketSmarter-Partnership.jpg HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: image/jpeg
content-length: 14703
server: nginx/1.20.0
last-modified: Mon, 09 Dec 2019 02:37:12 GMT
etag: "5dedb358-396f"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/the%20V%20Foundation.png
100.25.87.89200 OK 3.3 kB URL HTTP/2 ticketsmarter.com/content/uploaded/the%20V%20Foundation.png
IP 100.25.87.89:0
File type PNG image data, 292 x 185, 8-bit colormap, non-interlaced\012- data
Hash bb11887863e5ed8f684b32b2fa68066e
89ca9c5ca48eb9c0d88f7a8dfb2940cbabe2cf1e
7d512373097677c5fda42d01df1bf6379daf0f9a0c6f133d58504d1c9b946d6f
GET /content/uploaded/the%20V%20Foundation.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: image/png
content-length: 3264
server: nginx/1.20.0
last-modified: Thu, 17 Feb 2022 18:52:59 GMT
etag: "620e998b-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/Performer%20Images/USA-Today-250.png
100.25.87.89200 OK 3.8 kB URL HTTP/2 ticketsmarter.com/content/uploaded/Performer%20Images/USA-Today-250.png
IP 100.25.87.89:0
File type PNG image data, 250 x 121, 8-bit colormap, non-interlaced\012- data
Hash 4e550b38e323cbbfdacc90b26c83fa4e
913531b1d67040a4caf25e3920ae358576d5aeea
6175defbffdd8f49783c3a4bf4dfd1cac9665dead77ae2d5c2d47cd6723fe919
GET /content/uploaded/Performer%20Images/USA-Today-250.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: image/png
content-length: 3774
server: nginx/1.20.0
last-modified: Tue, 21 Dec 2021 22:46:05 GMT
etag: "61c2592d-ebe"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/ESPN-Events-TicketSmarter-Partnership.jpg
100.25.87.89200 OK 19 kB URL HTTP/2 ticketsmarter.com/content/uploaded/ESPN-Events-TicketSmarter-Partnership.jpg
IP 100.25.87.89:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1103x212, components 3\012- data
Hash d8882a6215496d9c6216bee66a7f2fb9
c6cda4921ebd2a61d3891e6230dad6785ef9b90b
b3278f44149ca488a29e196bd5818d6afeb8100fbf1ca2bfac3a71b9ae2fdb07
GET /content/uploaded/ESPN-Events-TicketSmarter-Partnership.jpg HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: image/jpeg
content-length: 19277
server: nginx/1.20.0
last-modified: Mon, 09 Dec 2019 02:43:52 GMT
etag: "5dedb4e8-4b4d"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/dist/webpack/runtime.8a61b2688135e5fa23b0.js
100.25.87.89200 OK 1.5 kB URL HTTP/2 ticketsmarter.com/dist/webpack/runtime.8a61b2688135e5fa23b0.js
IP 100.25.87.89:0
File type ASCII text, with very long lines (1514), with no line terminators
Hash 946d5ed90fc54148ee00b2707467ef8b
f39d0db4e3c597739b3fba812c3c600bf589aba7
11844a2d955883a32191b6078a6381aa47ea610c600564b4311ab2566d446026
GET /dist/webpack/runtime.8a61b2688135e5fa23b0.js HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript
content-length: 1514
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:45:39 GMT
etag: "63c95793-5ea"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/homepage%20partner%20logos/Official-Partner-of-TicketSmarter-Birmingham-Bowl-Tickets.png
100.25.87.89200 OK 16 kB URL HTTP/2 ticketsmarter.com/content/uploaded/homepage%20partner%20logos/Official-Partner-of-TicketSmarter-Birmingham-Bowl-Tickets.png
IP 100.25.87.89:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 84cea3f8ab6df5590f00c476dc9eb849
2e3ff55470fe259a7c489c4aee12a92efab43898
314d7af8d4a07fdfecaf12f6cfd0d0b9630212beb78488d0935fb575bb3917a0
GET /content/uploaded/homepage%20partner%20logos/Official-Partner-of-TicketSmarter-Birmingham-Bowl-Tickets.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: image/png
content-length: 15880
server: nginx/1.20.0
last-modified: Thu, 20 Oct 2022 20:51:31 GMT
etag: "6351b4d3-3e08"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/dist/webpack/app.7419693279f0579785b4.js
100.25.87.89200 OK 24 kB URL HTTP/2 ticketsmarter.com/dist/webpack/app.7419693279f0579785b4.js
IP 100.25.87.89:0
File type ASCII text, with very long lines (24515), with no line terminators
Hash c91efe23c97aabd5c9e77228716eac5d
364b26324756a8cf3c65ba730ed5e23fe88c704e
66b0fe53800b7301ba889ea8a619465419fee19aa5c6e1c1f5e7233fa2ae022e
GET /dist/webpack/app.7419693279f0579785b4.js HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript
content-length: 24515
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:45:39 GMT
etag: "63c95793-5fc3"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/dist/webpack/template.5ec6b56186acf95c1286.js
100.25.87.89200 OK 6.7 kB URL HTTP/2 ticketsmarter.com/dist/webpack/template.5ec6b56186acf95c1286.js
IP 100.25.87.89:0
File type ASCII text, with very long lines (6319)
Hash 0d9d38ba724a1f9fd663292c037e0676
6e2bdf2683dac31bc0001d62812086f83366a72e
c8d5ee4fd3cb99842821b2f7e7f46437abab4c8847ad9e3dd52c489368736381
GET /dist/webpack/template.5ec6b56186acf95c1286.js HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript
content-length: 6650
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:45:39 GMT
etag: "63c95793-19fa"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/dist/webpack/siteScripts.1a8d5041f6dca845b8da.js
100.25.87.89200 OK 43 kB URL HTTP/2 ticketsmarter.com/dist/webpack/siteScripts.1a8d5041f6dca845b8da.js
IP 100.25.87.89:0
File type ASCII text, with very long lines (43390), with no line terminators
Hash ec3a9e3f8851d994afc684d82370991d
41fd56407d9f1824c46f96031787eb90457ff7de
4ebea2daca2a31575986f2662edd1721f348a7ccbc2b6fff822a87d0b24c53df
GET /dist/webpack/siteScripts.1a8d5041f6dca845b8da.js HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript
content-length: 43390
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:45:39 GMT
etag: "63c95793-a97e"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/dist/webpack/loadFoundation.7bfe22b0d84ae6634ee7.js
100.25.87.89200 OK 114 kB URL HTTP/2 ticketsmarter.com/dist/webpack/loadFoundation.7bfe22b0d84ae6634ee7.js
IP 100.25.87.89:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (113833 bytes)
Hash e31787e887edfa6a46276aee5630ba3b
ea818acc3e99b5faca53bc31a89af335753e5df2
b18d8c3403f5e674d23e110a56133df0c2062c14aba5465d7bf85bbd23f7c9b3
GET /dist/webpack/loadFoundation.7bfe22b0d84ae6634ee7.js HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript
content-length: 113833
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:45:39 GMT
etag: "63c95793-1bca9"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 37d945f4157669ea2ca8960ce54da09e
f1fa5679eae14cd2c704bda5a6246f49f1a32415
55a35656397a987935e45f2e99db39d37b0afa2d8375fad278011b70e32a72cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2970
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Etag: "63cb48aa-2d7"
Last-Modified: Sun, 22 Jan 2023 00:57:23 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 37d945f4157669ea2ca8960ce54da09e
f1fa5679eae14cd2c704bda5a6246f49f1a32415
55a35656397a987935e45f2e99db39d37b0afa2d8375fad278011b70e32a72cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2970
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Last-Modified: Sun, 22 Jan 2023 00:57:23 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 727
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash b94241459b11e8456637a5084011d015
2cecbc24dcbffad898f61fd508b5bc6a4f71e2d1
a9ad8ab46e4e3ef5a7eb6431ebdf67d226d847731faaa65e5f00d5c317ff1431
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 01:46:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 23:18:54 GMT
Expires: Sun, 22 Jan 2023 23:18:54 GMT
ETag: "2cecbc24dcbffad898f61fd508b5bc6a4f71e2d1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 37d945f4157669ea2ca8960ce54da09e
f1fa5679eae14cd2c704bda5a6246f49f1a32415
55a35656397a987935e45f2e99db39d37b0afa2d8375fad278011b70e32a72cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:53 GMT
Etag: "63cb48aa-2d7"
Server: ECS (amb/6B85)
Content-Length: 727
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash b94241459b11e8456637a5084011d015
2cecbc24dcbffad898f61fd508b5bc6a4f71e2d1
a9ad8ab46e4e3ef5a7eb6431ebdf67d226d847731faaa65e5f00d5c317ff1431
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 01:46:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 23:18:54 GMT
Expires: Sun, 22 Jan 2023 23:18:54 GMT
ETag: "2cecbc24dcbffad898f61fd508b5bc6a4f71e2d1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
accounts.tickettransaction.com/Content/sso-login.min.css
8.45.158.81200 OK 263 B URL HTTP/1.1 accounts.tickettransaction.com/Content/sso-login.min.css
IP 8.45.158.81:0
File type ASCII text, with no line terminators
Hash 1ededb3a46b361311537b3777ffd718b
504a83cb366fe6a9d54e017738ab9e70717412a0
2a95d70ed8ffb382240f98673d3bf2c5d294f79972893ac19d138c3a5dc5d309
GET /Content/sso-login.min.css HTTP/1.1
Host: accounts.tickettransaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public,max-age=3600
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 16:28:26 GMT
Accept-Ranges: bytes
ETag: "0319c901025d91:0"
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
P3P: CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website."
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sun, 22 Jan 2023 01:46:53 GMT
Content-Length: 263
accounts.tickettransaction.com/bundles/sso.login?v=1as
8.45.158.81200 OK 12 kB URL HTTP/1.1 accounts.tickettransaction.com/bundles/sso.login?v=1as
IP 8.45.158.81:0
File type ASCII text, with very long lines (27112), with no line terminators
Hash a88f6fbbe18b16efe3676759fa78dc95
3df44c54653215f7459131b702ddcaf4b4f7ba0d
2caa6b68a8902613fa015a731f01d5bed638d7099964e8e48dfe041b2ae383ab
GET /bundles/sso.login?v=1as HTTP/1.1
Host: accounts.tickettransaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
P3P: CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website."
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sun, 22 Jan 2023 01:46:53 GMT
Content-Length: 12333
fonts.googleapis.com/css2?family=Lato&family=Montserrat&family=Roboto&family=IBM+Plex+Sans:wght@400;600&display=swap
142.250.74.106200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css2?family=Lato&family=Montserrat&family=Roboto&family=IBM+Plex+Sans:wght@400;600&display=swap
IP 142.250.74.106:0
Hash bf539492c646ab6d02bace6c75505a69
2c9cabf15855d97072e7945364e843b0a61408b2
23bdcb1c35eb2e86bde70031032691ee7396287141a5719e38519e4c866b9e4c
GET /css2?family=Lato&family=Montserrat&family=Roboto&family=IBM+Plex+Sans:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 01:46:54 GMT
date: Sun, 22 Jan 2023 01:46:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a901a3f4197327271ae96eaf548e6a77
8ba779e94f72f02ba0f5ba63a4827343a086f4f0
9170c508a120097d155b95992a4e4c9448b5df88d0ed78281e0c04d7de0818b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9170C508A120097D155B95992A4E4C9448B5DF88D0ED78281E0C04D7DE0818B0"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=602
Expires: Sun, 22 Jan 2023 01:56:56 GMT
Date: Sun, 22 Jan 2023 01:46:54 GMT
Connection: keep-alive
ticketsmarter.com/images/bx_loader.gif
100.25.87.89200 OK 5.6 kB URL HTTP/2 ticketsmarter.com/images/bx_loader.gif
IP 100.25.87.89:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 77b8e992a3b89d8f8c6f3018b39152b8
fbf66db9e5e75afa60632543da6145f0781dd872
1781afbfbb64bbf86ab6ed3d0d8fc9755226c8bd76376df95424dc5538d4c4c7
GET /images/bx_loader.gif HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/dist/webpack/css/app.58bd00ca75b275526527.css
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/gif
content-length: 5615
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:43:42 GMT
etag: "63c9571e-15ef"
accept-ranges: bytes
X-Firefox-Spdy: h2
accounts.tickettransaction.com/Content/Preheader/preheader-bootstrap.min.css
8.45.158.81200 OK 20 kB URL HTTP/1.1 accounts.tickettransaction.com/Content/Preheader/preheader-bootstrap.min.css
IP 8.45.158.81:0
File type ASCII text, with very long lines (64959)
Hash e6ab83d05c8ef439047c9fc53399f880
ab7afc52c0f744c7926d491cf735bb47e47b2caa
9aaa8762e8174ee55b67ec7b97e19583207cba326cfd721611be0c940e2cd23d
GET /Content/Preheader/preheader-bootstrap.min.css HTTP/1.1
Host: accounts.tickettransaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public,max-age=3600
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 16:28:26 GMT
Accept-Ranges: bytes
ETag: "0319c901025d91:0"
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
P3P: CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website."
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sun, 22 Jan 2023 01:46:53 GMT
Content-Length: 20315
k.p-n.io/event-stream
52.57.182.252204 No Content 0 B IP 52.57.182.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event-stream HTTP/1.1
Host: k.p-n.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketsmarter.com/
content-type: text/plain
Origin: https://ticketsmarter.com
Content-Length: 366
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 22 Jan 2023 01:46:54 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 600
X-Firefox-Spdy: h2
k.p-n.io/event-stream
52.57.182.252204 No Content 0 B IP 52.57.182.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event-stream HTTP/1.1
Host: k.p-n.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketsmarter.com/
content-type: text/plain
Origin: https://ticketsmarter.com
Content-Length: 417
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 22 Jan 2023 01:46:54 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 600
X-Firefox-Spdy: h2
ticketsmarter.com/images/controls.png
100.25.87.89200 OK 1.1 kB URL HTTP/2 ticketsmarter.com/images/controls.png
IP 100.25.87.89:0
File type PNG image data, 96 x 63, 8-bit gray+alpha, non-interlaced\012- data
Hash 7ccbdc963ccecbf5b3baa09192810f5b
82d4c2c78d50d0c24284cdbc162173198320d21e
9125ec48c159a1d0fb0b2cc769954daf6bd9cc5cf976be99278d3d4adce25a8b
GET /images/controls.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/dist/webpack/css/app.58bd00ca75b275526527.css
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 1065
server: nginx/1.20.0
last-modified: Thu, 19 Jan 2023 14:43:42 GMT
etag: "63c9571e-429"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18000, version 1.0\012- data
Hash 560995d7cd4dc2b997fe8a9ef9601982
d688e6d4db3d5ded8039208ec478049e971f4075
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
GET /s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 11:06:00 GMT
expires: Mon, 15 Jan 2024 11:06:00 GMT
cache-control: public, max-age=31536000
age: 571254
last-modified: Tue, 26 Apr 2022 15:46:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 07668a57109d98a187610dc552d9c248
a62ea0c37ce3e9ca85d0ba159b50f5f6038c5a42
768f5e20b588d5a98b6bfd59f5bc13cb351b45fb809bc2b0df2e077ec23292c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 01:46:54 GMT
Last-Modified: Sun, 22 Jan 2023 00:34:28 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tvlZsR699qna17eYYh0M9IVMloz6P2fVe-RC4jLx-RFYH5BGLCVk9A==
Age: 4346
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6478
Cache-Control: max-age=142652
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Etag: "63cc067c-1d7"
Expires: Mon, 23 Jan 2023 17:24:26 GMT
Last-Modified: Sat, 21 Jan 2023 15:36:28 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
100.25.87.89200 OK 74 kB URL HTTP/2 ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
IP 100.25.87.89:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (672)
Hash 014840e5f1227c02675dd9724d141453
1cb900ba11bcdce88e22abd32bc6cd2c2594f81a
1c18fffe9f1ce77ae3897fbe692c06120c2192597e747cf9283dad7098eccc54
GET /?usi_email_id=6sb6di_1670262754_1_send.2592000 HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.upsellit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; path=/; secure
atbs_location=59.955%7C10.859%7COslo%7C03%7C; expires=Tue, 21-Feb-2023 01:46:53 GMT; Max-Age=2592000; path=/; domain=.ticketsmarter.com; secure
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 22 Jan 2023 00:41:07 GMT
expires: Sun, 22 Jan 2023 02:41:07 GMT
cache-control: public, max-age=7200
age: 3947
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/Favicon.png?v=00123
100.25.87.89200 OK 1.2 kB URL HTTP/2 ticketsmarter.com/content/uploaded/Favicon.png?v=00123
IP 100.25.87.89:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 448b279ca256bd53c786ea1944df302b
a1204b4025336ffb40b825a17380b02cddf00674
9f0efeab2d7eedd990063ad6357b47d16617fc15b8e7dac7e047400bca6bb46f
GET /content/uploaded/Favicon.png?v=00123 HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 1150
server: nginx/1.20.0
last-modified: Mon, 20 Jan 2020 17:12:05 GMT
etag: "5e25df65-47e"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash f446466b4644f54113ac9ddaf5590347
a533e7057d7726fb873d8a223ea2aaa17e40b980
75737a17f2e9d62b0e5d73466b68bf284663c40afbb257d99791de16a411db4b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 01:46:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 22:38:15 GMT
Expires: Sun, 22 Jan 2023 22:38:15 GMT
ETag: "a533e7057d7726fb873d8a223ea2aaa17e40b980"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 6333a330653bd348e09ed4f4b0e13eda
c94e01492b5beea156d5025ea381a9f306c65acb
2fcc9391c08db1990ba028bcc88e92b94766c5df020677467ffa2740e363a2da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2560
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Last-Modified: Sun, 22 Jan 2023 01:04:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6478
Cache-Control: max-age=142652
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Etag: "63cc067c-1d7"
Expires: Mon, 23 Jan 2023 17:24:26 GMT
Last-Modified: Sat, 21 Jan 2023 15:36:28 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/934577750/?random=1674352013188&cv=11&fst=1674352013188&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&auid=1479115159.1674352013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.130200 OK 960 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/934577750/?random=1674352013188&cv=11&fst=1674352013188&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&auid=1479115159.1674352013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2161), with no line terminators
Hash 0bb7f12c0d60260ac7dada9cb9fe239f
6bbcf848733f717f8c00cd6cde0e93eb2fb97690
cad60ece1b786eb7702abe97e6e1704eeba553391900034a70cb610a2577b9c7
GET /pagead/viewthroughconversion/934577750/?random=1674352013188&cv=11&fst=1674352013188&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&auid=1479115159.1674352013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 01:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 960
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 02:01:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4933
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 01:46:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4933
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 01:46:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:17 GMT
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
age: 14317
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9cbc3d6e-5c3a-4587-b097-2c7d3adec9c0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9cbc3d6e-5c3a-4587-b097-2c7d3adec9c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3be32fcb22c82a393ffbe0ffb58e53f
216b93c47e2c4fa110a980010c9f1924b38f32f8
a404e137c463b0737935ca7d93750c51954f92186aefbc2ca4d4308590a7e1a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9cbc3d6e-5c3a-4587-b097-2c7d3adec9c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8744
x-amzn-requestid: 93a7a20f-a6b6-4ba3-a24f-709e42d8f72e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-nNQHefoAMFfIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8ebee-012bb78e0bdbac982b577ec2;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:06:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZKN3NNEYQ5fu3mCFOYNC2l62hUlAO_nPoC_ShOIG7vV2jV_EgqulYQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:54:11 GMT
age: 64363
etag: "216b93c47e2c4fa110a980010c9f1924b38f32f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4933
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 01:46:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b429642344aabb638e3acbd63463fe8d
f9ea147291359b0fb6e7a78983643949665003d7
acda68bb2566774c9b279e048b62aaaa5a27b87e783048d6765e598ac2c584fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6c542779-10fa-4bbd-9294-3127a104de12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBEa3IAMF6-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-4d5a606011cb84fd14d7b175;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NLwQoDRTYi8Ol0cDp3gaJpQ7-0kq6ITtm9lzj1qFrKe2oGOK7YWMzg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 14328
etag: "f9ea147291359b0fb6e7a78983643949665003d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4933
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 01:46:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 80526
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a62aa481fefd14685674daefce0a9aa7
09a643a2f874a4811781207afde14baa230286be
b806532f5d8fefbcad8dfff3441ca986aa549ab7e57923122e584fd371906f6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4752
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Last-Modified: Sun, 22 Jan 2023 00:27:42 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 727
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd399906-0156-4422-876c-42e2142ca1ca.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd399906-0156-4422-876c-42e2142ca1ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 587de819b05bfb2793065133b65a93f3
b80e7b904ddc9a2cf87c9ac6ad2affc5dee4f5ce
95fed499ec2d8e6d88a3d84eca57ca20b294ed6b8b82779f50d12bd7fbff5559
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd399906-0156-4422-876c-42e2142ca1ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9932
x-amzn-requestid: 94af32c6-280b-4bda-a6dd-f41c5ab22027
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-m6MHqPoAMFmzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8eb74-2fd4708e39ed01c805c85652;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:04:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NezACadgboDZ-8Aiuckh7-NL_29B9EG-e_dpkzGrVTeZN8H15EfF7A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 08:00:06 GMT
age: 64008
etag: "b80e7b904ddc9a2cf87c9ac6ad2affc5dee4f5ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4933
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 01:46:54 GMT
Connection: keep-alive
widget.wickedreports.com/v2/4493/wr-4e296451a17be76a4b07c308e72cb9e2.js
54.230.111.45200 OK 423 B URL HTTP/2 widget.wickedreports.com/v2/4493/wr-4e296451a17be76a4b07c308e72cb9e2.js
IP 54.230.111.45:0
File type ASCII text, with very long lines (423), with no line terminators
Hash 7ad0a9f8c8724bb140f41824c211bfcd
05e6938bfa759658f5afd76aa1240611be95b185
654c714f0445f6a68f975d7daaab65deb19d049fbcd7209cac3105dd242a7dff
GET /v2/4493/wr-4e296451a17be76a4b07c308e72cb9e2.js HTTP/1.1
Host: widget.wickedreports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 423
last-modified: Mon, 17 Oct 2022 17:39:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 21 Jan 2023 08:01:48 GMT
etag: "7ad0a9f8c8724bb140f41824c211bfcd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Sr1ZNBJHIXgwqeiWDCktdDAecLxtOKwOPNCjK27PH9ClC7RaYkXbrA==
age: 63907
X-Firefox-Spdy: h2
pix.pub/t.png?&t=1674352013329&l=tvscientific-pix-o-55c8efa1-c981-44a5-a527-086eeea1121b&u3=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000
54.230.111.107200 OK 68 B URL HTTP/2 pix.pub/t.png?&t=1674352013329&l=tvscientific-pix-o-55c8efa1-c981-44a5-a527-086eeea1121b&u3=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000
IP 54.230.111.107:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e31b8b47c618ed73e5b31011d1de037
d1b8613998ba0a89b32bfb7a2a1eedaa9dd55529
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
GET /t.png?&t=1674352013329&l=tvscientific-pix-o-55c8efa1-c981-44a5-a527-086eeea1121b&u3=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000 HTTP/1.1
Host: pix.pub
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 68
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 21 Jan 2023 02:09:06 GMT
etag: "8e31b8b47c618ed73e5b31011d1de037"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KgmtFqHCcnP-5M5InnCk7xBUBc51VW5fYLY1cYHiAY-ljNCtgyeaXw==
age: 85099
X-Firefox-Spdy: h2
www.ticketsmarter.com/proxydirectory/tags/12470/tag.js
100.25.87.89200 OK 49 kB URL HTTP/2 www.ticketsmarter.com/proxydirectory/tags/12470/tag.js
IP 100.25.87.89:0
File type ASCII text, with very long lines (49099)
Hash bcf601eb0047966095f34ba702fd498b
7c8d4b5de9dc30e07106e47dc42bd84a69528217
322d93945cd018a37047d2a2ed3b44af698c5327e087e4b452ad40f69def51a9
GET /proxydirectory/tags/12470/tag.js HTTP/1.1
Host: www.ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: application/javascript; charset=UTF-8
content-length: 49344
server: nginx/1.20.0
x-request-id: 9e67ca60-99f6-11ed-8f17-4553954fd891
cache-control: max-age=1800
x-cache: Miss from cloudfront
via: 1.1 5893c71b6cde828b408a700f9c0673b0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-amz-cf-id: ul2PUWDTZa5bTRUKv76CSQPedVt-7AoMgQTM_t8rtU-wgrCQT2A_yg==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BWc9_KsIp1FH10PJZFoIteQrb0Q8cfqRN8RiynsqbHyFUHhDCxwqIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 14328
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f33c40cbb2a780b2e414ddbc7245bff
b4b3b1017306cc4a42ad47adb5e919aa588ffb2e
0333f72c4fed93210845a08ba45fb89a35f5ffd0b1f22b8c217ada9e7bd47d29
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2352
Cache-Control: max-age=94637
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Etag: "63cb5b0b-1d7"
Expires: Mon, 23 Jan 2023 04:04:11 GMT
Last-Modified: Sat, 21 Jan 2023 03:24:59 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 471
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash f446466b4644f54113ac9ddaf5590347
a533e7057d7726fb873d8a223ea2aaa17e40b980
75737a17f2e9d62b0e5d73466b68bf284663c40afbb257d99791de16a411db4b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 01:46:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 22:38:15 GMT
Expires: Sun, 22 Jan 2023 22:38:15 GMT
ETag: "a533e7057d7726fb873d8a223ea2aaa17e40b980"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.upsellit.com/active/ticketsmarter.jsp
34.117.39.58200 OK 21 kB URL HTTP/2 www.upsellit.com/active/ticketsmarter.jsp
IP 34.117.39.58:0
File type ASCII text, with very long lines (8683), with CRLF, LF line terminators
Hash f710948fdd5538d3db2f1c54037c16e2
49d4a82b7c2bc398906d425c606f74cbde5ce4ef
731232830c0784c70f846ca2d40381d9d224c267b4854ee8566b81363018198b
GET /active/ticketsmarter.jsp HTTP/1.1
Host: www.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Sat, 21 Jan 2023 21:26:00 GMT
expires: Sun, 22 Jan 2023 21:26:00 GMT
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1
content-length: 20673
age: 15654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f33c40cbb2a780b2e414ddbc7245bff
b4b3b1017306cc4a42ad47adb5e919aa588ffb2e
0333f72c4fed93210845a08ba45fb89a35f5ffd0b1f22b8c217ada9e7bd47d29
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2352
Cache-Control: max-age=94637
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Etag: "63cb5b0b-1d7"
Expires: Mon, 23 Jan 2023 04:04:11 GMT
Last-Modified: Sat, 21 Jan 2023 03:24:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.sjwoe.com/policy
143.204.55.94200 OK 28 B IP 143.204.55.94:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cb03d8f455e88d7bb7050795f9f9cfc9
ad15e9674b599d400994e2e83d094e696c76eb98
4bfe3fd63b2ce813a2e3e1252146acf89e82d30222ca39161cf68086449cd64b
GET /policy HTTP/1.1
Host: www.sjwoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 28
date: Sun, 22 Jan 2023 01:32:41 GMT
x-amzn-requestid: 0519444e-cb45-4ef3-8d21-10603b57637f
access-control-allow-origin: *
x-amz-apigw-id: fHvJCEf5IAMFe5A=
cache-control: max-age=3600
x-amzn-trace-id: Root=1-63cc9239-6d725b6669431c5424181ddf;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8842Si-0p8_QXGg4czYtIz-OOtvHID_tFP8lMmMyTmzWAB61qLL_Dg==
age: 853
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a62aa481fefd14685674daefce0a9aa7
09a643a2f874a4811781207afde14baa230286be
b806532f5d8fefbcad8dfff3441ca986aa549ab7e57923122e584fd371906f6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: max-age=156920
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Etag: "63cc404c-2d7"
Expires: Mon, 23 Jan 2023 21:22:14 GMT
Last-Modified: Sat, 21 Jan 2023 19:43:08 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 727
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4e64f2b4e5f4e77492393e421c8bffae
3ee851ab7ee67e2501d33ece34aaf2afa4447289
fbb8a46ca048cc0f043eafd2849dc6436f2302b1b5404c89419754e663c97768
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162598
Date: Sun, 22 Jan 2023 01:46:54 GMT
Etag: "63cc6a54-1d7"
Expires: Mon, 23 Jan 2023 22:56:52 GMT
Last-Modified: Sat, 21 Jan 2023 22:42:28 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TAMN0pgy098lBLKJ2-wWbR4bmwDSFriSAtQGvBa_LOluTsDLpgA6Aw==
Age: 864
ob.travelrobotflower.com/i/a5c2cbfe3e097d693295e8aa12498de4.js
143.204.55.63200 OK 32 kB URL HTTP/2 ob.travelrobotflower.com/i/a5c2cbfe3e097d693295e8aa12498de4.js
IP 143.204.55.63:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash e143c3d129ac1645c9276756ab9ca4a4
d51684e182335ef7f99d410c2840790a46d675bf
38c059a86010878688c94ffdb3e60f993789b21009951d42f830f69cfdd0bdb0
Analyzer Verdict Alert fortinet Malware
GET /i/a5c2cbfe3e097d693295e8aa12498de4.js HTTP/1.1
Host: ob.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 31908
content-encoding: gzip
server: Caddy
cache-control: max-age=43200
date: Sat, 21 Jan 2023 20:36:15 GMT
expires: Sun, 22 Jan 2023 08:36:15 GMT
etag: "15752-YyeBao7BVJ+mgx48PqIseuQKp5Y"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qK-uq3PLyZHIBs3fWgkxd3lmSQVYRP4HCyxTWjQHH5PLIoIVQLk3Bg==
age: 18639
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d6272d3fc4bc20869651dd9bfd8b8e52
7b85adb062fe14eb4773e21fa71de74bb04adb39
1b885e59fc998114eab6dc951d856faea1683ad5f2d7441d271450c6ba1fbfd8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 01:46:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 07:42:30 GMT
Expires: Sat, 28 Jan 2023 07:42:29 GMT
Etag: "7b85adb062fe14eb4773e21fa71de74bb04adb39"
Cache-Control: max-age=539134,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d49e5aaeffb517-OSL
ticketsmarter.com/content/uploaded/Spotlight%20Images/Madonna-Celebration-Tour-Ticket-Smarter-970x342.png
100.25.87.89200 OK 94 kB URL HTTP/2 ticketsmarter.com/content/uploaded/Spotlight%20Images/Madonna-Celebration-Tour-Ticket-Smarter-970x342.png
IP 100.25.87.89:0
File type PNG image data, 970 x 342, 8-bit colormap, non-interlaced\012- data
Hash fb90fc5d590d7291294cca06e7975186
9228ab77764acaca492ca331ffade4eb7fb3ef4e
24d834157b8248cf413b3df151e5a30f09dc2409b8b9c0587d426faee420e00a
GET /content/uploaded/Spotlight%20Images/Madonna-Celebration-Tour-Ticket-Smarter-970x342.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 94351
server: nginx/1.20.0
last-modified: Fri, 20 Jan 2023 14:58:16 GMT
etag: "63caac08-1708f"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/homepage%20partner%20logos/ballysports-stacked.png
100.25.87.89200 OK 43 kB URL HTTP/2 ticketsmarter.com/content/uploaded/homepage%20partner%20logos/ballysports-stacked.png
IP 100.25.87.89:0
File type PNG image data, 1197 x 634, 8-bit/color RGBA, non-interlaced\012- data
Hash d25faf0afb6af3e0bcca72a0bb49c935
f53d93a021c4a8a98df9040a8410a76595b4244a
0036c0a61ef6748fecdc852f1f337e4b914339db67503cf609781aae3aa63d1a
GET /content/uploaded/homepage%20partner%20logos/ballysports-stacked.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 43094
server: nginx/1.20.0
last-modified: Mon, 28 Mar 2022 17:31:16 GMT
etag: "6241f0e4-a856"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/Big-Ten-Logo.png
100.25.87.89200 OK 3.7 kB URL HTTP/2 ticketsmarter.com/content/uploaded/Big-Ten-Logo.png
IP 100.25.87.89:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash b6b8dd27db613ac1e44e083e500c292d
258157c6e4d3f3b8099b4dd18aafc63bd3df9748
fadd17532a60764f862baa70fb1284453bf419cbd813e5efa8de84cf1f2a156e
GET /content/uploaded/Big-Ten-Logo.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 3732
server: nginx/1.20.0
last-modified: Mon, 30 Aug 2021 00:40:58 GMT
etag: "612c291a-e94"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/featured_events/Chris%20Brown-Featured%20Events.png
100.25.87.89200 OK 15 kB URL HTTP/2 ticketsmarter.com/content/uploaded/featured_events/Chris%20Brown-Featured%20Events.png
IP 100.25.87.89:0
File type PNG image data, 138 x 138, 8-bit colormap, non-interlaced\012- data
Hash 30ac053471e901c4f5d75aaa0c0ad758
77b8070375a651b213dfb7178f31fd9f9a65520f
4cbc9d9e5813f295885be698463f4b23830dd2ad5f4edc17e3c4e479bb061c86
GET /content/uploaded/featured_events/Chris%20Brown-Featured%20Events.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 14742
server: nginx/1.20.0
last-modified: Wed, 13 Jul 2022 18:40:31 GMT
etag: "62cf119f-3996"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/featured_events/Kevin%20Hart-Featured%20Events.png
100.25.87.89200 OK 14 kB URL HTTP/2 ticketsmarter.com/content/uploaded/featured_events/Kevin%20Hart-Featured%20Events.png
IP 100.25.87.89:0
File type PNG image data, 138 x 138, 8-bit colormap, non-interlaced\012- data
Hash b3604470293d6457b41bac8614882ccb
d78acb183d468c183f5f85f20296555f23ddc7b7
83380d5ea1cedb6970fe522a33d49ab37beeffba164c40ecf71d1a19ff132dae
GET /content/uploaded/featured_events/Kevin%20Hart-Featured%20Events.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 14319
server: nginx/1.20.0
last-modified: Wed, 13 Jul 2022 18:42:05 GMT
etag: "62cf11fd-37ef"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/featured_events/Garth%20Brooks-Featured%20Events.png
100.25.87.89200 OK 13 kB URL HTTP/2 ticketsmarter.com/content/uploaded/featured_events/Garth%20Brooks-Featured%20Events.png
IP 100.25.87.89:0
File type PNG image data, 138 x 138, 8-bit colormap, non-interlaced\012- data
Hash 4dd1c475749d82bc8d9b908e3193d684
9a33adc846e09da6cc7cdb67bac04305d30a7460
1d8189cd2d3509e7d2ceffc8dbf1a889e6d61e1bebe0674344e5a7bdb3cc5b8d
GET /content/uploaded/featured_events/Garth%20Brooks-Featured%20Events.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 12973
server: nginx/1.20.0
last-modified: Wed, 13 Jul 2022 18:41:14 GMT
etag: "62cf11ca-32ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/featured_events/Elton%20John-Featured%20Events.png
100.25.87.89200 OK 9.7 kB URL HTTP/2 ticketsmarter.com/content/uploaded/featured_events/Elton%20John-Featured%20Events.png
IP 100.25.87.89:0
File type PNG image data, 138 x 138, 8-bit colormap, non-interlaced\012- data
Hash 95a2e2251cfb7b90de5feacd485bf0ba
d8f1c0903f740bc6dd3f7a2b9a5e98cfb6aa8826
bd50ea36f401c9a4d903cd76b2c206b93dc0581dba081ec7a29b83eee28ea6cf
GET /content/uploaded/featured_events/Elton%20John-Featured%20Events.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 9745
server: nginx/1.20.0
last-modified: Wed, 13 Jul 2022 18:40:50 GMT
etag: "62cf11b2-2611"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/featured_events/Jason%20Aldean-Featured%20Events.png
100.25.87.89200 OK 12 kB URL HTTP/2 ticketsmarter.com/content/uploaded/featured_events/Jason%20Aldean-Featured%20Events.png
IP 100.25.87.89:0
File type PNG image data, 138 x 138, 8-bit colormap, non-interlaced\012- data
Hash 31b095a402d1ef75ec17fb96bcde98a1
8c7b354d8175fac941abda4935ec6b64a93822a7
38d372951be687547c655976fca647b88e3f0cbbd31c3e35850ff5309573c2c3
GET /content/uploaded/featured_events/Jason%20Aldean-Featured%20Events.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 12401
server: nginx/1.20.0
last-modified: Wed, 13 Jul 2022 18:41:45 GMT
etag: "62cf11e9-3071"
accept-ranges: bytes
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/featured_events/Backstreet%20Boys-Featured%20Events.png
100.25.87.89200 OK 16 kB URL HTTP/2 ticketsmarter.com/content/uploaded/featured_events/Backstreet%20Boys-Featured%20Events.png
IP 100.25.87.89:0
File type PNG image data, 138 x 138, 8-bit colormap, non-interlaced\012- data
Hash 5b0eb2834f6d5a7af69ecd8be07b765a
bdf7fae988e63df77ce766d5f4df151eb15510aa
06a1063476d4e85299bf0db3efa92d755eeaad023d7804f22f9bf2866bdfea7a
GET /content/uploaded/featured_events/Backstreet%20Boys-Featured%20Events.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: image/png
content-length: 15911
server: nginx/1.20.0
last-modified: Wed, 13 Jul 2022 18:40:07 GMT
etag: "62cf1187-3e27"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash cf148506eb1d90c405b70e63ade4d0ca
024ef7ed4dad8f40ac736db523be16f4a7ea066c
827e0b3be81f7184a4cb7625dfd7ec48ae66a9bea5102fce46501dec561a11eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 01:46:54 GMT
Last-Modified: Sun, 22 Jan 2023 01:24:53 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dFuwIqVEW7eDeP8h2RwhwRMLWJ1NBa4PgDB-xZa_14weGlfr1hlvCg==
Age: 1322
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f170fac58cd9ca017cfc2c8fed50bac3
d5d1c007d7533960252e5dfd3b1751e27595b954
c14c624757ada9bb292349eea849d2551551daad4f84a738505fd2496c6f0679
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1390
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:54 GMT
Last-Modified: Sun, 22 Jan 2023 01:23:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
api.nickelled.com/flows/launch/ticketsmarter.com-628107
35.244.246.173200 OK 0 B URL HTTP/2 api.nickelled.com/flows/launch/ticketsmarter.com-628107
IP 35.244.246.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /flows/launch/ticketsmarter.com-628107 HTTP/1.1
Host: api.nickelled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ticketsmarter.com/
Origin: https://ticketsmarter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://ticketsmarter.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
content-length: 0
date: Sun, 22 Jan 2023 01:46:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.nickelled.com/flows/launch/ticketsmarter.com-628107
35.244.246.173200 OK 6.1 kB URL HTTP/2 api.nickelled.com/flows/launch/ticketsmarter.com-628107
IP 35.244.246.173:0
File type JSON data\012- , ASCII text, with very long lines (6105), with no line terminators
Hash 174e81e99322600000c1b9650575ff2b
311ed391bbcef51ff07c5282f15dc2d7a0826e1d
a36c32e0005d9ca2ed98b584a9a3f8ed09627f8588d56056b480b221d4eb9f5a
POST /flows/launch/ticketsmarter.com-628107 HTTP/1.1
Host: api.nickelled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketsmarter.com/
Content-Type: application/json
Origin: https://ticketsmarter.com
Content-Length: 190
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://ticketsmarter.com
vary: Origin, X-HTTP-Method-Override
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 6105
etag: W/"EQDNNHaFMuhj+SK9HiXAeg=="
date: Sun, 22 Jan 2023 01:46:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=1002304818&prismid=39a0c286-5c0c-4795-9b5f-8b3335e7094e&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000
104.18.42.105200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=1002304818&prismid=39a0c286-5c0c-4795-9b5f-8b3335e7094e&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000
IP 104.18.42.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=1002304818&prismid=39a0c286-5c0c-4795-9b5f-8b3335e7094e&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000 HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 9
x-powered-by: PHP/8.1.14
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78d49e5d7962b4f1-OSL
X-Firefox-Spdy: h2
c.lytics.io/cid/a271c7468edd8ef1471b4f8e951397be?assign=false&callback=u_863688197034143100
104.26.2.22200 OK 24 B URL HTTP/2 c.lytics.io/cid/a271c7468edd8ef1471b4f8e951397be?assign=false&callback=u_863688197034143100
IP 104.26.2.22:0
File type ASCII text, with no line terminators
Hash e9b3e756a5d715fbb1ec42f7d1b764f8
6333289dd69d87d859a21ad4e0516e21970c75f6
915481132dfc8d244475a4d8108f5ce13e775f7b80bdf6eeacbb0430d115cf76
GET /cid/a271c7468edd8ef1471b4f8e951397be?assign=false&callback=u_863688197034143100 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: text/javascript
content-length: 24
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaRpbRa%2FYCu9n4jGAZPENkSgndNGtLncXHePCZzmYACDkMO9phPUpeZholBLXcxmdeOkV6fzCN5f5FHFDMHmhOdHna9J3wH4bZgy4pp8ZAGZml0n0RE3P8v7zqwa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e5d7832b518-OSL
X-Firefox-Spdy: h2
s3.us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/ts/ticketsmarter/handler.js
52.218.183.168200 OK 771 B URL HTTP/1.1 s3.us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/ts/ticketsmarter/handler.js
IP 52.218.183.168:0
Hash a39c8afcddb30f4685ae463066215a9d
29ef4fa7216854744845c76fabfb4c652fde6a3b
b9b79c945a72970f937e41d0f7edda6f2c7af961560a56c89fdc22a937bb0f5a
GET /s.leveragelab.com/release/config/sites/ts/ticketsmarter/handler.js HTTP/1.1
Host: s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SP2RARjAUCSYC1GKlnKH93ZKNzMRtXVcbbuKaoivtkt+0AyuWCq5j2S/yg8Tt6PJ4WxaCeqglrU=
x-amz-request-id: F507851K4MW81DGV
Date: Sun, 22 Jan 2023 01:46:55 GMT
Last-Modified: Mon, 10 Oct 2022 20:02:21 GMT
ETag: "a39c8afcddb30f4685ae463066215a9d"
x-amz-version-id: nZqQSFhdEpu6lcuBMyKlNOHgAvq7ZQ9H
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 771
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f34b93457165f460c95da38658dddf8e
931d660a5b95660b1445821624aeb8c015f64e4c
9a5da554e602dabafdbd97830858db62f635d64d6e4248fe62763fe74d9a622a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6426
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:55 GMT
Last-Modified: Sat, 21 Jan 2023 23:59:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d6272d3fc4bc20869651dd9bfd8b8e52
7b85adb062fe14eb4773e21fa71de74bb04adb39
1b885e59fc998114eab6dc951d856faea1683ad5f2d7441d271450c6ba1fbfd8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 01:46:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 07:42:30 GMT
Expires: Sat, 28 Jan 2023 07:42:29 GMT
Etag: "7b85adb062fe14eb4773e21fa71de74bb04adb39"
Cache-Control: max-age=539133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d49e5dd88cb517-OSL
c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be?_e=pv&_sesstart=1&_ref=app.upsellit.com%2F&_sesref=app.upsellit.com%2F&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1674352013952&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_v=3.0.30&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_getid=t
104.26.2.22200 OK 35 B URL HTTP/2 c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be?_e=pv&_sesstart=1&_ref=app.upsellit.com%2F&_sesref=app.upsellit.com%2F&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1674352013952&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_v=3.0.30&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_getid=t
IP 104.26.2.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/a271c7468edd8ef1471b4f8e951397be?_e=pv&_sesstart=1&_ref=app.upsellit.com%2F&_sesref=app.upsellit.com%2F&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1674352013952&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_v=3.0.30&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_getid=t HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWapNZsSXTa8rrR6%2FCaKEVduVVLKV8ieRodK9PbQENccWO5D%2BY2MguNByB6bcr5ciGzu6ga9pfjwWBYGJ3JKK1Z79erb33bxFC%2FpSWtyvYwNZR%2BNY9fiipKMI3XU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e5e689cb518-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f1ee2e8a468c0ac7dc79cb50360ace2d
a45ca194c212315617a85834bda535d37b3a9336
5460011cde1c5506a8926be8348ca73ee132476fbc74f746d056c644c44714d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:55 GMT
Server: ECS (amb/6BA8)
Content-Length: 313
c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be?
104.26.2.22200 OK 35 B URL HTTP/2 c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be?
IP 104.26.2.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/a271c7468edd8ef1471b4f8e951397be? HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=16cea56baf57beddde9465f00e00b94d; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuufXVZ4uuKSdIDokrturyocAGxy3uCI2wVTsyWJb4YXaebzYC3nH4KEUkaVQjUqEs3AjjzxY3DjQuzTSvOVcEXV33aM8Q7yG2HuruMVOWTBY2UqxOdyp3sTys4%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e5f38f2b518-OSL
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3o3h3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRiUyRlVrbXRRUnptJTJCdjhhMVByTXFCRU5FJTJCUkRTeThvRUw0bzVoWkd2N3hOdQ; expires=Fri, 16 Feb 2024 01:46:55 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 240012
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be?gtm.start=1674352012756&event=gtm.js>m.uniqueEventId=1&_ts=1674352014210&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_v=3.0.30
104.26.2.22200 OK 35 B URL HTTP/2 c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be?gtm.start=1674352012756&event=gtm.js>m.uniqueEventId=1&_ts=1674352014210&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_v=3.0.30
IP 104.26.2.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/a271c7468edd8ef1471b4f8e951397be?gtm.start=1674352012756&event=gtm.js>m.uniqueEventId=1&_ts=1674352014210&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_v=3.0.30 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYeyYX5VmX7kKd6XkuJePe%2FEz0F2SmBCOkapP93jCvpCYABvggXNX9sces5Zd2CEWlgjwMoi%2BPrOIu7iVVVLpmpCIo6gAaE56%2F9I9AL0atiQvUmHsehp%2BNyZlONf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e5f38f1b518-OSL
X-Firefox-Spdy: h2
www.ticketsmarter.com/proxydirectory/12470/pageInfo
100.25.87.89200 OK 68 B URL HTTP/2 www.ticketsmarter.com/proxydirectory/12470/pageInfo
IP 100.25.87.89:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
POST /proxydirectory/12470/pageInfo HTTP/1.1
Host: www.ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketsmarter.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://ticketsmarter.com
Content-Length: 435
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.0
x-request-id: a6863053-99f6-11ed-9f33-33908636a773
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 1448f69604d5be1f9c9f0c64cfa90594.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
x-amz-cf-id: Pfgad_OmpJ_pDz-JdKEfY0LdgM9nRsRnnhadA-MKHXwMEB_EY9FMIQ==
X-Firefox-Spdy: h2
obs.travelrobotflower.com/ct?id=36088&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1674352013853&hl=1&op=0&ag=1317291471&rand=137575207100595152075250907115855822056225152229550852179812929177591015696&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fapp.upsellit.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY4NTFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwzLDEsMCwwLDEsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMyJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI3LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiJFwiLFwialF1ZXJ5XCIsXCJzZXR0aW5nc190aW1lclwiLFwiX3Z3b19zZXR0aW5nc190aW1lclwiLFwiX3Z3b19jb2RlXCIsXCJkYXRhTGF5ZXJcIixcImZicVwiLFwiX2ZicVwiLFwicHVzaGx5XCIsXCJQdXNobHlTREtcIixcImNqRGF0YVwiLFwiZ3RhZ1wiLFwiQU1QXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiY2ZpZWxkc1wiLFwiX3Nob3dfdGhhbmtfeW91XCIsXCJfc2hvd19lcnJvclwiLFwiX2xvYWRfc2NyaXB0XCIsXCJhdGJzRW52XCIsXCJhdGJzV2VicGFja0pzb25wXCIsXCJsYXp5U2l6ZXNcIixcImpRdWVyeTExMTAwOTkxMzE0NDMxMTA5MDI5OFwiLFwiaW5pdEdlb0F1dG9jb21wbGV0ZVwiLFwic2l0ZVVJXCIsXCJGb3VuZGF0aW9uXCIsXCJFRlwiLFwidWV0cVwiLFwidmlzaXRvckdsb2JhbE9iamVjdEFsaWFzXCIsXCJ2Z29cIixcInRyaWRlbnRcIixcIm5ldFwiLFwiSUUxMVwiLFwiSUVvbGRcIixcIklFXCIsXCJzc29cIixcIlVybFwiLFwic3ByaW50ZlwiLFwidnNwcmludGZcIixcIlNwaW5uZXJcIixcIkxhZGRhXCIsXCJkZXZpY2VUeXBlXCIsXCJjcml0ZW9fcVwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJHb29nbGVBbmFseXRpY3NPYmplY3RcIixcImdhXCIsXCJwcmlzbUdsb2JhbE9iamVjdEFsaWFzXCJdLFwiblwiOltcImNodW5rXCJdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMjgzMDA0NzU3LjE2NzQzNTIwMTMiXSxbLTIxLCJ1c2lfZW1haWxfaWQ9NnNiNmRpXzE2NzAyNjI3NTRfMV9zZW5kPTE2NzY5NDQwMTM1ODQ7Il0sWy0yMiwiW1wiLVwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzQzNTIwMTM4NDEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDAsMCw4OSwwLDU1LDMwNywzNzIsLTEsMCwsMTI1MiwyMjI0LDIyMjQiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIyNjMwMzQwODg0XCJdLFwic1wiOjF9Il0sWy01NSwiMSJdLFsiZGRiIiwiMCw3LDAsMCwxLDMsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDEsMCwwLDAsMSwyLDIsMCwyLDAsMSwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsNTJdLFsiYWJuY2giLDUyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=6SFZdkC1Dq&pto=2237&ver=50&gac=283004757.1674352013&mei=&ap=&duid=1.1674352013.zRthP5g9FsqblxUk&suid=1.1674352013.6Zh6gbE3GTkvgjTX&tuid=1.1674352013.tfu175WrxkthJxYI&fbc=->m=W10%3D&it=53%2C1693%2C378&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=a55abbb099f611ed92530321595da648&spa=1&urid=0
52.45.196.192200 OK 1.5 kB URL HTTP/2 obs.travelrobotflower.com/ct?id=36088&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1674352013853&hl=1&op=0&ag=1317291471&rand=137575207100595152075250907115855822056225152229550852179812929177591015696&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fapp.upsellit.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY4NTFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwzLDEsMCwwLDEsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMyJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI3LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiJFwiLFwialF1ZXJ5XCIsXCJzZXR0aW5nc190aW1lclwiLFwiX3Z3b19zZXR0aW5nc190aW1lclwiLFwiX3Z3b19jb2RlXCIsXCJkYXRhTGF5ZXJcIixcImZicVwiLFwiX2ZicVwiLFwicHVzaGx5XCIsXCJQdXNobHlTREtcIixcImNqRGF0YVwiLFwiZ3RhZ1wiLFwiQU1QXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiY2ZpZWxkc1wiLFwiX3Nob3dfdGhhbmtfeW91XCIsXCJfc2hvd19lcnJvclwiLFwiX2xvYWRfc2NyaXB0XCIsXCJhdGJzRW52XCIsXCJhdGJzV2VicGFja0pzb25wXCIsXCJsYXp5U2l6ZXNcIixcImpRdWVyeTExMTAwOTkxMzE0NDMxMTA5MDI5OFwiLFwiaW5pdEdlb0F1dG9jb21wbGV0ZVwiLFwic2l0ZVVJXCIsXCJGb3VuZGF0aW9uXCIsXCJFRlwiLFwidWV0cVwiLFwidmlzaXRvckdsb2JhbE9iamVjdEFsaWFzXCIsXCJ2Z29cIixcInRyaWRlbnRcIixcIm5ldFwiLFwiSUUxMVwiLFwiSUVvbGRcIixcIklFXCIsXCJzc29cIixcIlVybFwiLFwic3ByaW50ZlwiLFwidnNwcmludGZcIixcIlNwaW5uZXJcIixcIkxhZGRhXCIsXCJkZXZpY2VUeXBlXCIsXCJjcml0ZW9fcVwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJHb29nbGVBbmFseXRpY3NPYmplY3RcIixcImdhXCIsXCJwcmlzbUdsb2JhbE9iamVjdEFsaWFzXCJdLFwiblwiOltcImNodW5rXCJdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMjgzMDA0NzU3LjE2NzQzNTIwMTMiXSxbLTIxLCJ1c2lfZW1haWxfaWQ9NnNiNmRpXzE2NzAyNjI3NTRfMV9zZW5kPTE2NzY5NDQwMTM1ODQ7Il0sWy0yMiwiW1wiLVwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzQzNTIwMTM4NDEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDAsMCw4OSwwLDU1LDMwNywzNzIsLTEsMCwsMTI1MiwyMjI0LDIyMjQiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIyNjMwMzQwODg0XCJdLFwic1wiOjF9Il0sWy01NSwiMSJdLFsiZGRiIiwiMCw3LDAsMCwxLDMsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDEsMCwwLDAsMSwyLDIsMCwyLDAsMSwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsNTJdLFsiYWJuY2giLDUyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=6SFZdkC1Dq&pto=2237&ver=50&gac=283004757.1674352013&mei=&ap=&duid=1.1674352013.zRthP5g9FsqblxUk&suid=1.1674352013.6Zh6gbE3GTkvgjTX&tuid=1.1674352013.tfu175WrxkthJxYI&fbc=->m=W10%3D&it=53%2C1693%2C378&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=a55abbb099f611ed92530321595da648&spa=1&urid=0
IP 52.45.196.192:0
File type HTML document, ASCII text, with very long lines (3692), with no line terminators
Hash 37fe69b534b50ee522c14ca787207d45
c320aec98bd7118d635b849d34e7aa868ff51886
d0a96986744df9ecaf9e4dc27d5ad4fe8d9dda6a77b1f8e86f9f4fc55269bc31
GET /ct?id=36088&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1674352013853&hl=1&op=0&ag=1317291471&rand=137575207100595152075250907115855822056225152229550852179812929177591015696&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fapp.upsellit.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY4NTFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwzLDEsMCwwLDEsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMyJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI3LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiJFwiLFwialF1ZXJ5XCIsXCJzZXR0aW5nc190aW1lclwiLFwiX3Z3b19zZXR0aW5nc190aW1lclwiLFwiX3Z3b19jb2RlXCIsXCJkYXRhTGF5ZXJcIixcImZicVwiLFwiX2ZicVwiLFwicHVzaGx5XCIsXCJQdXNobHlTREtcIixcImNqRGF0YVwiLFwiZ3RhZ1wiLFwiQU1QXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiY2ZpZWxkc1wiLFwiX3Nob3dfdGhhbmtfeW91XCIsXCJfc2hvd19lcnJvclwiLFwiX2xvYWRfc2NyaXB0XCIsXCJhdGJzRW52XCIsXCJhdGJzV2VicGFja0pzb25wXCIsXCJsYXp5U2l6ZXNcIixcImpRdWVyeTExMTAwOTkxMzE0NDMxMTA5MDI5OFwiLFwiaW5pdEdlb0F1dG9jb21wbGV0ZVwiLFwic2l0ZVVJXCIsXCJGb3VuZGF0aW9uXCIsXCJFRlwiLFwidWV0cVwiLFwidmlzaXRvckdsb2JhbE9iamVjdEFsaWFzXCIsXCJ2Z29cIixcInRyaWRlbnRcIixcIm5ldFwiLFwiSUUxMVwiLFwiSUVvbGRcIixcIklFXCIsXCJzc29cIixcIlVybFwiLFwic3ByaW50ZlwiLFwidnNwcmludGZcIixcIlNwaW5uZXJcIixcIkxhZGRhXCIsXCJkZXZpY2VUeXBlXCIsXCJjcml0ZW9fcVwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJHb29nbGVBbmFseXRpY3NPYmplY3RcIixcImdhXCIsXCJwcmlzbUdsb2JhbE9iamVjdEFsaWFzXCJdLFwiblwiOltcImNodW5rXCJdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMjgzMDA0NzU3LjE2NzQzNTIwMTMiXSxbLTIxLCJ1c2lfZW1haWxfaWQ9NnNiNmRpXzE2NzAyNjI3NTRfMV9zZW5kPTE2NzY5NDQwMTM1ODQ7Il0sWy0yMiwiW1wiLVwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzQzNTIwMTM4NDEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDAsMCw4OSwwLDU1LDMwNywzNzIsLTEsMCwsMTI1MiwyMjI0LDIyMjQiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIyNjMwMzQwODg0XCJdLFwic1wiOjF9Il0sWy01NSwiMSJdLFsiZGRiIiwiMCw3LDAsMCwxLDMsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDEsMCwwLDAsMSwyLDIsMCwyLDAsMSwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsNTJdLFsiYWJuY2giLDUyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=6SFZdkC1Dq&pto=2237&ver=50&gac=283004757.1674352013&mei=&ap=&duid=1.1674352013.zRthP5g9FsqblxUk&suid=1.1674352013.6Zh6gbE3GTkvgjTX&tuid=1.1674352013.tfu175WrxkthJxYI&fbc=->m=W10%3D&it=53%2C1693%2C378&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=a55abbb099f611ed92530321595da648&spa=1&urid=0 HTTP/1.1
Host: obs.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Sun, 22 Jan 2023 01:46:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=c06acd5814608b4be728ed9fe43f2881; Max-Age=29030400; Path=/; Expires=Sun, 24 Dec 2023 01:46:55 GMT; HttpOnly; Secure; SameSite=None
content-length: 1487
X-Firefox-Spdy: h2
track.segmetrics.io/collect?t=view&r=app.upsellit.com&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&v=2&a=a1XXX9&i=12695&uid=01GQBJGCWZ32TWWW151DJKF0AG&fp=eb8b1e2dfca3b62675e76804be9555d8&mt=%7B%22ga%22%3A%22GA1.2.283004757.1674352013%22%7D
172.67.72.57200 OK 43 B URL HTTP/2 track.segmetrics.io/collect?t=view&r=app.upsellit.com&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&v=2&a=a1XXX9&i=12695&uid=01GQBJGCWZ32TWWW151DJKF0AG&fp=eb8b1e2dfca3b62675e76804be9555d8&mt=%7B%22ga%22%3A%22GA1.2.283004757.1674352013%22%7D
IP 172.67.72.57:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
POST /collect?t=view&r=app.upsellit.com&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&v=2&a=a1XXX9&i=12695&uid=01GQBJGCWZ32TWWW151DJKF0AG&fp=eb8b1e2dfca3b62675e76804be9555d8&mt=%7B%22ga%22%3A%22GA1.2.283004757.1674352013%22%7D HTTP/1.1
Host: track.segmetrics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
set-cookie: uid=n8tSAmPMlY+8BmxnzY0AAg==; domain=.segmetrics.io; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf%2FIDHdPRKjRawiSm%2FJQQIZSqSusCFOI6D8GY9m3aAV8sW19FgYCfmPOwjF898FksvOCL3K9eKvXf%2Fi7kZPkHJNEyPzdx%2FZDSIJcaMzgtkFOMju34kKOjmhwM7BBee1S9DD%2FemM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e5faaa3b4f1-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 983bf93f38906f6a4550db2e46cd95ac
65d7c7a19405d1c89a164ce0aaa456b12f123df5
c294ae9de6b7a55d59b0f0ff17dc7a1fe4842f6d533894e50a0cedf9960f32b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 01:46:55 GMT
Last-Modified: Sun, 22 Jan 2023 00:44:30 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hMBYBSyFk6F42sGJRKEMU8wPJWUq-_w70yRfu1TyNNL-URISL5VQrg==
Age: 3745
bat.bing.com/action/0?ti=259000860&Ver=2&mid=eb9f8b1c-f435-4cbf-b64b-9e6d6064a276&sid=a55aa37099f611ed8c933f71d0d478e7&vid=a55abbb099f611ed92530321595da648&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&r=<=8&evt=pageLoad&ifm=1&sv=1&rn=20050
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=259000860&Ver=2&mid=eb9f8b1c-f435-4cbf-b64b-9e6d6064a276&sid=a55aa37099f611ed8c933f71d0d478e7&vid=a55abbb099f611ed92530321595da648&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&r=<=8&evt=pageLoad&ifm=1&sv=1&rn=20050
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=259000860&Ver=2&mid=eb9f8b1c-f435-4cbf-b64b-9e6d6064a276&sid=a55aa37099f611ed8c933f71d0d478e7&vid=a55abbb099f611ed92530321595da648&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&r=<=8&evt=pageLoad&ifm=1&sv=1&rn=20050 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=35B624FAA68560842214365BA7D26159; domain=.bing.com; expires=Fri, 16-Feb-2024 01:46:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FACC54B4E24245B6A3CBF0C6FC008ADD Ref B: OSL30EDGE0408 Ref C: 2023-01-22T01:46:55Z
date: Sun, 22 Jan 2023 01:46:54 GMT
X-Firefox-Spdy: h2
obs.travelrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136deac430e8478b989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d178d652f17071a10acf9f29f671a8285d854783a13ff7c71048f69db309203320d76c75b560a310709c4b6634e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2f4c270f0fa1dc78612c05a5fd407ddea3a17dc1e50a724b7eaef2f394cc73bdcfc248b5038e523a64c4ed86a7b376cccee879cf774a91bac3330752ae3234fdd45739bf9abf21cd18ac19ef9b17870c92a02a99696ccaf67e8c689691baf5dbb68c182cf12fb4bdf82e5430d3d20cd3e11ce75b4404de5f5a85d0c38681fa827090799edea58f7bff717774dc2978c5dad14f6788a85f8641a9d34dd62fff33025c578c6ee9439cd7a97bbf9728c00ca7d79cd171984b5535b01317416c0569d5bd64ba4bdfdacb25a89128bdde6cdb88a9a63d8ebae04c306c9ae81e0a9bbb0a4e09f1eff43ffb6488e04eb1f232a02bf142c90a814a93d168d51035e6a691663f3b67062d155d11ade58f69d002b6465c5f3baee63c83c14d52bac18ba8b67edffff8eec4a4bdfb204c20f84685aa446883437906d465591c70e42fea2f4dd0e1d3629461d1228fa829cfb80c9a654543645a1c16cbc992987d2909d27d1e87cfcbf8f593071794a2bc6397c9747fdbd7103c68fa8fdf3c79b170d72a9c6d8764dd4581ac7beaa620a6ded1868a4d70eefe3a658572a588b2ab179f72704040956f4637f3eb04cbb46e82f0e2da48dfc5c7651c3d2cd321b947ee0ca08b698a201a62387a0f23be09d5d86d02ab6596f6a9768c82&cri=6SFZdkC1Dq&ts=558&cb=1674352014412
52.45.196.192200 OK 43 B URL HTTP/2 obs.travelrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136deac430e8478b989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d178d652f17071a10acf9f29f671a8285d854783a13ff7c71048f69db309203320d76c75b560a310709c4b6634e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2f4c270f0fa1dc78612c05a5fd407ddea3a17dc1e50a724b7eaef2f394cc73bdcfc248b5038e523a64c4ed86a7b376cccee879cf774a91bac3330752ae3234fdd45739bf9abf21cd18ac19ef9b17870c92a02a99696ccaf67e8c689691baf5dbb68c182cf12fb4bdf82e5430d3d20cd3e11ce75b4404de5f5a85d0c38681fa827090799edea58f7bff717774dc2978c5dad14f6788a85f8641a9d34dd62fff33025c578c6ee9439cd7a97bbf9728c00ca7d79cd171984b5535b01317416c0569d5bd64ba4bdfdacb25a89128bdde6cdb88a9a63d8ebae04c306c9ae81e0a9bbb0a4e09f1eff43ffb6488e04eb1f232a02bf142c90a814a93d168d51035e6a691663f3b67062d155d11ade58f69d002b6465c5f3baee63c83c14d52bac18ba8b67edffff8eec4a4bdfb204c20f84685aa446883437906d465591c70e42fea2f4dd0e1d3629461d1228fa829cfb80c9a654543645a1c16cbc992987d2909d27d1e87cfcbf8f593071794a2bc6397c9747fdbd7103c68fa8fdf3c79b170d72a9c6d8764dd4581ac7beaa620a6ded1868a4d70eefe3a658572a588b2ab179f72704040956f4637f3eb04cbb46e82f0e2da48dfc5c7651c3d2cd321b947ee0ca08b698a201a62387a0f23be09d5d86d02ab6596f6a9768c82&cri=6SFZdkC1Dq&ts=558&cb=1674352014412
IP 52.45.196.192:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136deac430e8478b989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d178d652f17071a10acf9f29f671a8285d854783a13ff7c71048f69db309203320d76c75b560a310709c4b6634e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2f4c270f0fa1dc78612c05a5fd407ddea3a17dc1e50a724b7eaef2f394cc73bdcfc248b5038e523a64c4ed86a7b376cccee879cf774a91bac3330752ae3234fdd45739bf9abf21cd18ac19ef9b17870c92a02a99696ccaf67e8c689691baf5dbb68c182cf12fb4bdf82e5430d3d20cd3e11ce75b4404de5f5a85d0c38681fa827090799edea58f7bff717774dc2978c5dad14f6788a85f8641a9d34dd62fff33025c578c6ee9439cd7a97bbf9728c00ca7d79cd171984b5535b01317416c0569d5bd64ba4bdfdacb25a89128bdde6cdb88a9a63d8ebae04c306c9ae81e0a9bbb0a4e09f1eff43ffb6488e04eb1f232a02bf142c90a814a93d168d51035e6a691663f3b67062d155d11ade58f69d002b6465c5f3baee63c83c14d52bac18ba8b67edffff8eec4a4bdfb204c20f84685aa446883437906d465591c70e42fea2f4dd0e1d3629461d1228fa829cfb80c9a654543645a1c16cbc992987d2909d27d1e87cfcbf8f593071794a2bc6397c9747fdbd7103c68fa8fdf3c79b170d72a9c6d8764dd4581ac7beaa620a6ded1868a4d70eefe3a658572a588b2ab179f72704040956f4637f3eb04cbb46e82f0e2da48dfc5c7651c3d2cd321b947ee0ca08b698a201a62387a0f23be09d5d86d02ab6596f6a9768c82&cri=6SFZdkC1Dq&ts=558&cb=1674352014412 HTTP/1.1
Host: obs.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: cg_uuid=c06acd5814608b4be728ed9fe43f2881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Sun, 22 Jan 2023 01:46:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
personalization-wp-service.cluster.app-us1.com/personalize?trackId=1002304818&visitorId=39a0c286-5c0c-4795-9b5f-8b3335e7094e&url=https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
34.205.47.101200 OK 32 B URL HTTP/1.1 personalization-wp-service.cluster.app-us1.com/personalize?trackId=1002304818&visitorId=39a0c286-5c0c-4795-9b5f-8b3335e7094e&url=https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
IP 34.205.47.101:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2eec035fbea934a74a2042ab0c17fa73
cea0c691ab7df2cece7e3fbb95a5b915b454058b
796164c3e2cc258209a44bace11b0d80da9d04b3f4c5c4c8ec5dd1b9b2b0bf4e
GET /personalize?trackId=1002304818&visitorId=39a0c286-5c0c-4795-9b5f-8b3335e7094e&url=https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000 HTTP/1.1
Host: personalization-wp-service.cluster.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-origin: *
content-type: application/json
date: Sun, 22 Jan 2023 01:46:54 GMT
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 9
transfer-encoding: chunked
Connection: keep-alive
bat.bing.com/p/action/259000860.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/259000860.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/259000860.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 854A6A8148F1435699944EADA849E7BB Ref B: OSL30EDGE0408 Ref C: 2023-01-22T01:46:55Z
date: Sun, 22 Jan 2023 01:46:54 GMT
X-Firefox-Spdy: h2
ticketsmarter.com/content/uploaded/Spotlight%20Images/TicketSmarter%20Review_2.png
100.25.87.89200 OK 131 kB URL HTTP/2 ticketsmarter.com/content/uploaded/Spotlight%20Images/TicketSmarter%20Review_2.png
IP 100.25.87.89:0
File type PNG image data, 970 x 342, 8-bit colormap, non-interlaced\012- data
Size 131 kB (131034 bytes)
Hash dc80f312fcfbc7dccf374169eaa1e903
e52f94231464c48347bb8a60be9ad90b470fe7c6
d5a4dd66cd4716adc0bed16b3fa28c0890c442cfce56b4e714d568709f1b71cb
GET /content/uploaded/Spotlight%20Images/TicketSmarter%20Review_2.png HTTP/1.1
Host: ticketsmarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/?usi_email_id=6sb6di_1670262754_1_send.2592000
Cookie: PHPSESSID=sg4pggkm82gg7imbklqgleskgj; atbs_location=59.955%7C10.859%7COslo%7C03%7C; _pndbg=si; pushly.user_puuid=a5xdM15tVgN5O1yXrXhmtJUp6AiMp1sq; _pndbgpr=wlx; _gcl_au=1.1.1479115159.1674352013; _ga=GA1.2.283004757.1674352013; _gid=GA1.2.1332918132.1674352013; _gat_gtag_UA_135380185_1=1; _vwo_uuid_v2=D13141D551E8AA96BF90C9BF300F9413C|5b786a365c1ca3887c12c50f7f9c6732; usi_email_id=6sb6di_1670262754_1_send; _cq_duid=1.1674352013.zRthP5g9FsqblxUk; _cq_suid=1.1674352013.6Zh6gbE3GTkvgjTX; nickelledUserId=ni-auto-id:7d9ed576-a45c-4cc2-855a-b8722840872a; prism_1002304818=39a0c286-5c0c-4795-9b5f-8b3335e7094e; seerses=e; seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf; wickedEmails1445569626=0; _seg_uid_12695=01GQBJGCWZ32TWWW151DJKF0AG; _seg_uid=01GQBJGCWZ32TWWW151DJKF0AG; _seg_visitor_12695=eyJyZWZlcnJlciI6ImFwcC51cHNlbGxpdC5jb20ifQ==; cjConsent=MHxZfDB8Tnww; _uetsid=a55aa37099f611ed8c933f71d0d478e7; _uetvid=a55abbb099f611ed92530321595da648
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: image/png
content-length: 131034
server: nginx/1.20.0
last-modified: Mon, 09 Jan 2023 20:03:41 GMT
etag: "63bc731d-1ffda"
accept-ranges: bytes
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 455 B IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d2487fe790396bd81cff948f304a1220
43a9b51314a95becd466a225d65e65b828915bc6
27b0e8ab26978192bb78280793739c216f601130a4d7f664a68d5096af6890a1
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7FB9084B67541CE890B5990C4EE79E8 Ref B: OSL30EDGE0408 Ref C: 2023-01-22T01:46:54Z
date: Sun, 22 Jan 2023 01:46:53 GMT
X-Firefox-Spdy: h2
s3-us-west-2.amazonaws.com/s.leveragelab.com/release/script/master/levlab.js
52.92.242.200200 OK 2.8 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/s.leveragelab.com/release/script/master/levlab.js
IP 52.92.242.200:0
File type ASCII text, with very long lines (9933), with no line terminators
Hash 90f1730088f38ddd390d50c06d9e4aa9
120e38384b8f0483943e1f250f8348f904b0bfc4
a34f598ed465c2ad64b009a5d471ee7196c6881921d13128bd25e64189d45072
GET /s.leveragelab.com/release/script/master/levlab.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: vfT4ylylJk5VF/o8FHXECL9SllArrNZUONbM5xsOHaB5eF6l5XOVojB+KqiTV+jMmxsKJ4qNXS4=
x-amz-request-id: 4HCKSK321EZVVMWZ
Date: Sun, 22 Jan 2023 01:46:56 GMT
Last-Modified: Wed, 16 Dec 2020 20:51:26 GMT
ETag: "90f1730088f38ddd390d50c06d9e4aa9"
Content-Encoding: gzip
x-amz-version-id: mL9PKlFGzM6A0rnitQY9FtNQWpRFI8va
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 2821
app.upsellit.com/utility/session_data.jsp?extended=true&si=078xtl_1674352015
208.118.62.69200 OK 671 B URL HTTP/2 app.upsellit.com/utility/session_data.jsp?extended=true&si=078xtl_1674352015
IP 208.118.62.69:0
File type ASCII text, with CRLF line terminators
Hash 5b1b73aad265b19561124f06194ea17f
2866a38c9730d6be58062ed40149469455777470
5b0f9eb6c5187b4a17d83d66459c184403e60e8572d303df124d96a7182eb9ae
GET /utility/session_data.jsp?extended=true&si=078xtl_1674352015 HTTP/1.1
Host: app.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: application/x-javascript;charset=ISO-8859-1
content-length: 671
expires: Mon, 23 Jan 2023 01:46:55 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/ts/ticketsmarter/config.js
52.92.242.200200 OK 2.6 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/ts/ticketsmarter/config.js
IP 52.92.242.200:0
Hash 71432dc57d09594677ac95f383b60739
3f07ff7f1da596aa42e418c5752e33e442e88353
890de78b17709637c1474df4fd44983c2f60e7aef818ab52df26076fd210ea2a
GET /s.leveragelab.com/release/config/sites/ts/ticketsmarter/config.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hoh5wHum8QmbYZAfizzMs2Ijbz7IQS49Z5T9UYdV3OTL5H3JN5xTCxDH5LdXWUhA8abXNLq0mHs=
x-amz-request-id: TT0KSR291B40KY63
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Fri, 02 Dec 2022 14:24:08 GMT
ETag: "71432dc57d09594677ac95f383b60739"
x-amz-version-id: dD_ssTj3wp__lga8phlq2cXAlAEj_wRV
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 2581
s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-ticketsmarter/ticketsmarter-overrides.css
52.218.183.168200 OK 15 kB URL HTTP/1.1 s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-ticketsmarter/ticketsmarter-overrides.css
IP 52.218.183.168:0
File type ASCII text, with CRLF line terminators
Hash 37218bb1b337316c1f6d44905c16fddd
e17e13c6b99b7e92864a6b760f8586712f9452c3
4380dc3c4b21f08d720adb7190789dd95727d4a7e08ef5e9baba643b65304619
GET /s.leveragelab.com/lytics-ticketsmarter/ticketsmarter-overrides.css HTTP/1.1
Host: s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: BKnF8uQK8j9HqlpL/iwdVTNKfW1BrOJkfr+nxT+tTFVQPsyOu2CMAysQR/6LS7mlNUZpkvMSB3I=
x-amz-request-id: TT0X87QFF0WY56JV
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Tue, 15 Nov 2022 19:03:45 GMT
ETag: "37218bb1b337316c1f6d44905c16fddd"
x-amz-version-id: 2D3VQSM.cOC_qwfEAluMydpLizDEnqyv
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 15072
gum.criteo.com/sid/json?origin=onetag&domain=ticketsmarter.com&sn=FirefoxSyncframe&so=0&topUrl=ticketsmarter.com&info=r1ps4V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRiUyRlVrbXRRUnptJTJCdjhhMVByTXFCRU5saXF6MkxSaHVjQiUyRkZBeWR1NTlHUw&idsd=-523350592,-902759436&cw=1&lsw=1
178.250.2.146200 OK 1.3 kB URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=ticketsmarter.com&sn=FirefoxSyncframe&so=0&topUrl=ticketsmarter.com&info=r1ps4V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRiUyRlVrbXRRUnptJTJCdjhhMVByTXFCRU5saXF6MkxSaHVjQiUyRkZBeWR1NTlHUw&idsd=-523350592,-902759436&cw=1&lsw=1
IP 178.250.2.146:0
Hash bf71c93efb8a46081a5448d12420d54d
9c8b757e16d108780b429c4acaa9a833d813183b
8c6997febebdc84510091431a121097a8805743054dff5250093321a2299fed8
GET /sid/json?origin=onetag&domain=ticketsmarter.com&sn=FirefoxSyncframe&so=0&topUrl=ticketsmarter.com&info=r1ps4V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRiUyRlVrbXRRUnptJTJCdjhhMVByTXFCRU5saXF6MkxSaHVjQiUyRkZBeWR1NTlHUw&idsd=-523350592,-902759436&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=ticketsmarter.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1142469
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.lytics.io/static/pathfora.min.css
104.26.2.22200 OK 3.5 kB URL HTTP/2 c.lytics.io/static/pathfora.min.css
IP 104.26.2.22:0
File type ASCII text, with very long lines (20609), with no line terminators
Hash a8b1d5b6719216a0f314387ff7af39f9
fecaffd69763bd0fa5c39a0f3be84314ee8e939c
5bc0bce4aa2745134a0050fbfaf1a0463313f11024136e4a5efe9c165889422e
GET /static/pathfora.min.css HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:56 GMT
content-type: text/css; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 1636
last-modified: Sun, 22 Jan 2023 01:19:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHEHXYJOUqBSvsd5lyP1K9UAFN%2FZ4d00hoR7%2BSra9Fb1O7Sub0R%2B%2FRg77P%2FiUxGq%2Bvd%2B8HjHdigvXFeWxwUKWxz8OPLFpV5U1cerI2NrtzSbaAghuFVmp86Uodit"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d49e643c3db518-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.112200 OK 906 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.112:0
File type ASCII text, with very long lines (559)
Hash d86662fb4063e393752762c7372e1a41
69ba04e02bd520200fa58f773ae32dd6ed1cbed8
f97f39992ee9da3170cac3acfeaeb9074207ffac37c853480cc08a0f9fbb280d
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 906
last-modified: Thu, 19 Jan 2023 16:13:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1674144808.01
accept-ranges: bytes
server: AmazonS3
date: Sun, 22 Jan 2023 01:44:24 GMT
cache-control: max-age=3600, public
etag: "d86662fb4063e393752762c7372e1a41"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XIdWWICbli0b1pOFzn1bt8fK5hccIyL1AeKhnPp4RweQXn3xNQcT-w==
age: 157
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.lytics.io/api/personalize/a271c7468edd8ef1471b4f8e951397be/user/_uid/c5d2b716-1ffd-442f-af6a-a1d87a5b1edf?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22c5d2b716-1ffd-442f-af6a-a1d87a5b1edf%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22_v%22%3A%223.0.30%22%2C%22_uido%22%3A%22c5d2b716-1ffd-442f-af6a-a1d87a5b1edf%22%7D&ts=1674352014245&callback=u_364170218654484540
104.26.2.22200 OK 1.1 kB URL HTTP/2 c.lytics.io/api/personalize/a271c7468edd8ef1471b4f8e951397be/user/_uid/c5d2b716-1ffd-442f-af6a-a1d87a5b1edf?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22c5d2b716-1ffd-442f-af6a-a1d87a5b1edf%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22_v%22%3A%223.0.30%22%2C%22_uido%22%3A%22c5d2b716-1ffd-442f-af6a-a1d87a5b1edf%22%7D&ts=1674352014245&callback=u_364170218654484540
IP 104.26.2.22:0
File type ASCII text, with very long lines (2370), with no line terminators
Hash ea70f69347a6bb4d094d8768f24fcc1b
1231411e1431925e3156ad8fdce74970d3bf14a6
416dc707f0cbad86e812e809bce58c0491d006cd4c6c442b493a016ea5212f81
GET /api/personalize/a271c7468edd8ef1471b4f8e951397be/user/_uid/c5d2b716-1ffd-442f-af6a-a1d87a5b1edf?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22c5d2b716-1ffd-442f-af6a-a1d87a5b1edf%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22_v%22%3A%223.0.30%22%2C%22_uido%22%3A%22c5d2b716-1ffd-442f-af6a-a1d87a5b1edf%22%7D&ts=1674352014245&callback=u_364170218654484540 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin:
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhXFEI49NE%2FZ7CnaMRvL7ddrrriLC26ggC%2BJgR%2BxXnfUO4l7A8%2FWFBDZGSdzzsOqUcfsMiR2fOL%2BT5SOgXYlSOJwU7pAPc6cJHq%2B%2Bwq2vpde6KJWT8WUgFo5oW1D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e5f6914b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sun, 22 Jan 2023 01:46:56 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/934577750/?random=1674352013188&cv=11&fst=1674349200000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878134152&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/934577750/?random=1674352013188&cv=11&fst=1674349200000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878134152&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/934577750/?random=1674352013188&cv=11&fst=1674349200000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878134152&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 01:46:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/947744675/?random=1674352014500&cv=11&fst=1674352014500&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=93VzCPSFouUDEKPf9cMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets>m_ee=1&auid=1479115159.1674352013&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.132302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/947744675/?random=1674352014500&cv=11&fst=1674352014500&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=93VzCPSFouUDEKPf9cMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets>m_ee=1&auid=1479115159.1674352013&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.132:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/947744675/?random=1674352014500&cv=11&fst=1674352014500&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=93VzCPSFouUDEKPf9cMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets>m_ee=1&auid=1479115159.1674352013&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 01:46:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/947744675/?random=1674352014500&cv=11&fst=1674352014500&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=93VzCPSFouUDEKPf9cMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets>m_ee=1&auid=1479115159.1674352013&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615
178.250.2.151302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615
IP 178.250.2.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:56 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 9757650
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bat.bing.com/p/action/21003707.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21003707.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21003707.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF2162C4D1944E3396248B053725CBC9 Ref B: OSL30EDGE0408 Ref C: 2023-01-22T01:46:56Z
date: Sun, 22 Jan 2023 01:46:55 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/934577750/?random=1674352013188&cv=11&fst=1674349200000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878134152&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/934577750/?random=1674352013188&cv=11&fst=1674349200000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878134152&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/934577750/?random=1674352013188&cv=11&fst=1674349200000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&ref=https%3A%2F%2Fapp.upsellit.com%2F&tiba=TicketSmarter%20Concerts%2C%20Sports%2C%20Theatre%2C%20%26%20Family%20Event%20Tickets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878134152&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 01:46:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d0946bf843e727c0c12705cc3f24a124
eec8e6991073b160e8f1eae127b3052a2c175073
73fa986fa7efc6a609644ca3ee6057c0d2f72ff8a7f5f2ddd39a0747c8c326ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3413
Cache-Control: max-age=126278
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Etag: "63cbd281-139"
Expires: Mon, 23 Jan 2023 12:51:34 GMT
Last-Modified: Sat, 21 Jan 2023 11:54:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
c.lytics.io/static/pathfora.min.js
104.26.2.22200 OK 40 kB URL HTTP/2 c.lytics.io/static/pathfora.min.js
IP 104.26.2.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e2ff33f9f69de2c2fc17da583a280563
fa3b6f0685c2d7f54e0545e149b3c2728a09035a
5a98b9140b522ebeb0e0062c5296361b2c05091000518b1634c82b0c6ea62af4
GET /static/pathfora.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:56 GMT
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6066
last-modified: Sun, 22 Jan 2023 00:05:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzXxz%2B4fgorHklaGbEFu1R9x8cdrTL5tg1yKz8Ke4F4QCbdJGMUKPFiOVeLsYIY4kTliSMqRf1cGPGu%2BC2noqK01kABo0CFx%2BeT07CBU7I9j2axSuoqwPWLdVq%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d49e640c26b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
obs.travelrobotflower.com/mon
52.45.196.192200 OK 0 B URL HTTP/2 obs.travelrobotflower.com/mon
IP 52.45.196.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /mon HTTP/1.1
Host: obs.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1491
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: cg_uuid=c06acd5814608b4be728ed9fe43f2881
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ticketsmarter.com
content-type: application/json
date: Sun, 22 Jan 2023 01:46:56 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.travelrobotflower.com/mon
52.45.196.192200 OK 0 B URL HTTP/2 obs.travelrobotflower.com/mon
IP 52.45.196.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /mon HTTP/1.1
Host: obs.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1486
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: cg_uuid=c06acd5814608b4be728ed9fe43f2881
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ticketsmarter.com
content-type: application/json
date: Sun, 22 Jan 2023 01:46:56 GMT
content-length: 0
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=15105ae3-ef8d-4cbb-94e7-8fea0a7d2224&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0b00df1b-0bfe-4acc-aebd-73082966d5fc&tw_document_href=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o687g&type=javascript&version=2.3.29
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=15105ae3-ef8d-4cbb-94e7-8fea0a7d2224&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0b00df1b-0bfe-4acc-aebd-73082966d5fc&tw_document_href=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o687g&type=javascript&version=2.3.29
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=15105ae3-ef8d-4cbb-94e7-8fea0a7d2224&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0b00df1b-0bfe-4acc-aebd-73082966d5fc&tw_document_href=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o687g&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=873007ef-e6c3-44b0-88b7-51fe76081697; Max-Age=63072000; Expires=Tue, 21 Jan 2025 01:46:56 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: f1464c1b0f57e141
strict-transport-security: max-age=0
x-response-time: 175
x-connection-hash: bc71daab963eec2af485da9387477af4ab0ec203761a6c52905fb075db9db639
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
143.204.55.112200 OK 114 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP 143.204.55.112:0
File type ASCII text, with very long lines (64471)
Size 114 kB (114290 bytes)
Hash 2400116c2bbc36366160f0f474e1da0b
ca47ad0818c3266c0054fa1af2a8b3c0baa6e793
0971e5d1f458cb116fbdd2ac54db9624a36ce9699114580d3db47de0e293f867
GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Thu, 19 Jan 2023 16:15:20 GMT
last-modified: Thu, 19 Jan 2023 16:13:31 GMT
etag: "879df6750bd5bf3c772ce4abd8df7a22"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1674144807.99
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lvZmWpJNjMsXwU8ogXlOkQLQqZSgNrPeHFjKlDytq8qOJuKjifIiZQ==
age: 207097
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=2085405
143.204.55.112200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=2085405
IP 143.204.55.112:0
File type ASCII text, with very long lines (778)
Hash bff3a0037cd355647d70d5e007d1bd42
3036edbddcdbbb8ed2a4a6b39350f9902c20c551
14b6807df5269a367d2ce8a123e64193baa9d057fe3777ea6b8329b6c7002dea
GET /widget/widget.js?v=2085405 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 48092
date: Thu, 19 Jan 2023 16:15:21 GMT
last-modified: Thu, 19 Jan 2023 16:13:32 GMT
etag: "bff3a0037cd355647d70d5e007d1bd42"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1674144805.85
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vpygpUdXShyxUSDcscUQ3rrVNsiVZt_m8nASaugIBU8WffiwU1Ojog==
age: 207096
X-Firefox-Spdy: h2
wp-ui.app-us1.com/wp-controller.js
143.204.55.62200 OK 7.6 kB URL HTTP/2 wp-ui.app-us1.com/wp-controller.js
IP 143.204.55.62:0
File type ASCII text, with very long lines (23925), with no line terminators
Hash 179bf8a2cc57b05947a3b13c21edeafc
a6952f55b7c4c7da559b9d7dc56c152e065e42bf
1e3e7cb1a62b3630c32fbd170660e6d961e92139c3d62d71dadc0f2a0b1a8b2b
GET /wp-controller.js HTTP/1.1
Host: wp-ui.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 21 Jan 2023 02:54:03 GMT
last-modified: Thu, 04 Mar 2021 16:39:47 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
etag: W/"c9bbc9a7fb8ba33cdf05ead14568b82f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sd87VIWreq_EyMFOStbdRTiN1CW-vj81Um5bXYfYev_BSWa9QPYNLg==
age: 82373
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=445868932986977&ev=PageView&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015564&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=445868932986977&ev=PageView&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015564&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=445868932986977&ev=PageView&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015564&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Jan 2023 01:46:56 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=445868932986977&ev=Lytics%20Audiences&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015571&cd[external_id]=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&sw=1280&sh=1024&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=445868932986977&ev=Lytics%20Audiences&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015571&cd[external_id]=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&sw=1280&sh=1024&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=445868932986977&ev=Lytics%20Audiences&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015571&cd[external_id]=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&sw=1280&sh=1024&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Jan 2023 01:46:56 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=445868932986977&ev=Lytics%20Audiences&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015573&cd[orc_experience_a6544b1d7d32451bc150b87918198de8_decision]=true&cd[value_stage_anonymous_low_propensity]=true&cd[user_where_ip_address_exists]=true&cd[orc_experience_0ce011fc100a528d4f9395e115c0d050_decision]=true&cd[default_anon_seg]=true&cd[value_stage_anonymous_users]=true&cd[all]=true&cd[orc_experience_f77e4931bf93d00ef9d8c8829dbb932c_decision]=true&cd[smt_new]=true&cd[engagement_new_users]=true&sw=1280&sh=1024&v=2.9.94&r=stable&ec=3&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=445868932986977&ev=Lytics%20Audiences&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015573&cd[orc_experience_a6544b1d7d32451bc150b87918198de8_decision]=true&cd[value_stage_anonymous_low_propensity]=true&cd[user_where_ip_address_exists]=true&cd[orc_experience_0ce011fc100a528d4f9395e115c0d050_decision]=true&cd[default_anon_seg]=true&cd[value_stage_anonymous_users]=true&cd[all]=true&cd[orc_experience_f77e4931bf93d00ef9d8c8829dbb932c_decision]=true&cd[smt_new]=true&cd[engagement_new_users]=true&sw=1280&sh=1024&v=2.9.94&r=stable&ec=3&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=445868932986977&ev=Lytics%20Audiences&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015573&cd[orc_experience_a6544b1d7d32451bc150b87918198de8_decision]=true&cd[value_stage_anonymous_low_propensity]=true&cd[user_where_ip_address_exists]=true&cd[orc_experience_0ce011fc100a528d4f9395e115c0d050_decision]=true&cd[default_anon_seg]=true&cd[value_stage_anonymous_users]=true&cd[all]=true&cd[orc_experience_f77e4931bf93d00ef9d8c8829dbb932c_decision]=true&cd[smt_new]=true&cd[engagement_new_users]=true&sw=1280&sh=1024&v=2.9.94&r=stable&ec=3&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Jan 2023 01:46:56 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=445868932986977&ev=CHEQ&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015569&sw=1280&sh=1024&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=445868932986977&ev=CHEQ&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015569&sw=1280&sh=1024&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=445868932986977&ev=CHEQ&dl=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&rl=https%3A%2F%2Fapp.upsellit.com%2F&if=false&ts=1674352015569&sw=1280&sh=1024&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674352015564.1831973329&it=1674352013373&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Jan 2023 01:46:56 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7e274b127eced155810147601cc81585
250b04e6312ea7fb5f9d97cd16403dc40b9dd2a8
6b41cfbba8a71fa96407d24f839da6a14b0451fb418fdc2df2bdf245787684c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1874
Cache-Control: max-age=165771
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Etag: "63cc72c9-139"
Expires: Mon, 23 Jan 2023 23:49:47 GMT
Last-Modified: Sat, 21 Jan 2023 23:18:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135380185-1&cid=283004757.1674352013&jid=1281403560&gjid=2117824461&_gid=1332918132.1674352013&_u=YGBACUAABAAAACAAI~&z=1442056834
64.233.161.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135380185-1&cid=283004757.1674352013&jid=1281403560&gjid=2117824461&_gid=1332918132.1674352013&_u=YGBACUAABAAAACAAI~&z=1442056834
IP 64.233.161.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135380185-1&cid=283004757.1674352013&jid=1281403560&gjid=2117824461&_gid=1332918132.1674352013&_u=YGBACUAABAAAACAAI~&z=1442056834 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ticketsmarter.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 22 Jan 2023 01:46:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.lytics.io/c/provider/google?google_error=3
104.26.2.22200 OK 35 B URL HTTP/2 c.lytics.io/c/provider/google?google_error=3
IP 104.26.2.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/provider/google?google_error=3 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketsmarter.com/
Connection: keep-alive
Cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:56 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000;
x-error-message: Not found
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCTtG7nTiDtFINgeRkYJtA78b7R9rj9GxDmfGqUwbrB26sok%2FwUYHZIGZREypWfshtiRMc8U%2BmOPWm0hn%2BuRIT1lUicNFZe6%2BVXChIyZyfESrO6F587cxpPf0%2BzP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e687ef5b518-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2936b1acff44cf5ace2f11930f8e7a72
7f06c18b0af8e9c7f241a76a3ea49874fa76d973
f7c607183ebacbbedc4fb7a6862ad0a1af48c370f7153b2358080249237cb061
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5243
Cache-Control: max-age=89982
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:56 GMT
Etag: "63cb3d93-139"
Expires: Mon, 23 Jan 2023 02:46:38 GMT
Last-Modified: Sat, 21 Jan 2023 01:19:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=15105ae3-ef8d-4cbb-94e7-8fea0a7d2224&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0b00df1b-0bfe-4acc-aebd-73082966d5fc&tw_document_href=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o687g&type=javascript&version=2.3.29
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=15105ae3-ef8d-4cbb-94e7-8fea0a7d2224&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0b00df1b-0bfe-4acc-aebd-73082966d5fc&tw_document_href=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o687g&type=javascript&version=2.3.29
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=15105ae3-ef8d-4cbb-94e7-8fea0a7d2224&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0b00df1b-0bfe-4acc-aebd-73082966d5fc&tw_document_href=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o687g&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:56 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_rReTcf929Q1xpTSnT9gVRw=="; Max-Age=63072000; Expires=Tue, 21 Jan 2025 01:46:56 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 6bed27cb35c5bc01
strict-transport-security: max-age=631138519
x-response-time: 172
x-connection-hash: e12b15996388113ed0e0aa0a1d2821e5ca0f2b56bc6f308fc8c0493beb1c637d
X-Firefox-Spdy: h2
c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be/google_dv360?_e=pv&_sesstart=1&_ref=app.upsellit.com%2F&_sesref=app.upsellit.com%2F&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1674352015847&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_v=3.0.30&_uido=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
104.26.2.22200 OK 35 B URL HTTP/2 c.lytics.io/c/a271c7468edd8ef1471b4f8e951397be/google_dv360?_e=pv&_sesstart=1&_ref=app.upsellit.com%2F&_sesref=app.upsellit.com%2F&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1674352015847&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_v=3.0.30&_uido=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
IP 104.26.2.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/a271c7468edd8ef1471b4f8e951397be/google_dv360?_e=pv&_sesstart=1&_ref=app.upsellit.com%2F&_sesref=app.upsellit.com%2F&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1674352015847&_nmob=t&_device=desktop&url=ticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&_uid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf&_v=3.0.30&_uido=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEycUl3lNAAplZTThEeKnnfN1dMFDfnteHjg0u0JI9fuz6n1hamy8arUOvcfHqUtAF%2FHnVFRkY5QliJnHTOT7cJCHIbOTkmhg3m7Z3LNDy%2Bj0rmwnOYTQsSspY1P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d49e69afadb518-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68189bd3a89373f8d49f057e444d87c5
fdd816b804031fac95ed3455471789e940f3c082
e0978ee8aa114c5b8e5633ee2ff0ec0e208f7168d10fd126c3819b63601f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0978EE8AA114C5B8E5633EE2FF0EC0E208F7168D10FD126C3819B63601F10E0"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5300
Expires: Sun, 22 Jan 2023 03:15:17 GMT
Date: Sun, 22 Jan 2023 01:46:57 GMT
Connection: keep-alive
widget.us.criteo.com/event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615
74.119.119.150200 OK 3.8 kB URL HTTP/2 widget.us.criteo.com/event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615
IP 74.119.119.150:0
Hash 40c624c8db0ab41066361fd3cbd93264
19d588715692c1400ef4bcfdcdb9f79405dcccad
09a1722ed990417efd03a05d0fd0daebfd4e5f267a106840b1df03a7c73e45e1
GET /event?a=59067&v=5.13.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapp.upsellit.com&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=IGJjF19TOEw0eDBTRk9pZ1l5U3hpOTZqZ0xLMk1ud29yMFg0dzVIbTZTaTZBMzV4R2d5S0pRWVpSNE5QY1k2WktQSzNBRnFyOUZOJTJCUWxFVkxZc1MlMkJBWFpPM3FKQ0Qzek9FdjI0YVM4ZTRRME9tWkpnR1ZQeTJRSHJxSHZRN3FQbmpzUGgwdGtrVVlyeWVlM2t5ODR5amdXbXh3JTNEJTNE&tld=ticketsmarter.com&fu=https%253A%252F%252Fticketsmarter.com%252F%253Fusi_email_id%253D6sb6di_1670262754_1_send.2592000&pu=https%253A%252F%252Fapp.upsellit.com%252F&dtycbr=21615 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketsmarter.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:56 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 16647828
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68189bd3a89373f8d49f057e444d87c5
fdd816b804031fac95ed3455471789e940f3c082
e0978ee8aa114c5b8e5633ee2ff0ec0e208f7168d10fd126c3819b63601f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0978EE8AA114C5B8E5633EE2FF0EC0E208F7168D10FD126C3819B63601F10E0"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5300
Expires: Sun, 22 Jan 2023 03:15:17 GMT
Date: Sun, 22 Jan 2023 01:46:57 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a74154150ac248ac98ceae4c918cfb7b
8bffd709408365adb486f0fa779e023f0345b811
f0037f06b91a717edf93256973ef63e23c5926f394bc55a2c4dfd193c358ee4e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:06:57 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qv-MEQM9_GGqda5HaQjzjGAtJv_HbQuiRNwi7kujJHYk4OjQndM-kA==
Age: 6000
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:56 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 1312174
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/ed7WtLtfuxU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ed7WtLtfuxU
IP 142.250.74.131:0
Hash 94e48336acd97e44c05289488a98a7d7
dfa18d4a6ba0ad0b9d1063bfe1afc2d09e053fc8
b1e666600b0951c37086ac32a0eea54783a75a3ec6e874333337cfc82293d7eb
POST /s/gts1d4/ed7WtLtfuxU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 086c67e0b501d6e91b03b3e220d3ac3a
642fd6c8ba368bde245ce4352fa85a32067aee12
a449e5a4e363f3410c1cbe88d160ee7caffa6de1ee83212ca591d8dc657618cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6415
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:00:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
cdn.nickelled.com/launchers-2.min.js
54.230.111.43200 OK 43 kB URL HTTP/2 cdn.nickelled.com/launchers-2.min.js
IP 54.230.111.43:0
Hash 237664fca422bba16248b4542f6e1444
efa10110147844c1b98fd1d8c5df15873011257c
0d69ade8d124624d3903fbe7c5444cd6753e1d8d68074d6f4324a982d39c0ede
GET /launchers-2.min.js HTTP/1.1
Host: cdn.nickelled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 26 May 2022 15:39:33 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 22 Jan 2023 01:24:10 GMT
cache-control: max-age=86400
etag: W/"0f6be6e37ce73d3c0e7d39b329b84504"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xR_htzFUVIun0byZb6hDObwzMg1dbM_W0tebE2RTBfPj0OKlZ6qsMg==
age: 3190
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-nb12dr4yg1fDO9--pGrWuBAPGFqXLdgmylgJHA
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-nb12dr4yg1fDO9--pGrWuBAPGFqXLdgmylgJHA
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-nb12dr4yg1fDO9--pGrWuBAPGFqXLdgmylgJHA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3173536173580216000V10; Expires=Mon, 22 Jan 2024 01:46:57 GMT; domain=.media.net; Path=/;
data-c-ts=1674352017;Expires=Tue, 21 Feb 2023 01:46:57 GMT;path=/;domain=.media.net;
data-c=k-nb12dr4yg1fDO9--pGrWuBAPGFqXLdgmylgJHA~~3;Expires=Tue, 21 Feb 2023 01:46:57 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 22 Jan 2023 01:46:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 22 Jan 2023 01:46:57 GMT
X-Firefox-Spdy: h2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-K4FSyr4yg1fDO9--pGrWuBAPGFrxm72ToSP2Zw
37.157.6.246200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-K4FSyr4yg1fDO9--pGrWuBAPGFrxm72ToSP2Zw
IP 37.157.6.246:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-K4FSyr4yg1fDO9--pGrWuBAPGFrxm72ToSP2Zw HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 22 May 2018 12:14:37 GMT
etag: "5b0409ad-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
c.lytics.io/api/experience/candidate/a271c7468edd8ef1471b4f8e951397be/config.js
104.26.2.22200 OK 1.5 kB URL HTTP/2 c.lytics.io/api/experience/candidate/a271c7468edd8ef1471b4f8e951397be/config.js
IP 104.26.2.22:0
File type ASCII text, with very long lines (6398), with no line terminators
Hash f1e88cd3e5156900a1f0fccb0327dbd9
bb6779397750b6b0270de0dc6b6b963b18ca9760
468c34991045ee538fe731a5452ffa6608f12f5154f698359783ac5fac100806
GET /api/experience/candidate/a271c7468edd8ef1471b4f8e951397be/config.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: seerid=c5d2b716-1ffd-442f-af6a-a1d87a5b1edf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:56 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: EXPIRED
last-modified: Sat, 21 Jan 2023 17:17:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhM%2BxgOQ%2BCZn62Cqe4Xt0anRU6sIE4GTsTmAY5B33azYTnPNvZwUhSaO05sCE29TSprReEDxWAux7ewVP5nFD1GN5OpVfUitPvap6Lf5qLCK7fi4I00%2F7KUK3uGh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d49e657d3ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:57 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg&C=1
cf-ray: 78d49e6dc9660b61-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8yVkcXesp59efA.DgvPmwAA; Path=/; Domain=casalemedia.com; Expires=Mon, 22 Jan 2024 01:46:57 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=678; Path=/; Domain=casalemedia.com; Expires=Sat, 22 Apr 2023 01:46:57 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=678; Path=/; Domain=casalemedia.com; Expires=Sat, 22 Apr 2023 01:46:57 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpzbKtdIdy2HkdXvKOW2kvVhvjYamhWzN66NKYvJz5vToe8GBh28kGoPqt9Hy01rhLBdbu0wIzOfqaF56yi%2FN7RZJELd4npcpZK594dqrkEWXUIqk6wxv8Ue%2FMfUrrbDEmOU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pippio.com/api/sync?pid=712185
107.178.254.65451 Unavailable For Legal Reasons 814 B URL HTTP/2 pippio.com/api/sync?pid=712185
IP 107.178.254.65:0
File type gzip compressed data, from Unix\012- data
Hash dd9a3144f7ad29a5371f224d4c01efcf
64a2b3e16960aaacb1f5dcd9506fde65753d3966
9786d4c5176022adf8729e7c72819c9ed2b6eee6e5d1c4c3aa1fa918b6191d3c
GET /api/sync?pid=712185 HTTP/1.1
Host: pippio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Sun, 22 Jan 2023 01:46:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 534d7e63ec65f98dbd2eb5701fef215e
de7f1f6da90e3887ad753e39d091addc62490881
2d79f5eaefaeea814f2e6daa58c291fb1a2743e10a750d12bf916dd0e834abca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128982
Date: Sun, 22 Jan 2023 01:46:57 GMT
Etag: "63cbe212-1d7"
Expires: Mon, 23 Jan 2023 13:36:39 GMT
Last-Modified: Sat, 21 Jan 2023 13:01:06 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wZXG-giDF9bhS-X3eaIgVPjt0xm9YOke93vcXDdzkSeUcxv83dIdFA==
Age: 2133
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4894b630244321cdbbe675cfb725049c
0cebcefdf906417f83fa5f77af6ddcf3431d4784
35e75b2195e1eae64ebe394b75729af38b3a28fe2f514ac9f89653c04c57ced0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6233
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:03:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-rLy8Rr4yg1fDO9--pGrWuBAPGFqP-dfqgCt2Jg&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
content-length: 43
cf-ray: 78d49e6e19800b61-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NINWt3dMU%2FN9kci7NpxChcCN9cP%2FR%2Fdx%2Fsbyw7B3anpLOWRw%2FD0K1ntnwbBN0mpfKZ6Iays8mXXRDHjt6sY%2F1HZZ3YMVfbPgdK1lhb51OuXiOt%2F46na0p%2BX4XhM%2BMnc9C5Zo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67ec2732a4ca77d31c93d8c072e0e417
ae255ddff962b4b861330618178321b89365929c
edd6f7fd89c9a708adcae482821a1618722e74c08dad637d02b65385fdfc95d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:34:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
37.252.171.22302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 37.252.171.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 01:46:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 1fdf3644-85b7-4661-b6e4-7fea93036292
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
eb2.3lift.com/xuid?mid=2711&xuid=k-ruGTDL4yg1fDO9--pGrWuBAPGFrmOwoJciNnZA&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-ruGTDL4yg1fDO9--pGrWuBAPGFrmOwoJciNnZA&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-ruGTDL4yg1fDO9--pGrWuBAPGFrmOwoJciNnZA&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ab2e9d4442b66cdabafee4d15fe91e1a
2d0d84734cc4e3e604c019574f3be2c053d5d5de
db483de23007e8670b2917b3dc9273ae6a6bc46697de1dde0bc97fd2f4f185e1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100235
Date: Sun, 22 Jan 2023 01:46:57 GMT
Etag: "63cb717c-1d7"
Expires: Mon, 23 Jan 2023 05:37:32 GMT
Last-Modified: Sat, 21 Jan 2023 05:00:44 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q00m-rVwIhh2riq6Wtw7A0XFESGkeZGFBoEksrUwSgmgHKsbduUVvw==
Age: 2208
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZlBeh74yg1fDO9--pGrWuBAPGFr7WoXhe3R9TQ&expires=30
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZlBeh74yg1fDO9--pGrWuBAPGFr7WoXhe3R9TQ&expires=30
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-ZlBeh74yg1fDO9--pGrWuBAPGFr7WoXhe3R9TQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 7c5d24517ee193cc868994bc18883d1d
Content-Type: image/gif
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:57 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJGVzGMCEHyOnIKR1oNepsFkczgr7F4FEgEBAQHnzWPWYwAAAAAA_eMAAA&S=AQAAAtRanW7H-JckCRR_HmftAnI; Expires=Mon, 22 Jan 2024 07:46:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f08a3d585cf7c6d17d4e4314ef171c30
c1efc6511d06ec45b19b14c5a2fa73a784cd5d11
18db7d1f8f59f0a80b2529ced8f53ae13d4e09e8c22957ff3ef386238bbee64f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5658
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:12:39 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f98c2216a4653a952a3d362c0c1bfcdf
a7843ea746bde62d8da220dc737e98070ee6d687
b810cabf108c7b3315cd6af5a6a96ef85d339c90424b34d9fe6bcccda1e999b5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:21:00 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: k-CSiq-QD9ikamGx-ocAYHxIpQSb-EHrHTHacDT0FP7fHFhlactmzg==
Age: 5157
tag.segmetrics.io/a1XXX9.js
143.204.55.102200 OK 33 kB URL HTTP/2 tag.segmetrics.io/a1XXX9.js
IP 143.204.55.102:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 6dde0d809c73f1c5a015b0c33b555123
1365b8f1bb5cee3a336ba2fcb02ffcd6fd11bcbb
ea7b8b015c803b8636e0caba3443db1527efc531fcf3ddbc812508255c12530c
GET /a1XXX9.js HTTP/1.1
Host: tag.segmetrics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 00:01:08 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Jan 2023 07:12:16 GMT
etag: W/"fea843d605d0f6dc9dcd7b8d104b405d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oStCvs3H3BO1FfmXuGTlb0sLd4fyC5HMwCDw2GGhj419cFBqke0ikQ==
age: 66879
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4704ec8fcbeb9bd8cea30e3155c36875
dfb29517381610bd17008d89448612dcb2b0a6c9
443c975aa4a8cb2fedfc8e6e4c352c7baeed55719f770744dcbeb35e819b6e51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "443C975AA4A8CB2FEDFC8E6E4C352C7BAEED55719F770744DCBEB35E819B6E51"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11893
Expires: Sun, 22 Jan 2023 05:05:10 GMT
Date: Sun, 22 Jan 2023 01:46:57 GMT
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-2D5K8r4yg1fDO9--pGrWuBAPGFoac-xs3hMm2g&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 22 Jan 2023 01:46:57 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJGVzGMCEMWCLJfXRNd-0mBnT9yeU94FEgEBAQHnzWPWYwAAAAAA_eMAAA&S=AQAAAnA8Pc6zsFxJhPB9EeMmeNQ; Expires=Mon, 22 Jan 2024 07:46:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw
18.158.165.92302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw
IP 18.158.165.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw
set-cookie: tuuid=6c8534a7-fd00-4826-b463-618ed2ed1990; Expires=Sat, 22 Apr 2023 01:46:57 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674352017; Expires=Sat, 22 Apr 2023 01:46:57 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvchfTb5fARplijSWs1tlNAlpMJPeaSWNJINpLeH73pK8iu_z0gqxe4mccPEL--px7HG2t959fIHHemjua0HnrGcn4LXr30
vary: Accept-Encoding
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Sun, 22 Jan 2023 01:46:09 GMT
expires: Sun, 22 Jan 2023 05:46:09 GMT
cache-control: public, max-age=14400
age: 48
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74b12f883f21d58026b40fd797907a73
31c94f2ebcf10ffd457f92254ea4bb8f0cce08af
5196efb648ec992fa60d3146764016dbc186afe5e038f1ad07807a1656cb425d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 00:40:28 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50b6cbda75dbb1870ab85dbd7c130c12
c23888c927c385144742fbba18babb0a7debfdf3
dbcd375b740dcfc407e187cda60120b22736456de51a16eb5aefeb3b46c25d9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3466
Cache-Control: max-age=105464
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Etag: "63cb80ff-1d7"
Expires: Mon, 23 Jan 2023 07:04:41 GMT
Last-Modified: Sat, 21 Jan 2023 06:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-8dWRGL4yg1fDO9--pGrWuBAPGFoySJpkfecaUQ
185.86.139.114200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-8dWRGL4yg1fDO9--pGrWuBAPGFoySJpkfecaUQ
IP 185.86.139.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-8dWRGL4yg1fDO9--pGrWuBAPGFoySJpkfecaUQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 22 Jan 2023 01:46:57 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=7187971170082982517; expires=Thu, 22 Feb 2024 01:46:57 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 22 Feb 2024 01:46:57 GMT; domain=smartadserver.com; path=/
csync=79:k-8dWRGL4yg1fDO9--pGrWuBAPGFoySJpkfecaUQ; expires=Mon, 22 Jan 2024 01:46:57 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
id5-sync.com/s/966/9.gif?puid=k-yQX1y74yg1fDO9--pGrWuBAPGFoc4rBkOwnQtQ
162.19.138.83200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-yQX1y74yg1fDO9--pGrWuBAPGFoc4rBkOwnQtQ
IP 162.19.138.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-yQX1y74yg1fDO9--pGrWuBAPGFoc4rBkOwnQtQ HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 22-Jan-2023 01:51:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 22-Jan-2023 01:51:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 22-Jan-2023 01:51:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 22-Jan-2023 01:51:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 22-Jan-2023 01:51:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 22-Jan-2023 01:51:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 22 Jan 2023 01:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ad.yieldlab.net/m?dt_id=8664&ext_id=k-APmo2L4yg1fDO9--pGrWuBAPGFrrqzmqnqNeOA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-APmo2L4yg1fDO9--pGrWuBAPGFrrqzmqnqNeOA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-APmo2L4yg1fDO9--pGrWuBAPGFrrqzmqnqNeOA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 21 Jan 2023 01:46:57 GMT
Date: Sun, 22 Jan 2023 01:46:57 GMT
Connection: keep-alive
Set-Cookie: id=8a86240e-a5dd-4517-8140-4b5c051b71e8; Path=/; Domain=prod.svc.y6b.de; Expires=Mon, 22-Jan-2024 01:46:57 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash ac7ce47b345cc60d011cd149c736e29f
9b27e0ae29a00d2256d352e43c88831985d2740c
abae300737c7d64afda1c682c06e5534000ce0aadb11d753e894e6ff792af9ae
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 01:46:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 21:05:51 GMT
Expires: Sun, 22 Jan 2023 21:05:51 GMT
ETag: "9b27e0ae29a00d2256d352e43c88831985d2740c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw
18.158.165.92200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw
IP 18.158.165.92:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-5Zoyab4yg1fDO9--pGrWuBAPGFp3wDupKplKNw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:56 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ&KRTB&23144-uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ&KRTB&23286-uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ&KRTB&23287-uid:k-AEb7yb4yg1fDO9--pGrWuBAPGFpXTP3mTxH7gQ; domain=pubmatic.com; secure; expires=Tue, 21-Feb-2023 01:46:56 GMT; path=/
PugT=1674352016; domain=pubmatic.com; secure; expires=Tue, 21-Feb-2023 01:46:56 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-VaYyl74yg1fDO9--pGrWuBAPGFooy6QJQJa5bVrxW6OF_LCP
3.71.169.66204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-VaYyl74yg1fDO9--pGrWuBAPGFooy6QJQJa5bVrxW6OF_LCP
IP 3.71.169.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-VaYyl74yg1fDO9--pGrWuBAPGFooy6QJQJa5bVrxW6OF_LCP HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 22 Jan 2023 01:46:57 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
52.30.252.118302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 52.30.252.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=47897785638640198551142275277651253349; Max-Age=15552000; Expires=Fri, 21 Jul 2023 01:46:57 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +hmduW93RKA=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/ed7WtLtfuxU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ed7WtLtfuxU
IP 142.250.74.131:0
Hash 94e48336acd97e44c05289488a98a7d7
dfa18d4a6ba0ad0b9d1063bfe1afc2d09e053fc8
b1e666600b0951c37086ac32a0eea54783a75a3ec6e874333337cfc82293d7eb
POST /s/gts1d4/ed7WtLtfuxU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
52.30.252.118200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 52.30.252.118:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: u6xVC7VvTsY=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 119e5fc7206604413d54573675962599
4331bf86f14c340725aac73e14794661efc7240c
a2ffd7fba59023941738337a39d460b1418eaec7ac5784f9fe1c7abed4200041
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128609
Date: Sun, 22 Jan 2023 01:46:57 GMT
Etag: "63cbd407-1d7"
Expires: Mon, 23 Jan 2023 13:30:26 GMT
Last-Modified: Sat, 21 Jan 2023 12:01:11 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SvM7kaSGAPdwvXno-GXUPnE9mAkS2pB3cb5Wn1BrUB4z4sKanRDNHg==
Age: 5355
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a6392be277cb05d451d205a64a118261
ea50b86b15c80bf2584902a5834b857a02274b38
8db1a90891bdf175f8ff9dcc1240a5ce906a5b01d62670e089b2a73aa753696e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 01:46:57 GMT
Last-Modified: Sun, 22 Jan 2023 01:04:19 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _EKl9HTOpfl7r-Ul2Dru1OfM_8xBOiSA_5QZiExGoNBXhX_dhF3LxA==
Age: 2558
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:57 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 414274
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-sb5_e74yg1fDO9--pGrWuBAPGFq_rlFwzoeihA
64.202.112.223200 OK 408 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-sb5_e74yg1fDO9--pGrWuBAPGFq_rlFwzoeihA
IP 64.202.112.223:0
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash 57de7889684b7342664382aae05316c4
44d54401eeb29a21e7d6b18413bc4970882a740f
b18923e52113e8f3bc192baf1eb97dcf63c19a97b9405334b2c03974c48aec0c
GET /cookie-sync?p=criteo&uid=k-sb5_e74yg1fDO9--pGrWuBAPGFq_rlFwzoeihA HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 01:46:57 GMT
Content-Type: application/json
Content-Length: 408
Cache-Control: no-cache
X-TraceId: b1f930328802a755269783e166f65946
sync-criteo.ads.yieldmo.com/sync?id=k-TY9-C74yg1fDO9--pGrWuBAPGFolE4zA9GcSFg&pn_id=criteo&ext=1
54.194.64.233200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-TY9-C74yg1fDO9--pGrWuBAPGFolE4zA9GcSFg&pn_id=criteo&ext=1
IP 54.194.64.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-TY9-C74yg1fDO9--pGrWuBAPGFolE4zA9GcSFg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g7b2f4b884861ab6aafd%7C1674352017909%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 22-Jan-2024 01:46:57 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-TY9-C74yg1fDO9--pGrWuBAPGFolE4zA9GcSFg; Domain=ads.yieldmo.com; Expires=Mon, 22-Jan-2024 01:46:57 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a91ef7e4029ff1a1e6fbe332cc93a1f9
44c04ae979090e1b2a02ebba7be93ae37836b029
f6c17aa39c2fad4cd0ea059fe8b22b185a085eee85049d26ee8977ba2b829471
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144225
Date: Sun, 22 Jan 2023 01:46:57 GMT
Etag: "63cc1d26-1d7"
Expires: Mon, 23 Jan 2023 17:50:42 GMT
Last-Modified: Sat, 21 Jan 2023 17:13:10 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VDlaELOcCsBn2UwsNvanVUbgSaQvElHTyTNvePjjQWmg4Vh4NZNmKA==
Age: 2252
addshoppers.s3.amazonaws.com/customize/62a3a2561744a804b0b92f32/6655bc9313d84ed58c60ab5869304f72.js?_t=1666025904
54.231.160.153200 OK 1.3 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/62a3a2561744a804b0b92f32/6655bc9313d84ed58c60ab5869304f72.js?_t=1666025904
IP 54.231.160.153:0
File type ASCII text, with very long lines (4735), with no line terminators
Hash 2c85d5290ca4ebbb1bbc13774c808619
af431700703e7cf84db7d9bb0f8cfef8011432f0
573b49d51a86581c2f2a152ef94d595249e1bd7f9335b7be398c560ce3089b95
GET /customize/62a3a2561744a804b0b92f32/6655bc9313d84ed58c60ab5869304f72.js?_t=1666025904 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PrwWmhEAzK3vd2dvHdRnTRfRp/xnQV4rQBrt+7e9mVPRdv70UdyVD3n4iOvkFkvY2hemLcEdMn0=
x-amz-request-id: EDCY4VJKFTNVEXJD
Date: Sun, 22 Jan 2023 01:46:58 GMT
Last-Modified: Mon, 17 Oct 2022 16:58:25 GMT
ETag: "2c85d5290ca4ebbb1bbc13774c808619"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: _X5DXO0IWyqFUhmrdIqUyHKXsY2V.btj
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1268
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6b60775dea7e3a3176f3e76259e40d7
db0975ab29f5843cb2d5cbf736d788563d7b51d7
64baff57be5f90d074c8abadb95cd74327c05677affe3877e18f8f6d3a5cede3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2151
Cache-Control: max-age=125399
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 01:46:58 GMT
Etag: "63cbd402-1d7"
Expires: Mon, 23 Jan 2023 12:36:57 GMT
Last-Modified: Sat, 21 Jan 2023 12:01:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
34.248.136.204204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 34.248.136.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 22 Jan 2023 01:46:58 GMT
set-cookie: _kuid_=PVT7P8cc; Expires=Fri, 21-Jul-23 01:46:58 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n017-dub-prod.krxd.net
x-request-time: D=32 t=1674352018
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:57 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 541488
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-TOdfb74yg1fDO9--pGrWuBAPGFoQusqm0qENKg
34.237.150.16200 OK 43 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-TOdfb74yg1fDO9--pGrWuBAPGFoQusqm0qENKg
IP 34.237.150.16:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UICR=k-TOdfb74yg1fDO9--pGrWuBAPGFoQusqm0qENKg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:58 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f344d119280ac51d2f21b252bfd0526a
1a7e5d50b9014f0638377eb6cbcee7d2eab3660a
4ef900128cdfaa485ea952b7c3ce62faac063651fff7bd6c66bb5c775af1d60f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 01:46:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 15:11:54 GMT
Expires: Sat, 28 Jan 2023 15:11:53 GMT
Etag: "1a7e5d50b9014f0638377eb6cbcee7d2eab3660a"
Cache-Control: max-age=566094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d49e6eb9830b3d-OSL
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-BWUOcL4yg1fDO9--pGrWuBAPGFrZRcaAgpgQ_Q
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-BWUOcL4yg1fDO9--pGrWuBAPGFrZRcaAgpgQ_Q
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-BWUOcL4yg1fDO9--pGrWuBAPGFrZRcaAgpgQ_Q HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=9e3666e095aa8680453027cc5bc4dfb8; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 01:46:58 GMT
content-length: 49
x-envoy-upstream-service-time: 54
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 590a5ff5acad99ebe62f97fa191bbf3e
df3e1c8ccf7387ca8d896357fb98fa9adcc255d9
462232946b66a7e8918e8de478a616414d953c4c5cb39c4b02da5aa325aa9335
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 01:46:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 01:56:48 GMT
Expires: Sat, 28 Jan 2023 01:56:47 GMT
Etag: "df3e1c8ccf7387ca8d896357fb98fa9adcc255d9"
Cache-Control: max-age=518388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d49e6e28d4b517-OSL
x.bidswitch.net/sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30
3.67.29.124302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30
IP 3.67.29.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 01:46:58 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=7977c206-94c2-4b3a-8c47-d5f398c40261; path=/; expires=Mon, 22-Jan-2024 01:46:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674352018; path=/; expires=Mon, 22-Jan-2024 01:46:58 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674352018; path=/; expires=Mon, 22-Jan-2024 01:46:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674352018; path=/; expires=Mon, 22-Jan-2024 01:46:58 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30
3.67.29.124200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30
IP 3.67.29.124:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-OyfQCb4yg1fDO9--pGrWuBAPGFq4za60xk2iew&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:58 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 356ae56c258161366fd9a3b742ff7ab8
118db771c0e9409d05ce6dd85f1724e69dac1b96
c48e8f0a756214ff2663b047484f2e3c9815453245af4bfba6f4a1b1e11c97bf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "C48E8F0A756214FF2663B047484F2E3C9815453245AF4BFBA6F4A1B1E11C97BF"
Last-Modified: Sat, 21 Jan 2023 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Sun, 22 Jan 2023 02:24:50 GMT
Date: Sun, 22 Jan 2023 01:46:58 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f1d84b4160eb6d9a78cd74199aafa45a
e576e8ec8f5762b3b1a0de5163beed9055c2dc23
74fc000a4b00232904e56fa3d05c5e8d9cb532b664fe14a5d82418fdb93ec6b6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106702
Date: Sun, 22 Jan 2023 01:46:58 GMT
Etag: "63cb7e2e-1d7"
Expires: Mon, 23 Jan 2023 07:25:20 GMT
Last-Modified: Sat, 21 Jan 2023 05:54:54 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vN7_Oenpk4TjYdR84HPk08QwzlF9logzQXExLcXMpKUFHVKU8yxn2g==
Age: 5426
obs.travelrobotflower.com/mon
52.45.196.192200 OK 0 B URL HTTP/2 obs.travelrobotflower.com/mon
IP 52.45.196.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /mon HTTP/1.1
Host: obs.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1486
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: cg_uuid=c06acd5814608b4be728ed9fe43f2881
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ticketsmarter.com
content-type: application/json
date: Sun, 22 Jan 2023 01:46:58 GMT
content-length: 0
X-Firefox-Spdy: h2
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
18.188.43.146200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 18.188.43.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:58 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: a875cb50-99f6-11ed-914e-0000ac170131
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
nytrng.com/iframe?vcp=4dd5h0np&as_id=41b8f0fabc00409c9f839aac48d52263
99.83.128.14200 OK 416 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=41b8f0fabc00409c9f839aac48d52263
IP 99.83.128.14:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416), with no line terminators
Hash 7988305e10eac88f54cf1c474d5b8e3c
001d7d7ee7386963b49f6d8cc97023dec83c0240
ed9da2e4e22d54c8eca66bc992660e89c7ddd10310ce9d62110b169ad3cf8fe0
GET /iframe?vcp=4dd5h0np&as_id=41b8f0fabc00409c9f839aac48d52263 HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:58 GMT
content-type: text/html; charset=utf-8
content-length: 416
server: gunicorn
X-Firefox-Spdy: h2
cdn.nytrng.com/pl.2.2.min.js
143.204.55.112200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP 143.204.55.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Mon, 02 Jan 2023 11:38:59 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xOrXbo_ud3CiaEZrxTnDH0zPWjAaSnCW4EXsEbAJir37CGGE0PzhUA==
age: 1692479
X-Firefox-Spdy: h2
obs.travelrobotflower.com/mon
52.45.196.192200 OK 0 B URL HTTP/2 obs.travelrobotflower.com/mon
IP 52.45.196.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /mon HTTP/1.1
Host: obs.travelrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1486
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Cookie: cg_uuid=c06acd5814608b4be728ed9fe43f2881
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ticketsmarter.com
content-type: application/json
date: Sun, 22 Jan 2023 01:47:00 GMT
content-length: 0
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AoucNL4yg1fDO9--pGrWuBAPGFrfT6vteGB_ZQ&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AoucNL4yg1fDO9--pGrWuBAPGFrfT6vteGB_ZQ&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AoucNL4yg1fDO9--pGrWuBAPGFrfT6vteGB_ZQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 308600
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ticketsmarter.activehosted.com/f/embed.php?id=25
104.17.87.109200 OK 0 B URL HTTP/2 ticketsmarter.activehosted.com/f/embed.php?id=25
IP 104.17.87.109:0
GET /f/embed.php?id=25 HTTP/1.1
Host: ticketsmarter.activehosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: text/javascript;charset=UTF-8
expires: Sun, 22 Jan 2023 05:46:53 GMT
cache-control: public, max-age=14400
pragma: no-cache
x-request-id: 9e0eb8cb512ff40233e86260807a6cc9
last-modified: Sun, 22 Jan 2023 00:04:46 GMT
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d49e545927b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.tp88trk.com/scripts/sdk/everflow.js
35.190.72.228200 OK 0 B URL HTTP/2 www.tp88trk.com/scripts/sdk/everflow.js
IP 35.190.72.228:0
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.tp88trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: text/javascript
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: 79dce8a9-746f-4f77-8ae2-e5fc0f2439ed
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.29200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.29:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 102833
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-F55LQL4yg1fDO9--pGrWuBAPGFoRcYz_PoiN28gHUW4keHwU
18.195.237.15200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-F55LQL4yg1fDO9--pGrWuBAPGFoRcYz_PoiN28gHUW4keHwU
IP 18.195.237.15:0
GET /usersync/push?partner=criteo&partnerId=k-F55LQL4yg1fDO9--pGrWuBAPGFoRcYz_PoiN28gHUW4keHwU HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22a7c9acd0-99f6-11ed-81cc-3b145d28c6d8%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 05 Feb 2023 01:46:57 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22a7c9acd0-99f6-11ed-81cc-3b145d28c6d8%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 05 Feb 2023 01:46:57 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22a7c9acd0-99f6-11ed-81cc-3b145d28c6d8%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 05 Feb 2023 01:46:57 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22a7c9acd0-99f6-11ed-81cc-3b145d28c6d8%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 05 Feb 2023 01:46:57 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-F55LQL4yg1fDO9--pGrWuBAPGFoRcYz_PoiN28gHUW4keHwU%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sun, 05 Feb 2023 01:46:57 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=ticketsmarter.com&origin=onetag
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=ticketsmarter.com&origin=onetag
IP 178.250.2.146:0
GET /syncframe?topUrl=ticketsmarter.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=b5b22541-8ae4-4946-aaf4-7670b1665c80; expires=Fri, 16 Feb 2024 01:46:54 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 488621
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
app.shop.pe/app/datapartners/status?usersite_id=62a3a2561744a804b0b92f32
35.227.244.1200 OK 0 B URL HTTP/2 app.shop.pe/app/datapartners/status?usersite_id=62a3a2561744a804b0b92f32
IP 35.227.244.1:0
GET /app/datapartners/status?usersite_id=62a3a2561744a804b0b92f32 HTTP/1.1
Host: app.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ticketsmarter.com
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken
set-cookie: _xsrf=2|511c2f91|b2233cf2e5930d8a5fd4525263fd8a26|1674352017; Path=/
access-control-allow-origin: *
etag: W/"d48adb817df76a0be528e77b4fc4b708c8c46f73"
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.p-n.io/pushly-sdk.min.js?domain_key=U1YmTjC3xBBELzItGjbyQjkH1StKDCsDsxLL
54.230.111.102200 OK 0 B URL HTTP/2 cdn.p-n.io/pushly-sdk.min.js?domain_key=U1YmTjC3xBBELzItGjbyQjkH1StKDCsDsxLL
IP 54.230.111.102:0
GET /pushly-sdk.min.js?domain_key=U1YmTjC3xBBELzItGjbyQjkH1StKDCsDsxLL HTTP/1.1
Host: cdn.p-n.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 20:50:26 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 22 Jan 2023 01:46:53 GMT
cache-control: max-age=900
etag: W/"a5a2d791e2de3b6baa6f3c80625e13cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mV1-Ivw67azgQji-WNIvl4CCAI63mQe3LNsmS9Bdr6vpf3XmHyWQCw==
age: 2
X-Firefox-Spdy: h2
dev.visualwebsiteoptimizer.com/j.php?a=621054&u=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&f=1&r=0.08262887936131924
34.96.102.137200 OK 0 B URL HTTP/2 dev.visualwebsiteoptimizer.com/j.php?a=621054&u=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&f=1&r=0.08262887936131924
IP 34.96.102.137:0
GET /j.php?a=621054&u=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&f=1&r=0.08262887936131924 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 0 B URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
cache-control: public, max-age=300
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: sCYVe7QzQN-Z21TJriJfx73OXUWjIpkRFGlKaQ5OGjoofuNYUJz1gA==
cf-cache-status: HIT
age: 284
server: cloudflare
cf-ray: 78d49e587f41b505-OSL
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.91200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.91:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 137079
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 367590
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-SvgyBr4yg1fDO9--pGrWuBAPGFo8Hye5lranjA
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-SvgyBr4yg1fDO9--pGrWuBAPGFo8Hye5lranjA
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-SvgyBr4yg1fDO9--pGrWuBAPGFo8Hye5lranjA HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 01:46:57 GMT
x-fastly-to-nlb-rtt: 25034
access-control-allow-credentials: true
X-Firefox-Spdy: h2
unpkg.com/intl-tel-input@17.0.18/build/css/intlTelInput.min.css
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/intl-tel-input@17.0.18/build/css/intlTelInput.min.css
IP 104.16.122.175:0
GET /intl-tel-input@17.0.18/build/css/intlTelInput.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4ad5-/7iiVjPE3eq4HRsXQqwv0LRCpMY"
via: 1.1 fly.io
fly-request-id: 01GAKZEYB03B4H35RFNZ0NVVM9-fra
cf-cache-status: HIT
age: 13676625
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78d49e578a89b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
prism.app-us1.com/?a=1002304818&u=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&r=https%3A%2F%2Fapp.upsellit.com%2F
104.17.146.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=1002304818&u=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&r=https%3A%2F%2Fapp.upsellit.com%2F
IP 104.17.146.91:0
GET /?a=1002304818&u=https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000&r=https%3A%2F%2Fapp.upsellit.com%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_1002304818=39a0c286-5c0c-4795-9b5f-8b3335e7094e; expires=Tue, 21-Feb-2023 01:46:54 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 47
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78d49e5bea95b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=3o3h3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRiUyRlVrbXRRUnptJTJCdjhhMVByTXFCRU5FJTJCUkRTeThvRUw0bzVoWkd2N3hOdQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 01:46:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=r1ps4V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRiUyRlVrbXRRUnptJTJCdjhhMVByTXFCRU5saXF6MkxSaHVjQiUyRkZBeWR1NTlHUw; expires=Fri, 16 Feb 2024 01:46:55 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 347603
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/1445288/trc/3/json?tim=1674352015510&data=%7B%22id%22%3A439%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1674352015505%2C%22cv%22%3A%2220230112-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ticketsmarter.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fapp.upsellit.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-ericticketsmartercom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1674352015509%2C%22ref%22%3A%22https%3A%2F%2Fapp.upsellit.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.193.44200 OK 0 B URL HTTP/2 trc.taboola.com/1445288/trc/3/json?tim=1674352015510&data=%7B%22id%22%3A439%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1674352015505%2C%22cv%22%3A%2220230112-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ticketsmarter.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fapp.upsellit.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-ericticketsmartercom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1674352015509%2C%22ref%22%3A%22https%3A%2F%2Fapp.upsellit.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.193.44:0
GET /1445288/trc/3/json?tim=1674352015510&data=%7B%22id%22%3A439%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1674352015505%2C%22cv%22%3A%2220230112-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ticketsmarter.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fapp.upsellit.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-ericticketsmartercom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1674352015509%2C%22ref%22%3A%22https%3A%2F%2Fapp.upsellit.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fticketsmarter.com%2F%3Fusi_email_id%3D6sb6di_1670262754_1_send.2592000%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ticketsmarter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 01:46:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674352017.641175,VS0,VE103
vary: Accept-Encoding
x-vcl-time-ms: 103
X-Firefox-Spdy: h2