r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13993
Expires: Tue, 21 Feb 2023 10:56:18 GMT
Date: Tue, 21 Feb 2023 07:03:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03ba1c19530391f28dcb5c049ab66e99
a1b89c652e5406b1981704d1973ac1c820ec584d
9c78f93d5d5c96391e480ecad78b4a6a30fb33fdc61acc7799fe3401c62a1292
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C78F93D5D5C96391E480ECAD78B4A6A30FB33FDC61ACC7799FE3401C62A1292"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7647
Expires: Tue, 21 Feb 2023 09:10:32 GMT
Date: Tue, 21 Feb 2023 07:03:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Feb 2023 06:53:40 GMT
content-type: application/json
age: 565
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13695
Expires: Tue, 21 Feb 2023 10:51:20 GMT
Date: Tue, 21 Feb 2023 07:03:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CJJZMe7tj8ICmDesPMq2ggSDqrEslz1XerOjhUXJuUx1aLviMCR0MWXGabKeRF3HSN9sfQJQu6E=
x-amz-request-id: H8N5DCBHVJ2R6PBN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Feb 2023 06:22:39 GMT
age: 2426
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.msearch.co/pse/search?spid=160&sspid=1003&channel=1302&query=red%20gucci%20shirt
54.148.133.252302 FOUND 367 B URL HTTP/1.1 www.msearch.co/pse/search?spid=160&sspid=1003&channel=1302&query=red%20gucci%20shirt
IP 54.148.133.252:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 357051d3d41f7bbe460eb86bc26119e9
54ccb1790bb286aba1d502a30e81c0601d64a181
4b19d9a5ac601ece376d7bb26512d7a5231e754d776267138241f4706385402c
GET /pse/search?spid=160&sspid=1003&channel=1302&query=red%20gucci%20shirt HTTP/1.1
Host: www.msearch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 FOUND
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 21 Feb 2023 07:03:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 367
Connection: keep-alive
Location: https://noxsearch.com/?pub=2006&adv=200&sub=9021&q=red%20gucci%20shirt
ocsp.pki.goog/s/gts1p5/V4csmGv3kKc
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/V4csmGv3kKc
IP 142.250.74.131:0
Hash acf0768aaa21474697a6923e94eb616d
e3228d55740dbb8992c6f290527258cae1aff448
86910168953f1afa4d51bc22382a5f75db6726db30b3bf6ce773c9fcb40dc7ca
POST /s/gts1p5/V4csmGv3kKc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Feb 2023 06:20:35 GMT
age: 2551
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6757
Expires: Tue, 21 Feb 2023 08:55:43 GMT
Date: Tue, 21 Feb 2023 07:03:06 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/V4csmGv3kKc
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/V4csmGv3kKc
IP 142.250.74.131:0
Hash acf0768aaa21474697a6923e94eb616d
e3228d55740dbb8992c6f290527258cae1aff448
86910168953f1afa4d51bc22382a5f75db6726db30b3bf6ce773c9fcb40dc7ca
POST /s/gts1p5/V4csmGv3kKc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SzFUl+ULMnwFfnNhWuwscQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AXdscUW358S/7CQ38PARwVSh7Nw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ed715c2a9e4a19322fdb868492a0d55
9324399c27e9b3813c6e45ef4895a736301f95a2
bdfdc4fbfc78f1e5a2fde956c5bbea62762b2dac746b49c66d37ac8a68cdca98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDFDC4FBFC78F1E5A2FDE956C5BBEA62762B2DAC746B49C66D37AC8A68CDCA98"
Last-Modified: Tue, 21 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 21 Feb 2023 13:03:07 GMT
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
srch.adsearchexperts.biz/f?cid=5475&q=red+gucci+shirt
35.233.96.203307 Temporary Redirect 0 B URL HTTP/2 srch.adsearchexperts.biz/f?cid=5475&q=red+gucci+shirt
IP 35.233.96.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f?cid=5475&q=red+gucci+shirt HTTP/1.1
Host: srch.adsearchexperts.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 21 Feb 2023 07:03:07 GMT
content-length: 0
location: https://searchexperts.online/?browser=BrowserFirefox&cid=5475&geo=Norway&ip=91.90.42.154&q=red+gucci+shirt&unix=1676962987
cache-control: no-store
set-cookie: be8fcd3664cea190268372b323d092c9=1; Expires=Tue, 21 Feb 2023 09:03:07 GMT
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34083ede8247604d8d751c9ed91fa5a6
6c4058bedc2824a611a43d3fe233a816531b497b
2f6560aecbba61527541556e438200e6640114e3e3797a878eba3780952c4641
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F6560AECBBA61527541556E438200E6640114E3E3797A878EBA3780952C4641"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Tue, 21 Feb 2023 13:02:40 GMT
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
searchexperts.online/?browser=BrowserFirefox&cid=5475&geo=Norway&ip=91.90.42.154&q=red+gucci+shirt&unix=1676962987
144.76.107.252302 Found 182 B URL HTTP/2 searchexperts.online/?browser=BrowserFirefox&cid=5475&geo=Norway&ip=91.90.42.154&q=red+gucci+shirt&unix=1676962987
IP 144.76.107.252:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with no line terminators
Hash 029fbf14b5d2a9440bbfa7a3ea282415
8e330a9cf3ffebb7dbd944159c180fd4e8f6e6c8
025ad3120ad68af08becd9c51cb25d930e585b07f09464ac4dc66e44ae246483
GET /?browser=BrowserFirefox&cid=5475&geo=Norway&ip=91.90.42.154&q=red+gucci+shirt&unix=1676962987 HTTP/1.1
Host: searchexperts.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-origin: *
content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 07:03:07 GMT
location: https://www.securesear.ch?gid=8b4bFVHWv_823&q=red%20gucci%20shirt
referrer-policy: no-referrer
vary: Accept
x-powered-by: Express
content-length: 182
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11597
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11597
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11597
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82deb326eb0c337b11049eaa06ab6fc5
d6066ccfc2035d17b1e99b1794c49cb48169889c
1612e8f3c8b8250c10ee8a92a37845d229c9cbeec96f5a68061f129a5c078551
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 3b0cb8b9-7603-4e7e-b93d-0187199b7ab3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoGVhFjIIAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31dbc-1d01d5416ff15f40518be204;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:14:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9NHoW87jZe1S6XiHqudUOhUKLiVuQDS1kGRSU4dY4Pwyg4LsBrhfmA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 07:37:59 GMT
age: 84308
etag: "d6066ccfc2035d17b1e99b1794c49cb48169889c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d5b1f36b0fce0c27bc55b1b565fc036
b6b3c4f523346bcad001b251c984d18aee522d33
d03c32dc9a6ffce9b147d6db39df6a7bd3a3a47f778242e3194aa82357138d6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13379
x-amzn-requestid: 304b3dbc-34c8-45f6-bc57-0cb24d8bcd71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkTwpHiPoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1999d-428a7455204ae54c4383071b;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 03:38:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wEimr3MFrSkUXiNK08bsd0FgzCvyhJyigthdZRTpH6-V1t88W6pNNQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 21:54:43 GMT
age: 32904
etag: "b6b3c4f523346bcad001b251c984d18aee522d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 09:13:17 GMT
age: 78590
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed3595d-47db-4621-b36f-23407a18c74c.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed3595d-47db-4621-b36f-23407a18c74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4d3cade93359d4511d7cbdff3c5b6de
b55ba22c166fb51213c8b94e332b526f0651fe60
4bd0f2d2ba0503d91be7acac1a360015126212673087ac0dc87af057ac8d2bdd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed3595d-47db-4621-b36f-23407a18c74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6945
x-amzn-requestid: 894dbbbe-68ca-4f46-983f-db217209b91d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoFK0EctoAMF4sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31bde-7172d54b3745c9fe7bdd2091;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:06:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gGb38mrx87XiR1M_NYJm5XUbG-e4-sOdWrNz7bnfzJ4UQzesi1EbiA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 07:14:38 GMT
age: 85709
etag: "b55ba22c166fb51213c8b94e332b526f0651fe60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2b76c4-52ad-47bd-8c3e-94cd87230dba.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2b76c4-52ad-47bd-8c3e-94cd87230dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 537a38efca61af36350a35ee43c144a6
a50d619ea272745b4a0e03e468206fedb6ae66f3
ebbc1f32d86bca774cddea9afbaf57ab0e95d06df302f60ee1c7fdb901ea728b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2b76c4-52ad-47bd-8c3e-94cd87230dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11740
x-amzn-requestid: 0d6b7b96-593a-4aed-a248-21f2f5bf8aeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AheAnGWQIAMFgcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f076d0-685a695e5b5a3475244e9c28;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 06:57:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kF88zbpCJLPe93OfdwoE1NEnWlR2LZ4XQjcJxSM75TE3qGrEBeLB-w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 23:57:11 GMT
age: 25556
etag: "a50d619ea272745b4a0e03e468206fedb6ae66f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f4f15374ec09bd3d657f2c8f0fa886c
fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c
a63f93c3413c34897706ede836bf8aaf186a7002a901df0dc5481d381af5b849
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7349
x-amzn-requestid: 76a8d55e-1e03-44d3-8c54-189007f4cf2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AhffeElfIAMFWOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f0792f-30cb18357e326d222d1078b8;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 07:07:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n6XdCksCYvpPD8Otqr9wPB8zPPfSTer7MiRdZHKdacvrMsw3njP_Nw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 11:21:08 GMT
age: 70919
etag: "fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e148facf5fa2b0f08978cc82a0811c5c
e4b7a76cd231930574aefd55e7c7948fea2e30ac
4b1028adc39d2d3bda09da91ae31dce7003f82146dc34b3c66b5adda15e4f991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B1028ADC39D2D3BDA09DA91AE31DCE7003F82146DC34B3C66B5ADDA15E4F991"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6698
Expires: Tue, 21 Feb 2023 08:54:45 GMT
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
live.m81.me/api/find?gid=8b4bFVHWv_823&q=red%20gucci%20shirt&f=true&o=false&i=false
54.157.58.70200 OK 116 B URL HTTP/1.1 live.m81.me/api/find?gid=8b4bFVHWv_823&q=red%20gucci%20shirt&f=true&o=false&i=false
IP 54.157.58.70:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e55106beb0754e845e12338285a7fc4
02ff624df1a65fed514d3ffad24a828c34522ac5
1ed47bd1eb6b1391784fca0d02ec493adec2dc37b4fe1d515914543e7caec03c
GET /api/find?gid=8b4bFVHWv_823&q=red%20gucci%20shirt&f=true&o=false&i=false HTTP/1.1
Host: live.m81.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.securesear.ch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Date: Tue, 21 Feb 2023 07:03:07 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, POST
Access-Control-Expose-Headers:
Access-Control-Max-Age: 7200
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Content-Type: application/json; charset=utf-8
Etag: W/"1ed47bd1eb6b1391784fca0d02ec493a"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: c9c6068f-3dcc-4de7-81e5-21f4bc594540
X-Runtime: 0.013018
Vary: Origin
Transfer-Encoding: chunked
Via: 1.1 vegur
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8bc29bab0b4327487fe6c30df8f62d33
45609e40889969c5d6ad7ba5f885c7bebfe11bfd
a37fd84a7ccfe14c56d0d5930c56351a580b72d6f126014baf39d1a5b3dcdb13
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Feb 2023 07:03:08 GMT
Etag: "63f37d2c-1d7"
Last-Modified: Tue, 21 Feb 2023 06:08:34 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6w8-poiWtbTqf3QpwQeN5LpKdW90TagkASiJHKRsi3sSvn-H8eWRDQ==
Age: 3274
trk1.sptrx.com/r?kw=red+gucci+shirt&pub=570143&sid=7699
18.221.153.87302 Found 224 B URL HTTP/2 trk1.sptrx.com/r?kw=red+gucci+shirt&pub=570143&sid=7699
IP 18.221.153.87:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f87a82876d1a7d08ceddc20f39581824
d6e328a90931447c2b7146fad53137186e304e76
93952b42a9955556a4e8abcd1a9a4463ce09129097258213438acddd0b8808f5
GET /r?kw=red+gucci+shirt&pub=570143&sid=7699 HTTP/1.1
Host: trk1.sptrx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Feb 2023 07:03:08 GMT
content-type: text/html; charset=utf-8
content-length: 224
location: http://portal.ambt.co/_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143-
set-cookie: AWSALB=0NSH2orCVh7xv5lMdl5ARTdwB/G0qFdnUAi+d5NdRB8rGMiMj7zX/i8tEhWd+t/PDg/E+TPJeBwSZfl5gj8LXi5YTMZKORw8woR4BAX0kTFdvNQDW9WknLpxkVfT; Expires=Tue, 28 Feb 2023 07:03:08 GMT; Path=/
AWSALBCORS=0NSH2orCVh7xv5lMdl5ARTdwB/G0qFdnUAi+d5NdRB8rGMiMj7zX/i8tEhWd+t/PDg/E+TPJeBwSZfl5gj8LXi5YTMZKORw8woR4BAX0kTFdvNQDW9WknLpxkVfT; Expires=Tue, 28 Feb 2023 07:03:08 GMT; Path=/; SameSite=None; Secure
cache-control: private
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
portal.ambt.co/_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143-
192.241.228.85301 Moved Permanently 162 B URL HTTP/1.1 portal.ambt.co/_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143-
IP 192.241.228.85:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143- HTTP/1.1
Host: portal.ambt.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 21 Feb 2023 07:03:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://portal.ambt.co/_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143-
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdc88ae1ee9cf4ff37e801c8be5b22b1
bb8f4b394e6dddbd116fabd9c40a68b92afc8667
822cbfa0d36f4c74ca430bdcc3b8332836d585e72a213a7b4f2be3382750ed11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "822CBFA0D36F4C74CA430BDCC3B8332836D585E72A213A7B4F2BE3382750ED11"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1088
Expires: Tue, 21 Feb 2023 07:21:17 GMT
Date: Tue, 21 Feb 2023 07:03:09 GMT
Connection: keep-alive
cdn.airfind.com/genericportal/public/js/global.min.js?cb=115c7c1
151.139.128.10200 OK 61 kB URL HTTP/2 cdn.airfind.com/genericportal/public/js/global.min.js?cb=115c7c1
IP 151.139.128.10:0
File type ASCII text, with very long lines (65508)
Hash 3908ea343418ef836e0c235dd77365c7
0c5c27c33cfa8afdc4e330d2f30bb18eec244935
01a460d9ac59fb6a76e3dc123ac1696f150cbf3a76603083716840cb86857f96
GET /genericportal/public/js/global.min.js?cb=115c7c1 HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:10 GMT
content-encoding: gzip
content-length: 61449
content-type: text/javascript
last-modified: Fri, 29 Apr 2022 21:05:37 GMT
accept-ranges: bytes
server: Apache
etag: "2ed42-5ddd16778b9e3"
cache-control: max-age=1200
x-hw: 1676962990.cds244.sk1.hn,1676962990.cds245.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
portal.ambt.co/_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143-
192.241.229.243200 OK 8.7 kB URL HTTP/2 portal.ambt.co/_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143-
IP 192.241.229.243:0
ASN #14061 DIGITALOCEAN-ASN
Hash adf8a516b90f5362caee7dc917055b42
89ebc8b28a1d9100e07551819a6b6d21dd17f25f
c742b35e214a34b1c43a2c447a3c6fa9e0714f375eebd3879e6d5406b336c15b
GET /_search?q=red+gucci+shirt&variant=7&brand=US-SP-15-7699&clickid=pclx-143- HTTP/1.1
Host: portal.ambt.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
set-cookie: visitorId=cfea37f1-81a7-4d12-8fc9-a0db47022cb1; Max-Age=157680000; Path=/; Expires=Sun, 20 Feb 2028 07:03:10 GMT
connect.sid=s%3ArdGJj2xsFwESvmzhdpauDyGOZkHwmvOF.PN0NHoxIzL%2BunwqIeBQiUt37TH8SwYF6%2Fht5qoCtsRo; Path=/; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.airfind.com/genericportal/public/css/components/owl.carousel.css?cb=115c7c1
151.139.128.10200 OK 1.1 kB URL HTTP/2 cdn.airfind.com/genericportal/public/css/components/owl.carousel.css?cb=115c7c1
IP 151.139.128.10:0
Hash dc887e067a669f9059e73b66fdae3215
4caa59115808af2635666f58ef004aca3a564b3c
38f480c108ad3e943f45081262a1c8fc0dc14bce2c784a9ceb563f625c7ce3b8
GET /genericportal/public/css/components/owl.carousel.css?cb=115c7c1 HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:10 GMT
content-encoding: gzip
content-length: 1103
content-type: text/css
last-modified: Fri, 29 Apr 2022 21:05:37 GMT
accept-ranges: bytes
server: Apache
etag: "1206-5ddd167780e01"
cache-control: max-age=1200
x-hw: 1676962990.cds244.sk1.hn,1676962990.cds242.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.polygraph.net/pg.a.js
205.185.216.42200 OK 25 kB URL HTTP/2 cdn.polygraph.net/pg.a.js
IP 205.185.216.42:0
File type C source, Unicode text, UTF-8 text, with very long lines (24786)
Hash bd7d8b26379d6b7546304028497348b3
dedc3fe148780a7206f41e452ec7358f2289a999
f5ea403add7c12a8877769298fcbbe8017c737d0bd1305aab9cdb171bdfbc318
GET /pg.a.js HTTP/1.1
Host: cdn.polygraph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:10 GMT
cache-control: max-age=722
content-length: 24790
content-type: application/x-javascript
last-modified: Thu, 02 Feb 2023 08:40:05 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "bd7d8b26379d6b7546304028497348b3"
x-amz-request-id: tx000000000000017a27c25-0063f46170-285cf4e9-sgp1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1676962990.dop212.sk1.t,1676962990.cds226.sk1.hn,1676962990.cds259.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 791e968cee662a01bec431c498be07a0
5c71afdd7015734d07be2df1ad79e28ef1646ae2
6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 791e968cee662a01bec431c498be07a0
5c71afdd7015734d07be2df1ad79e28ef1646ae2
6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a27ee3b3c913f55d085b5f85d622e206
2dac3b909debcd683e1f917fc633e71fe2a8d68a
544a2538b1a316f1963a28b489103723a8977ffea4e2baf22d0095001ffdc1af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 813 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
Hash 7ae7e00597055930885c931f11b50261
7f7a4fd31c5c7347cf135998785ae1c004e2d255
ae6e84bb85468270ce5ed9ac05bcc71bda1ff92c271646d8319ed4884c5ce9f1
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Feb 2023 07:03:10 GMT
date: Tue, 21 Feb 2023 07:03:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 13:15:37 GMT
expires: Thu, 15 Feb 2024 13:15:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 496053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash eb6812b24009877ada00df19070fefe5
4968938416cd623d3bb66bfe9f9eae61d85e033e
7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.airfind.com/r/core.css?cb=fqm4rv2zlck
151.139.128.10200 OK 5.1 kB URL HTTP/2 cdn.airfind.com/r/core.css?cb=fqm4rv2zlck
IP 151.139.128.10:0
File type ASCII text, with very long lines (393)
Hash 30031cd05ab2919539b2d82fa342b27a
de557536dd5661e502939525fd73feb00d8d6177
1c1d7b8dc2734c59441ca8b982c65034dfdb5fa972057967adc88b9123bebe3b
GET /r/core.css?cb=fqm4rv2zlck HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:11 GMT
content-encoding: gzip
content-length: 5137
content-type: text/css
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "91f2-5f4ba9d65e150"
cache-control: max-age=604800
x-hw: 1676962990.cds244.sk1.hn,1676962990.cds003.sk1.sc,1676962991.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
portal.ambt.co/_search?variant=8&nocache=1&brand=US-SP-15-7699&q=red%20gucci%20shirt&clickid=pclx-143-
192.241.229.243200 OK 28 kB URL HTTP/2 portal.ambt.co/_search?variant=8&nocache=1&brand=US-SP-15-7699&q=red%20gucci%20shirt&clickid=pclx-143-
IP 192.241.229.243:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59656)
Hash a4a55b1aba332716a7877a85862fc34b
4280af43dee81349d51ddb7c5808aecce1f2bde9
e81a0ba23043d3cd96c0dd9f109ee9d04d3b72263920560b099a548b17235e7d
GET /_search?variant=8&nocache=1&brand=US-SP-15-7699&q=red%20gucci%20shirt&clickid=pclx-143- HTTP/1.1
Host: portal.ambt.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.ambt.co/
Connection: keep-alive
Cookie: visitorId=cfea37f1-81a7-4d12-8fc9-a0db47022cb1; connect.sid=s%3ArdGJj2xsFwESvmzhdpauDyGOZkHwmvOF.PN0NHoxIzL%2BunwqIeBQiUt37TH8SwYF6%2Fht5qoCtsRo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6b0592fad1bc205236da9833acc0b8d1
d5d6a0db30a31c7c20ca076b0ee0934d9fd61c08
44cf96f2b0457a26e12895c4da00ddcc655cdc48310ac2d6e53f81bba0032fd9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 07:03:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 18:06:07 GMT
Expires: Sat, 25 Feb 2023 18:06:06 GMT
Etag: "d5d6a0db30a31c7c20ca076b0ee0934d9fd61c08"
Cache-Control: max-age=384774,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79cd9ee74f5b0b31-OSL
api.airfind.com/stats/pageviews/v1?clientId=50203&brand=US-SP-15-7699&path=%2F_search
104.236.135.234200 OK 48 B URL HTTP/2 api.airfind.com/stats/pageviews/v1?clientId=50203&brand=US-SP-15-7699&path=%2F_search
IP 104.236.135.234:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 95139c580e5bbeaa9e234730b0ea3ebd
8f121e7f0a338d4191d0cb39be72444fd5b3490d
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
GET /stats/pageviews/v1?clientId=50203&brand=US-SP-15-7699&path=%2F_search HTTP/1.1
Host: api.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:11 GMT
content-type: image/gif
content-length: 48
set-cookie: visitorId=f23275cd-1739-47cc-9096-22c28e9bb5dc; Max-Age=157680000000; Path=/; Secure; SameSite=None
cache-control: private, no-cache, proxy-revalidate, max-age=0
content-disposition: inline
X-Firefox-Spdy: h2
cdn.airfind.com/genericportal/public/favicon.png
151.139.128.10200 OK 2.5 kB URL HTTP/2 cdn.airfind.com/genericportal/public/favicon.png
IP 151.139.128.10:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 403584870a2080b7e0bcb393dec1fbd5
1cc5bc1721f731322db6075660cc7e8c028b7c6d
b7545e0a5a05204848604bce58ded08c7c7b55251c507d8cab3ecc180487851a
GET /genericportal/public/favicon.png HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:11 GMT
content-length: 2465
content-type: image/png
last-modified: Fri, 29 Apr 2022 21:05:37 GMT
accept-ranges: bytes
server: Apache
etag: "9a1-5ddd167782d41"
cache-control: max-age=1200
x-hw: 1676962991.cds244.sk1.hn,1676962991.cds232.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/genericportal/public/favicon.ico
151.139.128.10200 OK 2.5 kB URL HTTP/2 cdn.airfind.com/genericportal/public/favicon.ico
IP 151.139.128.10:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 403584870a2080b7e0bcb393dec1fbd5
1cc5bc1721f731322db6075660cc7e8c028b7c6d
b7545e0a5a05204848604bce58ded08c7c7b55251c507d8cab3ecc180487851a
GET /genericportal/public/favicon.ico HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:11 GMT
content-length: 2465
content-type: image/vnd.microsoft.icon
last-modified: Fri, 29 Apr 2022 21:05:37 GMT
accept-ranges: bytes
server: Apache
etag: "9a1-5ddd167782d41"
cache-control: max-age=1200
x-hw: 1676962991.cds244.sk1.hn,1676962991.cds214.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 407d753a19cf29f7e27cbabf2541ca22
fe7158003086e2aeef7a0260d3d3ec1146c75279
01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.airfind.com/r/vendors~core.js?cb=fqm4rv2zlck
151.139.128.10200 OK 104 kB URL HTTP/2 cdn.airfind.com/r/vendors~core.js?cb=fqm4rv2zlck
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 104 kB (104010 bytes)
Hash 5a705e2f8d6efc6e52c15d6ae1c89c0d
0704a1b885833dfca9cfee23bd567aabb6849821
c539e71d0c6dc1224b75be0179a4c41cef4f58b9755a071914eaa38a42ded163
GET /r/vendors~core.js?cb=fqm4rv2zlck HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:11 GMT
accept-ranges: bytes
content-encoding: gzip
content-type: text/javascript
x-hw: 1676962990.cds244.sk1.hn,1676962990.cds016.sk1.sc,1676962991.cds016.sk1.sc,1676962991.cds016.sk1.p
server: Apache
etag: "41231-5f4ba9d665e51"
cache-control: max-age=604800
vary: Accept-Encoding
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1220d9d6733318ae674586f676332459
b684de95a3d5e61448ee8e8b474123117364e53a
aba752f7fb03bb390d3a41f2d83bdbb400716ad984f636a771c147e81d7691c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.1.0.min.js
152.199.19.160200 OK 39 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.1.0.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32014)
Hash 495f8b16580e6e6a30bea3e1e6ce7eae
7b6142199880fdd4764fa82f4c97aaffdff9d76d
d31520f3aeb1152e16990ad84958b38b09c08bc15d5acb8cfec71bea26b8c2c9
GET /ajax/jQuery/jquery-3.1.0.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 18757147
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 21 Feb 2023 07:03:11 GMT
etag: "a04ffffcc33d21:0"
last-modified: Mon, 31 Oct 2016 23:11:08 GMT
server: ECAcc (ska/F6AB)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 38649
X-Firefox-Spdy: h2
h6.msn.com/bingna/lib/aria-webjs-compact-sdk/aria-webjs-compact-sdk-1.2.1.min.js
23.38.200.21200 OK 4.8 kB URL HTTP/1.1 h6.msn.com/bingna/lib/aria-webjs-compact-sdk/aria-webjs-compact-sdk-1.2.1.min.js
IP 23.38.200.21:0
File type ASCII text, with very long lines (15780), with no line terminators
Hash c560f282f5af653e0004f89a7ba00071
244b53d228fd11f604267492d11d987763ad098a
4876de06e21b75718aa47b3db107f03cd1844acba1f284c098f3242b07aad143
GET /bingna/lib/aria-webjs-compact-sdk/aria-webjs-compact-sdk-1.2.1.min.js HTTP/1.1
Host: h6.msn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-MD5: CS9zzcLon7hn7JZMenV37Q==
Last-Modified: Wed, 07 Nov 2018 22:28:46 GMT
ETag: 0x8D6450061D8A4D4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 23c3b67b-601e-003d-2d6e-77c6bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4823
Date: Tue, 21 Feb 2023 07:03:12 GMT
Connection: keep-alive
api.airfind.com/content/v2?clientId=50203&variant=8&affiliateId=US-SP-15-7699&userID=cfea37f1-81a7-4d12-8fc9-a0db47022cb1
104.236.135.234200 OK 29 kB URL HTTP/2 api.airfind.com/content/v2?clientId=50203&variant=8&affiliateId=US-SP-15-7699&userID=cfea37f1-81a7-4d12-8fc9-a0db47022cb1
IP 104.236.135.234:0
ASN #14061 DIGITALOCEAN-ASN
Hash 49758d3318322044670c87092b9556b4
08ab580245bd4538126f523a0fa2da1fe0e399a9
dfdf20aaaf600d3b3779bb55ab824e328e7adbd64337e70906f97f5cff212531
GET /content/v2?clientId=50203&variant=8&affiliateId=US-SP-15-7699&userID=cfea37f1-81a7-4d12-8fc9-a0db47022cb1 HTTP/1.1
Host: api.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://portal.ambt.co
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/footer.css?cb=04340692e037b3f00ffa
151.139.128.10200 OK 402 B URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/footer.css?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
Hash 545dd369f463ef4e95f6aee2287cddd8
79875cde0f4621802350af9405cc7a80531b8a83
6febc49060c258c4a2d52e2fd5dcfc758376f009f0093972eae996593de887f2
GET /rarch/161/archive/build/footer.css?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 402
content-type: text/css
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "3d3-5f4ba9d65f0f0"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds222.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/footer.js?cb=04340692e037b3f00ffa
151.139.128.10200 OK 673 B URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/footer.js?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type ASCII text, with very long lines (1282)
Hash 8035cf1049ee2fdf1214aa6a5a61fcb8
fa53fa12abe524c81bfec7b65b8240ec1bff9348
7aeb153b2e4e0f52d3e13af83efabbb3db8a49128ca3ce3703aa6fa451913d76
GET /rarch/161/archive/build/footer.js?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 673
content-type: text/javascript
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "53d-5f4ba9d65f0f0"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds256.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/news.css?cb=04340692e037b3f00ffa
151.139.128.10200 OK 1.1 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/news.css?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
Hash 798aa94075a8ffa583a0dda82bc42d2c
1120d8dfe0d842ba68c361b71a8914142c5f922f
d7300def7c28ff2b56915c9b2b61bfe5e4683010e32e3ad72e9c745acbb495d7
GET /rarch/161/archive/build/news.css?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 1118
content-type: text/css
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "1702-5f4ba9d65e150"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds250.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/search.css?cb=04340692e037b3f00ffa
151.139.128.10200 OK 2.9 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/search.css?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type ASCII text, with very long lines (1014)
Hash a6de14537ddc36e345df9db6158f1cb0
f921b3fc944fd562439b1026f742164de2b8469d
1587478b663b3c3f44db65be275aadb92079bd93b66355ce7f1f024d22e1e12b
GET /rarch/161/archive/build/search.css?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 2883
content-type: text/css
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "3490-5f4ba9d660090"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/news.js?cb=04340692e037b3f00ffa
151.139.128.10200 OK 6.3 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/news.js?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type ASCII text, with very long lines (19329)
Hash 7d50e04082ea253ef8c09aa5257f3291
d7073f612065f7295ddda638da3675b2f0acc4e7
1bd429641c8a9efd704d3c05f164f2fe035551325d4ca2fd5f9fc8c93e972ce7
GET /rarch/161/archive/build/news.js?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 6289
content-type: text/javascript
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "4bba-5f4ba9d65e150"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds071.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/search.js?cb=04340692e037b3f00ffa
151.139.128.10200 OK 11 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/search.js?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36375)
Hash 43fd1577bc3d7b447a1475d8c99ba4ba
a070e75c561ecab2de49f01d6a4380654f3c7ea5
b4f961a187fe540e1984d172a759942b0ec4461bdd51423fde575336e1b23599
GET /rarch/161/archive/build/search.js?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 11404
content-type: text/javascript
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "8e52-5f4ba9d665e51"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds220.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 07:51:59 GMT
expires: Thu, 15 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 515473
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.airfind.com/ext/50012/1627665338105-search-logo.png
151.139.128.10200 OK 20 kB URL HTTP/2 cdn.airfind.com/ext/50012/1627665338105-search-logo.png
IP 151.139.128.10:0
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash d8c0c23899ca699f0c8d6784c65f6e91
cc0c000ffe8df54bfca450da0280c9bb143b0c5c
21af6a24312d174b0536ac91dd297ca9847ca9fc506a78717ed7b82b1ff59b3d
GET /ext/50012/1627665338105-search-logo.png HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-length: 19813
content-type: image/png
last-modified: Fri, 30 Jul 2021 17:15:38 GMT
accept-ranges: bytes
server: Apache
etag: "4d65-5c85a5e4aa015"
cache-control: max-age=2592000
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
142.250.74.35200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 02:35:53 GMT
expires: Wed, 21 Feb 2024 02:35:53 GMT
cache-control: public, max-age=31536000
age: 16039
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Feb 2023 13:09:06 GMT
expires: Wed, 14 Feb 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 582846
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.airfind.com/genericportal/public/img/
151.139.128.10403 Forbidden 240 B URL HTTP/2 cdn.airfind.com/genericportal/public/img/
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a252de2c847e61a900453a39cad0d428
7a884c01dced794704a61f7ee2f820fa5f44a5a0
59944b614a16b09c410f63b18c52a99f0c84b5530dcf27caf160870d40cc4c0d
GET /genericportal/public/img/ HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Tue, 21 Feb 2023 07:03:12 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 240
content-type: text/html; charset=iso-8859-1
server: Apache
vary: Accept-Encoding
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds001.sk1.sc,1676962992.cds001.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/genericportal/public/img/search.png
151.139.128.10200 OK 820 B URL HTTP/2 cdn.airfind.com/genericportal/public/img/search.png
IP 151.139.128.10:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 2029c5f9c2a3aac2aa5783a5d9248c8a
50cbaaa23a28bb63c53634e1ab0d6e0bc73f3d7b
0557071780796f539e06f29218bed7567d0805770e64bb0db0ecc1a79ce96559
GET /genericportal/public/img/search.png HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-length: 820
content-type: image/png
last-modified: Fri, 29 Apr 2022 21:05:37 GMT
accept-ranges: bytes
server: Apache
etag: "334-5ddd167786bc2"
cache-control: max-age=1200
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds251.sk1.sc,1676962992.cds251.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/tag/js/gpt.js
216.58.207.194200 OK 26 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (39897)
Hash 627b03043822b7cda002d7ece5e9cdf8
fd94dd6d2179fbb2b9e93ff51a299b58717eec7f
c5e9fa2ac7e50fab63424a834d76f9ae4fb31fdd45b139a0c5a3bd6edca99619
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 26546
date: Tue, 21 Feb 2023 07:03:12 GMT
expires: Tue, 21 Feb 2023 07:03:12 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1489 / 887 of 1000 / last-modified: 1676675148"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.airfind.com/rarch/161/archive/build/custom.css?cb=04340692e037b3f00ffa
151.139.128.10200 OK 2.6 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/custom.css?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type ASCII text, with CRLF, LF line terminators
Hash d722088da4d3c92168eb78a73efea089
43d57ff38cd910f510a3b301febddba8d2b08817
256e02bd41386d5df07c0d7370df18f5215f004755f64e3404fb0b22f29e0278
GET /rarch/161/archive/build/custom.css?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 2648
content-type: text/css
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "3452-5f4ba9d65e150"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds065.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/vendors~custom.js?cb=04340692e037b3f00ffa
151.139.128.10200 OK 139 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/vendors~custom.js?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (57183)
Size 139 kB (138969 bytes)
Hash 02db5eed9930292271311508394e6558
5e4af6eb8294a5eb822a8b478750a6d8def9f9c6
5e5884da152dcad6cb4ffb9f5b59da789de8d0946c1b4a14dd88e18ed6e4f22d
GET /rarch/161/archive/build/vendors~custom.js?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 138969
content-type: text/javascript
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "12abc2-5f4ba9d665e51"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds232.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.airfind.com/rarch/161/archive/build/custom.js?cb=04340692e037b3f00ffa
151.139.128.10200 OK 14 kB URL HTTP/2 cdn.airfind.com/rarch/161/archive/build/custom.js?cb=04340692e037b3f00ffa
IP 151.139.128.10:0
File type ASCII text, with very long lines (52262)
Hash 11b55e378a84a1cd0b372c7045f9f2d1
c2db25afed9f3d6fe47adb160145bb82461703e1
85a173c7d6aed0fb32ab4a7af818ea9dc99eec07630f3816e2ba7e84c9c73c5a
GET /rarch/161/archive/build/custom.js?cb=04340692e037b3f00ffa HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:12 GMT
content-encoding: gzip
content-length: 13790
content-type: text/javascript
last-modified: Wed, 15 Feb 2023 10:33:45 GMT
accept-ranges: bytes
server: Apache
etag: "cc61-5f4ba9d65e150"
cache-control: max-age=604800
x-hw: 1676962992.cds244.sk1.hn,1676962992.cds246.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portal.ambt.co
142.250.74.130200 OK 39 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portal.ambt.co
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 00c18ab6c15adbc22699e51a198365cc
aff8a8b2445fb0e3343b8205fbbea6e550094c6c
e1118846874873755680ebb51d573f4fde4535b8c58fdd5315c822029df22cad
GET /pagead/ppub_config?ippd=portal.ambt.co HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Tue, 21 Feb 2023 07:03:12 GMT
expires: Tue, 21 Feb 2023 07:03:12 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 39
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Feb-2023 07:18:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bingapis.com/api/ping/pageload?IG=4A48EFAC21DB471CB0B7E6A726723D00&CID=F9DF0D9ABE26DC3045AC0844ED2F80DA&Type=Event.CPT&DATA=0
13.107.5.80200 OK 0 B URL HTTP/2 www.bingapis.com/api/ping/pageload?IG=4A48EFAC21DB471CB0B7E6A726723D00&CID=F9DF0D9ABE26DC3045AC0844ED2F80DA&Type=Event.CPT&DATA=0
IP 13.107.5.80:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/ping/pageload?IG=4A48EFAC21DB471CB0B7E6A726723D00&CID=F9DF0D9ABE26DC3045AC0844ED2F80DA&Type=Event.CPT&DATA=0 HTTP/1.1
Host: www.bingapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C4E69BED2ABB408B8CF30C0F46863DDE Ref B: SVG20EDGE0411 Ref C: 2023-02-21T07:03:13Z
date: Tue, 21 Feb 2023 07:03:12 GMT
content-length: 0
X-Firefox-Spdy: h2
api.airfind.com/bq/d2SFillRate/v1
104.236.135.234200 OK 0 B URL HTTP/2 api.airfind.com/bq/d2SFillRate/v1
IP 104.236.135.234:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bq/d2SFillRate/v1 HTTP/1.1
Host: api.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://portal.ambt.co/
Origin: https://portal.ambt.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:13 GMT
content-length: 0
set-cookie: visitorId=2819da59-27a1-4c1d-95f1-354c7bce7011; Max-Age=157680000000; Path=/; SameSite=None
access-control-allow-origin: https://portal.ambt.co
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
X-Firefox-Spdy: h2
noxsearch.com/?pub=2006&adv=200&sub=9021&q=red%20gucci%20shirt
172.67.174.232200 OK 0 B URL HTTP/2 noxsearch.com/?pub=2006&adv=200&sub=9021&q=red%20gucci%20shirt
IP 172.67.174.232:0
GET /?pub=2006&adv=200&sub=9021&q=red%20gucci%20shirt HTTP/1.1
Host: noxsearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:06 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 21 Feb 2023 07:08:06 GMT
pragma: cache
cache-control: public, max-age=300
x-frame-options: SAMEORIGIN
set-cookie: __uid=5b5a2a9a-63f46caa-36bb-abbf0197; expires=Sun, 20-Feb-2028 07:03:06 GMT; Max-Age=157680000; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gX0%2Bjb6C2H%2BVWBmxo%2F%2BmrYT9%2FrnmSZLpwiUDtY3mm%2Bl7aTlN4COoXr7zyP2Jw1aVZYwYVBAHdlnXXSTZqa%2BhpOUcf%2BjWSiGALwCDUZi8bjqQustmQknOmqx07mrA6y6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79cd9ec6c901b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
search-mixer.com/?pubid=30162&tid=1054&sid=1000&q=red+gucci+shirt
188.114.96.1200 OK 0 B URL HTTP/2 search-mixer.com/?pubid=30162&tid=1054&sid=1000&q=red+gucci+shirt
IP 188.114.96.1:0
GET /?pubid=30162&tid=1054&sid=1000&q=red+gucci+shirt HTTP/1.1
Host: search-mixer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:06 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 21 Feb 2023 07:08:06 GMT
pragma: cache
cache-control: public, max-age=300
x-frame-options: SAMEORIGIN
set-cookie: __uid=0001-5b5a2a9a9edefb-63f46caa-9eb5-b5e9df95; expires=Sun, 20-Feb-2028 07:03:06 GMT; Max-Age=157680000; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDcHrkjgR0DRu5NAFLPNSVeHXtM6Su0K6dIAlDLjusk7b%2BryE68rMOu35z4nqsxTWwkFTidWWDHQ98FkTzxCxZrevgAYLW7sCpsn7eb0%2FWsiZZ9UjA7ddhI1T12EYXBBzFdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79cd9ec95c28b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.securesear.ch/?gid=8b4bFVHWv_823&q=red%20gucci%20shirt
185.76.9.17200 OK 0 B URL HTTP/2 www.securesear.ch/?gid=8b4bFVHWv_823&q=red%20gucci%20shirt
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /?gid=8b4bFVHWv_823&q=red%20gucci%20shirt HTTP/1.1
Host: www.securesear.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 07:03:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=180, public
access-control-allow-origin: *
etag: W/"a78cfe1cfde432c08ecefe7959cd411d"
x-request-id: 05047846-4702-43eb-a087-600b7d22fde5
x-runtime: 0.005497
vary: Accept-Encoding, Origin
via: 1.1 vegur
x-accel-expires: @1676963157
server: CDN77-Turbo
x-77-nzt: AblMCQ3TW4X/CgAAAA
x-77-nzt-ray: c0a4cc28595406b7ab6cf463b6568820
x-cache: HIT
x-age: 10
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
api.airfind.com/search/v1?clientId=50203&brand=US-SP-15-7699&affiliateId=US-SP-15-7699&provider=&source=&variant=8&repClientId=50203&trafficType=false&serpStyle=10&mainline=6&serpLayoutVariant=8&jsonAdTag=true&search_term=red%20gucci%20shirt&userID=a3dbef6aa39679dbbec4cd33ae5b1d81
104.236.135.234200 OK 0 B URL HTTP/2 api.airfind.com/search/v1?clientId=50203&brand=US-SP-15-7699&affiliateId=US-SP-15-7699&provider=&source=&variant=8&repClientId=50203&trafficType=false&serpStyle=10&mainline=6&serpLayoutVariant=8&jsonAdTag=true&search_term=red%20gucci%20shirt&userID=a3dbef6aa39679dbbec4cd33ae5b1d81
IP 104.236.135.234:0
ASN #14061 DIGITALOCEAN-ASN
GET /search/v1?clientId=50203&brand=US-SP-15-7699&affiliateId=US-SP-15-7699&provider=&source=&variant=8&repClientId=50203&trafficType=false&serpStyle=10&mainline=6&serpLayoutVariant=8&jsonAdTag=true&search_term=red%20gucci%20shirt&userID=a3dbef6aa39679dbbec4cd33ae5b1d81 HTTP/1.1
Host: api.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portal.ambt.co
Connection: keep-alive
Referer: https://portal.ambt.co/
Cookie: visitorId=f23275cd-1739-47cc-9096-22c28e9bb5dc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://portal.ambt.co
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,500,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700
IP 142.250.74.106:0
GET /css?family=Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Feb 2023 07:03:10 GMT
date: Tue, 21 Feb 2023 07:03:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.airfind.com/bq/d2SFillRate/v1
104.236.135.234200 OK 0 B URL HTTP/2 api.airfind.com/bq/d2SFillRate/v1
IP 104.236.135.234:0
ASN #14061 DIGITALOCEAN-ASN
POST /bq/d2SFillRate/v1 HTTP/1.1
Host: api.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://portal.ambt.co
Content-Length: 574
Connection: keep-alive
Referer: https://portal.ambt.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 07:03:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
set-cookie: visitorId=3defc2de-4f89-4fc4-bcba-37d0bcf9bad8; Max-Age=157680000000; Path=/; SameSite=None
access-control-allow-origin: https://portal.ambt.co
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2