naadam.co/
23.227.38.65301 Moved Permanently 84 B IP 23.227.38.65:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash be75dc4adbf4ee46a95cca23c76c74a0
4fff4feee46997f0ce7cca66fde2dea5bb5394bf
c42e4f818db957a0683cbffc7b6378e68ff231f0f05c3a27269f63e8340b0316
GET / HTTP/1.1
Host: naadam.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 08:22:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 95
X-Sorting-Hat-ShopId: 3137821
X-Storefront-Renderer-Rendered: 1
Location: https://naadam.co/
X-Redirect-Reason: https_required
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
X-ShopId: 3137821
X-ShardId: 95
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-europe-north1,europe-west1,gcp-europe-west1
X-Request-ID: 21c1e524-aac5-4570-8d4e-511301e4b575
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5cG6HsoyuSFQxY%2BpUN4h77sGvCuua3IQHFRXDwlOCux3onEbALwkQpDQclne0DE7cEylpHDP7xgmQM0mBM8kFekczD3ttfOOIqwcPRZ10QjADhzcq1%2F71k14Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: processing;dur=28, db;dur=15, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=183.000088
Server: cloudflare
CF-RAY: 76f0bbff691b0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12644
Expires: Thu, 24 Nov 2022 11:52:45 GMT
Date: Thu, 24 Nov 2022 08:22:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15033
Expires: Thu, 24 Nov 2022 12:32:34 GMT
Date: Thu, 24 Nov 2022 08:22:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6373
Cache-Control: max-age=100528
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:01 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:17:29 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: urwf+ktKVPsw38jo6IcCysNXc7aHCeY4Q2Ju51QlAPH9aHyXVOhgyBK3AObaafEZe7c4g+/bT+8=
x-amz-request-id: YQCQ93Y6M4NNGRX7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 07:40:19 GMT
age: 2502
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 08:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 183
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 08:22:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1309f71361a6cd89147ddf289f60939f
e4b860f9817129855d1771ee6c3951594e186171
07467e4df24f7af00dd7fc45322d34927ca61dbd28a35d4b11dd7436fdec28d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07467E4DF24F7AF00DD7FC45322D34927CA61DBD28A35D4B11DD7436FDEC28D5"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Thu, 24 Nov 2022 12:21:57 GMT
Date: Thu, 24 Nov 2022 08:22:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 08:11:11 GMT
cache-control: public,max-age=3600
age: 650
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4558
Cache-Control: max-age=93650
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:01 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:22:51 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yo0CiBqhz3hy0ToIOpeD0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ekWu5vh0fvc6gbMD30BiBaZ7WHU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1309f71361a6cd89147ddf289f60939f
e4b860f9817129855d1771ee6c3951594e186171
07467e4df24f7af00dd7fc45322d34927ca61dbd28a35d4b11dd7436fdec28d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07467E4DF24F7AF00DD7FC45322D34927CA61DBD28A35D4B11DD7436FDEC28D5"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14394
Expires: Thu, 24 Nov 2022 12:21:57 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 24 Nov 2022 10:04:47 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 24 Nov 2022 10:04:47 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Rubik-VariableFont.woff2?v=115677594179195822431657816883
162.159.135.68200 OK 77 kB URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Rubik-VariableFont.woff2?v=115677594179195822431657816883
IP 162.159.135.68:0
File type Web Open Font Format (Version 2), TrueType, length 76868, version 1.0\012- data
Hash 9c68c59f1417b48c98813086147b88da
cee8058322ec4f94d7778b3714d7a48324e4304d
db82ea6d8b5cd9fbca37666ef84bf695255c20b3add8506a549e69fafd580558
GET /s/files/1/0313/7821/t/621/assets/Rubik-VariableFont.woff2?v=115677594179195822431657816883 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: font/woff2
content-length: 76868
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Rubik-VariableFont.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 7decd7ea-89e7-4cd2-87ed-84bcd5846351
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Thu, 25 Aug 2022 22:51:47 GMT
cf-cache-status: HIT
age: 7780248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrQY7sxR%2FDbw6Bq0o6cMbzudlpaHWlhVwirKNAdDjqj8qGt4md54PvV4EWEodZRz0LQgQiIOffAMsybR58RVutbpaSEBtR0Whv560qmv3LiVWB9NMqGJROZMMb%2BUkIRsCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=35.437, imageryFetch;dur=35.167, cfRequestDuration;dur=102.999926
server: cloudflare
cf-ray: 76f0bc0e0c8db51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 24 Nov 2022 10:04:47 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Rubik-Italic-VariableFont.woff2?v=146500727806452666451657816882
162.159.135.68200 OK 81 kB URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Rubik-Italic-VariableFont.woff2?v=146500727806452666451657816882
IP 162.159.135.68:0
File type Web Open Font Format (Version 2), TrueType, length 80980, version 1.0\012- data
Hash 596532a5f7bf36e8cc215344313bf1c1
1ef0c02b513f7fb7855637ed229c553c3998d734
1926983f1c60559acf5e6f08e41c7764e81efa9faa62f5704f7ee1a48da8e0f0
GET /s/files/1/0313/7821/t/621/assets/Rubik-Italic-VariableFont.woff2?v=146500727806452666451657816882 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: font/woff2
content-length: 80980
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Rubik-Italic-VariableFont.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 46632b7e-f724-4b20-a17f-1896f2676af6
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Thu, 03 Nov 2022 05:22:39 GMT
cf-cache-status: HIT
age: 651018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12KFZn2lSESyeWnH%2BE%2F7mNcbMVR0%2B07ZjsWKa41bVgcKokqD7hZB9GC2z8WS8nxK%2FBmy6Wkf6xH%2F%2FyUvKURQJ0%2BJK0s63CeqW12jvBlap%2F1skMaiA1G0m%2BbT4j2kCR6mnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=46.150, imageryFetch;dur=45.877, cfRequestDuration;dur=9.000063
server: cloudflare
cf-ray: 76f0bc0e3cdbb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=MWkxed
151.101.86.133200 OK 1.0 kB URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=MWkxed
IP 151.101.86.133:0
File type ASCII text, with very long lines (2904)
Hash f32382436658637c2d4a8bb86164b599
673f485bea9a13ff8294fb6dc854a1d04edc71ad
0e0e1a79792d6a812aefac370c666c316ceceba78f5adff807097fa2022a172e
GET /onsite/js/klaviyo.js?company_id=MWkxed HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, OPTIONS
cache-control: max-age=1, stale-while-revalidate=10800
content-encoding: gzip
content-type: application/javascript
etag: W/"5d9b1f8da14764bd8bf81423d8a8a98d"
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40749
x-served-by: cache-lga21930-LGA, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1669278123.244444,VS0,VE1
vary: Accept-Encoding
content-length: 1034
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 24 Nov 2022 10:04:47 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 24 Nov 2022 10:04:47 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 298f6f027434581a9c93f97b90c7cfe1
80dc738070e4abb1303cf0a406537eb1c34b7d78
29c10d9b434354dfc91c2a9faac73b16245708c06d95ff17af8a7469fbf9b52b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3667
Cache-Control: max-age=113645
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Etag: "637e3445-118"
Expires: Fri, 25 Nov 2022 15:56:08 GMT
Last-Modified: Wed, 23 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 24 Nov 2022 10:04:47 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Dare.woff?v=12433199992497207261648054929
162.159.135.68200 OK 9.3 kB URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Dare.woff?v=12433199992497207261648054929
IP 162.159.135.68:0
File type Web Open Font Format (Version 2), TrueType, length 9300, version 1.0\012- data
Hash 0d8bf43f85baa5aa026418175b1f11b2
ef6019c2d00050c3c39b4bb6ae7c4e1a6c7b1548
60d8c7d375fcfb33defcbcbfa784d3ec8d8a53587324bddb27cfa5e2be6097e1
GET /s/files/1/0313/7821/t/621/assets/Dare.woff?v=12433199992497207261648054929 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: font/woff2
content-length: 9300
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Dare.woff>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c1ce1f59-c54a-41ac-b41c-42326dd59f2b
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Thu, 03 Nov 2022 05:22:39 GMT
cf-cache-status: HIT
age: 1047538
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ACAanYDndImzqEurmBILAmyME9R4TqwSAsq26qQoBSWK%2F4d2YvedcN2MU3C9ih1DjaBIvfkZQiyNxhZ99dxMDA%2FII6qn7jd2XO1%2BG1rNfMHq1tH4ghSjRhEVohJT5U7Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=143.836, imageryFetch;dur=77.866, imageryProcess;dur=65.707;desc="font", cfRequestDuration;dur=12.999773
server: cloudflare
cf-ray: 76f0bc0e8d59b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Dare.woff2?v=63128786311295456981648054929
162.159.135.68200 OK 9.3 kB URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Dare.woff2?v=63128786311295456981648054929
IP 162.159.135.68:0
File type Web Open Font Format (Version 2), TrueType, length 9324, version 1.0\012- data
Hash 60726cdd283cb478729b70716493e5fc
7ea61bfcc4e9f5bc5d08b2cee70c8db5c7a1c833
381647fde72eeae405aa54975ae16b7fbe12fbd7205d76d01ca8bdf15e9a7b8d
GET /s/files/1/0313/7821/t/621/assets/Dare.woff2?v=63128786311295456981648054929 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: font/woff2
content-length: 9324
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/Dare.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 3b76a8dc-d11a-4029-a981-184c7d0b6838
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 04:38:21 GMT
cf-cache-status: HIT
age: 1120750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIGvax8M%2BjRHxUMZyU%2F5R9%2Fdpqvd4BW8nASFLHwfuLXAZT2my9g9BDvlek85QVegWAxLxlvg7LRikuYR4pY0d%2FnnQaiEx88L6AoiTMchd0PYGsQhG8VuapoK%2Bl%2FGVFnauw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=51.301, imageryFetch;dur=51.087, cfRequestDuration;dur=12.000084
server: cloudflare
cf-ray: 76f0bc0e8d5cb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
216.58.207.234200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 11:24:15 GMT
expires: Tue, 21 Nov 2023 11:24:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 248268
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.zest.co/zest-components/p-2cbe4870.js
76.76.21.123200 OK 2.9 kB URL HTTP/2 app.zest.co/zest-components/p-2cbe4870.js
IP 76.76.21.123:0
File type ASCII text, with very long lines (6866), with no line terminators
Hash f7df0fd5e57f7d8395179f6caeced733
ff953b0440ca8a3db17826b6128d7c9b1b8c3630
1d84bed4e0c4cfb9712edb1e53be19d63589205124460aa435d093e2d79b660e
GET /zest-components/p-2cbe4870.js HTTP/1.1
Host: app.zest.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://app.zest.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Cache-Control
access-control-allow-methods: GET
access-control-allow-origin: *
age: 24735
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="p-2cbe4870.js"
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
content-type: application/javascript; charset=utf-8
date: Thu, 24 Nov 2022 08:22:03 GMT
etag: W/"490b46a0a0aeb261d69c8db0470c6df4"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-matched-path: /zest-components/p-2cbe4870.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::cxcp8-1669278123335-6752f15daeeb
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 19 kB IP 93.184.220.29:0
File type SBX archive data\012- data
Hash 84ddba21e70df753a56f53ba695b4c00
075c4c9859367ba94deb83b5a29ac67ad9790ec1
61d1d8971d990787b083dc1d139a1478b3bd44ecbc411e8a09c63ab9f3f6052f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5237
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Last-Modified: Thu, 24 Nov 2022 06:54:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
r3.o.lencr.org/
23.36.76.226200 OK 19 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c004e3da04b5fd8985ff40f60b2d8a2b
e3d2525614b7577f41bbe3d6ae87e708d56ba5a2
536054098d8f78ae116c9ece8372bef9a4210e6cedfa582272b7ec51ed6a5931
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18469
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
unpkg.com/@loophq/onstore-sdk@1.0.13/dist/loop-onstore-sdk.js
104.16.122.175200 OK 29 kB URL HTTP/2 unpkg.com/@loophq/onstore-sdk@1.0.13/dist/loop-onstore-sdk.js
IP 104.16.122.175:0
File type Unicode text, UTF-8 text, with very long lines (49309), with no line terminators
Hash a382ff80835902c65a8e20458013fced
292b2f71eb75019950587fb75aea12c19830b77b
878bd64f801874533e6e635c5e02d112dde187c597b39cfa18e10449d6530198
GET /@loophq/onstore-sdk@1.0.13/dist/loop-onstore-sdk.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"c0a2-wGu7irw6hXH09Y+1j9aFoHIPEu0"
via: 1.1 fly.io
fly-request-id: 01GJ0HAE8QAZ0V060HWZMF8VSQ-ams
cf-cache-status: HIT
age: 665159
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f0bc0edd251bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18469
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18469
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 3.5 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c01a07cc7b611eb0c5fb370f75bc9193
a0a0fc3ec662bbd90bc4cb566298ec68ad0182bf
0d34fed34f7a6dddc7665dce3050ccad2b7cf6c3542a9c7a20cc5d31f7885d9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18469
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 08:22:03 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/accessibility-icon.svg?v=165714177793172853471639069966
162.159.135.68200 OK 9.8 kB URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/accessibility-icon.svg?v=165714177793172853471639069966
IP 162.159.135.68:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1328d0d0e526f7cc1191fe39dd471350
26d15277434ac6a864f36524c0216391708d18b1
2c9365528856af6f25da06f79fe063d13ed6e71be58c42bdb7eadc8fa90f4360
GET /s/files/1/0313/7821/t/621/assets/accessibility-icon.svg?v=165714177793172853471639069966 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: image/svg+xml
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/accessibility-icon.svg>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: bbf480a9-4fbb-4e95-aa10-dc578a514e3b
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 05:13:23 GMT
cf-cache-status: HIT
age: 81995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsTR6zZDmVfp5eQnmcy2w4zq7q6w3SpQDI%2BO6%2FeTTAbePuc1usm2erALTyaUkhAZzS2%2BKx7AFiFMFUMSsqosVOu8dYxV2Pxqronpssdz2w4z2Hzzy3%2FC0vYw4E0taqjg7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=45.071, imageryFetch;dur=43.171, imageryProcess;dur=0.086;desc="image", cfRequestDuration;dur=12.999773
server: cloudflare
cf-ray: 76f0bc0e1bd71c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.zest.co/zest-components/zest-components.esm.js
76.76.21.123200 OK 6.1 kB URL HTTP/2 app.zest.co/zest-components/zest-components.esm.js
IP 76.76.21.123:0
File type ASCII text, with very long lines (1409), with no line terminators
Hash 65f83592e42da44727f3cbe74a5241a7
05955f7e99f066932e00edaa3873f803541b23b3
b51f32515634891bfdb44a34d5cf1623894f54a9e93e827c90c4121f4baa07b7
GET /zest-components/zest-components.esm.js HTTP/1.1
Host: app.zest.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Cache-Control
access-control-allow-methods: GET
access-control-allow-origin: *
age: 18611
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="zest-components.esm.js"
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
content-type: application/javascript; charset=utf-8
date: Thu, 24 Nov 2022 08:22:03 GMT
etag: W/"566535ab2a3d58d8f5d2feadc861681c"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-matched-path: /zest-components/zest-components.esm.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::s2p2d-1669278123310-ec63115db360
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 37976
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd3f1be747f6b2f1c35afb01db67b792
a4373037b8b379939b1b099c3ef63f8792e67579
fdbd778a505e1928e9b5296b6150763c2dca9876ec0ef8f772e73ca386ab74d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8441
x-amzn-requestid: c050c897-c6d4-44ef-93c2-cfbf32cd8bff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClG-AoAMFwxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-039834877c2b792b5feb6819;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H31vJjvBF3eWF37DqfsaL-KxOnEHJS1JSmehtTYPhzjZjj-PIhm9pQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 38214
etag: "a4373037b8b379939b1b099c3ef63f8792e67579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.zest.co/zest-components/p-aa50eb31.js
76.76.21.123200 OK 14 kB URL HTTP/2 app.zest.co/zest-components/p-aa50eb31.js
IP 76.76.21.123:0
File type ASCII text, with very long lines (16100), with no line terminators
Hash f92a28d6636367612a772ebf7dc700c5
40734f43833a54bce7c9395a142be29fbae7e6aa
09385974b9846b653ddf13de81631e3c20cc17b672764a9b505eefca2e634901
GET /zest-components/p-aa50eb31.js HTTP/1.1
Host: app.zest.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://app.zest.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Cache-Control
access-control-allow-methods: GET
access-control-allow-origin: *
age: 24735
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="p-aa50eb31.js"
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
content-type: application/javascript; charset=utf-8
date: Thu, 24 Nov 2022 08:22:03 GMT
etag: W/"7dee368c9b45b27cf4ee6cd077f694fd"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-matched-path: /zest-components/p-aa50eb31.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::xpxnf-1669278123335-2934168752cb
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/fender_analytics.42a910303762129b987c.js?cb=1
151.101.86.133200 OK 11 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/fender_analytics.42a910303762129b987c.js?cb=1
IP 151.101.86.133:0
File type ASCII text, with very long lines (27749), with no line terminators
Hash 0cfada57d478d97560b453019c523816
4503f32aa052c4ab0be24d9e3d383ce0ca568b0b
9a6fb085ebc0985e24aad977f126412a763fb7920f819e592e9baa1ff6362708
GET /onsite/js/fender_analytics.42a910303762129b987c.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TVj4JadKocCV4h3NElq7oufjh6VUPmKs/RmMK3GsmHVEIEljMrEcW06e1Di1LhQKmT1Dja0y3h4=
x-amz-request-id: GVJMDN3QM916A9S6
last-modified: Tue, 25 Oct 2022 15:47:53 GMT
etag: "141ae207735ed4c2a3fb9ba628dca228"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 3uoP2mttpPOUARdp4efml6Pc5m5_bVca
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga21944-LGA, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 13557
vary: Accept-Encoding
content-length: 10696
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MZRD7H7
142.250.74.168200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MZRD7H7
IP 142.250.74.168:0
File type ASCII text, with very long lines (17288)
Hash 8a315bc37a5d371cc6937ec03c2d6673
6c5b38709f1928cdc7e7ef799d13e4e2cd851a80
5546bc28eb49e8725e67295ab53fcc62668676d692e9cc4b36f345d23fbcdcec
GET /gtm.js?id=GTM-MZRD7H7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 08:22:03 GMT
expires: Thu, 24 Nov 2022 08:22:03 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/static.2a7d6da79b4746dd65dc.js?cb=1
151.101.86.133200 OK 5.2 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/static.2a7d6da79b4746dd65dc.js?cb=1
IP 151.101.86.133:0
File type ASCII text, with very long lines (12470), with no line terminators
Hash e37f3eaaa7977e6460d9dada42028dc1
becb39c0c0ee1c0531730e3c4a56c24bd29075d1
bf2fb0a1407521d637f701a5e34d8fd4c036569ab8ab2788ee43b264b4210ef7
GET /onsite/js/static.2a7d6da79b4746dd65dc.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DRdqDIMtaNuCHiGswJTReVYzua9qr/SUSDGNh0Ozub13IAxj2qsZp/Egcan0SIBk6RYTwd2y1Xo=
x-amz-request-id: GVJT343FGT95KTYV
last-modified: Tue, 25 Oct 2022 15:47:53 GMT
etag: "77892ad2b77ecca4245d2b89d47eed08"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 7wBZPekhsgwGATIHgi7HH2bztiL97mm4
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga21924-LGA, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 13789
vary: Accept-Encoding
content-length: 5239
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/vendors~signup_forms.00b04f3c478766c4bc48.js?cb=1
151.101.86.133200 OK 12 kB URL HTTP/2 static.klaviyo.com/onsite/js/vendors~signup_forms.00b04f3c478766c4bc48.js?cb=1
IP 151.101.86.133:0
File type ASCII text, with very long lines (36947)
Hash c1a35bfad6391bac94503262ab897048
a12b2c0d2804b380a3e2715a5bf82f3a63b6aa09
d3678802f64260cf335b6ee33f98012a740ca9fa6c2184c77baf73b6d0768b4f
GET /onsite/js/vendors~signup_forms.00b04f3c478766c4bc48.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Uo2F8wtaQa8IU+tseW7McR0beMAnzx9hMUGY8dL2o3bpj2mmkuhvyutyXz1hT/Npd6RbUHBo+aY=
x-amz-request-id: AD8F17TVQ3WDCPDA
last-modified: Tue, 25 Oct 2022 15:47:54 GMT
etag: "c1f477932c21f86d37733e422c41d864"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: .u._MKX7WAALs7vW9_tgaPqDl1x5LQP7
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga21942-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 10210
vary: Accept-Encoding
content-length: 12430
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=MWkxed
151.101.86.133304 Not Modified 0 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=MWkxed
IP 151.101.86.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /onsite/js/klaviyo.js?company_id=MWkxed HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"5d9b1f8da14764bd8bf81423d8a8a98d"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 24 Nov 2022 08:22:03 GMT
via: 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
etag: W/"5d9b1f8da14764bd8bf81423d8a8a98d"
age: 40749
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669278124.553851,VS0,VE0
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/signup_forms.d612f536549ef65da525.js?cb=1
151.101.86.133200 OK 12 kB URL HTTP/2 static.klaviyo.com/onsite/js/signup_forms.d612f536549ef65da525.js?cb=1
IP 151.101.86.133:0
File type Unicode text, UTF-8 text, with very long lines (35268), with no line terminators
Hash ac5ca63d2e0df780515fd4a6d4262a3c
95d6cccf7bb100954b6caec5882976c459a8c707
6cff14eec02f38f1d3a7a3b333895da805bfa6e9ce0e7fa89a0e43b33b705cee
GET /onsite/js/signup_forms.d612f536549ef65da525.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JLlJahMb93rOAV7xwMQEMf76k7upS3BO13ojtrM6TK98xImuJ6XgpIU4eiTbkDwguXDWAcLu9I4=
x-amz-request-id: R1ZVK7HJQNM2KBM0
last-modified: Mon, 31 Oct 2022 14:55:05 GMT
etag: "d5714319f99b25e20a02cfb3f47dd218"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 3QWJW.wDL4PGEpgdSSYg2_NLTv5Z1ohs
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga13621-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 10247
vary: Accept-Encoding
content-length: 11685
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/sharedUtils.b9e0df35334cc1e651b6.js?cb=1
151.101.86.133200 OK 14 kB URL HTTP/2 static.klaviyo.com/onsite/js/sharedUtils.b9e0df35334cc1e651b6.js?cb=1
IP 151.101.86.133:0
File type Unicode text, UTF-8 text, with very long lines (35750), with no line terminators
Hash 1896346c72197b43859e4bfb57e2d85d
93873b55c021a9ef1ad9ef23438ecd45ce966c4e
f9feb00888ace100ce22f082c9817d1023692a04cc07e6b91e6fac6cf15b8d92
GET /onsite/js/sharedUtils.b9e0df35334cc1e651b6.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UjdIdiHtl2D/aiNrgKDEOoJSfB0lTAHDB1dnDJUv3a454ad/xltT5fkAtEvJZtVBdM8AH0pvqUA=
x-amz-request-id: YQX2RCWFWYNCFA5N
last-modified: Fri, 11 Nov 2022 00:12:58 GMT
etag: "10241c59a86c7928f90d45a55b13bc7c"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: O4eT1_jDn59DvpPe9ex9946DLSV9H08f
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga21973-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 14872
vary: Accept-Encoding
content-length: 13847
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/runtime.a8ef631c8b8460d3e957.js?cb=1
151.101.86.133200 OK 727 B URL HTTP/2 static.klaviyo.com/onsite/js/runtime.a8ef631c8b8460d3e957.js?cb=1
IP 151.101.86.133:0
Hash 66e82a4786c45ef85e134e86791faa18
8baae7dfe30c408cc79a2b229f84c84284a380ea
1b6420f650a31e9ffb812c2dba5b9bff9da266e08e9c27047fe93224a87efc39
GET /onsite/js/runtime.a8ef631c8b8460d3e957.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LcnloDViSGmngOe1XAQL7J26gE18h4WQdO0khCUtmwOPKeUBg7GZShE/rJMNj97D2SkJ4KVlae8=
x-amz-request-id: GZRPWVEJJ044SSAH
last-modified: Fri, 18 Nov 2022 15:32:15 GMT
etag: "79c90fd1d1397b500594e00805a2ea59"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: R6MP9_b0BhtLI5ZwP6FFsPjCkadN.MZX
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga21968-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 17618
vary: Accept-Encoding
content-length: 8052
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash eaf28f755d76db9d4618d567d765b19c
c250c9ad9dd27dd29d6a06a7e3565fe5e06bb4ce
5ca582c7e70c81ed4a04d59c74625107c51c4761102fa6c97cb8576d59611727
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Last-Modified: Thu, 24 Nov 2022 08:03:54 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter-lib.js?v=9977379723799534531638480221
162.159.135.68200 OK 105 kB URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter-lib.js?v=9977379723799534531638480221
IP 162.159.135.68:0
File type ASCII text, with very long lines (31981)
Size 105 kB (104586 bytes)
Hash 1d4be1148b77ea3601e746a767fe7bc3
62ba70892a628c4d94c693bfdb582c83e5153cbb
74fd65ed8fc39967d00a3153b28f622eb46bbf9f3bc59c825a3b381157235462
GET /s/files/1/0313/7821/t/621/assets/bc-sf-filter-lib.js?v=9977379723799534531638480221 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter-lib.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b11165cc-fda1-470b-a7a6-95ede2a22225
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Fri, 26 Aug 2022 03:14:20 GMT
cf-cache-status: HIT
age: 7780247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufXKkBNCbIKR8jiBD5Vkwzm92hLJ1Cef9DiifZ01uRFECu0B3CC60X%2FieHww7Y7%2F84RNk2fh0pkTyVIsMBI%2B%2FNzCqwOTZ1zhs0OfOKvf41PfnwZ4LPBuEF0nYCPvaQ6CBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=100.465, imageryFetch;dur=53.083, cfRequestDuration;dur=11.000156
server: cloudflare
cf-ray: 76f0bc0e2be01c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/sentry.7cb637d727d84366f2b1.js
151.101.86.133200 OK 14 kB URL HTTP/2 static.klaviyo.com/onsite/js/sentry.7cb637d727d84366f2b1.js
IP 151.101.86.133:0
File type Unicode text, UTF-8 text, with very long lines (39984), with no line terminators
Hash 2759dea35890ea765569bb029b70f566
b853ad1d51c2de9aab7f75cfc8235ac3f58d329f
272f20e6309fc49a326a55b4e7a5704456af52e6ab76ee492e39693ac97b3e10
GET /onsite/js/sentry.7cb637d727d84366f2b1.js HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ZYF8nNCZ98iAX1I9YVABHPh4hXQFF6UYjxe8xiihnC39fPDE1pds7lW6eSG/wpOf3nhYpbJWy4E=
x-amz-request-id: G1339RR1WVFHHHTS
last-modified: Mon, 27 Jun 2022 21:34:52 GMT
etag: "46c646cae5b80823d9695afc6ccfed75"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 5RLCs8HEr6hVMb6T_V77Y81r85sp95MR
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 40753
x-served-by: cache-lga13621-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 8994
vary: Accept-Encoding
content-length: 13747
X-Firefox-Spdy: h2
fast.fonts.net/lt/1.css?apiType=css&c=0814c035-7c7d-4441-97fe-f85bc5740e14&fontids=5364176
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/lt/1.css?apiType=css&c=0814c035-7c7d-4441-97fe-f85bc5740e14&fontids=5364176
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lt/1.css?apiType=css&c=0814c035-7c7d-4441-97fe-f85bc5740e14&fontids=5364176 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: lhA7IGOEe1fDBasIW+S6u50RrSpEdYqkYBWQFYFKYTwJIoje6ceILih9uW0vKH1UU5S3vf+8Ga4=
x-amz-request-id: X2R7C21R0Z44WVYH
last-modified: Tue, 23 Mar 2021 12:59:56 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1361983047
x-amz-version-id: null
cf-cache-status: HIT
age: 411549
accept-ranges: bytes
set-cookie: __cf_bm=KUACG.DiKIjoKUdrw4Zfri8fBw05XbmTNBKc4N5J9LQ-1669278123-0-AcUKb+GXfNqZZZvMTl4IKxxbaEi6RDQ0RAnrSVYx7vOO8SmDx+TcUGM8SZ8gRDxHf2SHf/ngK9RdGb+ea+BLB/Q=; path=/; expires=Thu, 24-Nov-22 08:52:03 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f0bc10fbb0b4f4-OSL
X-Firefox-Spdy: h2
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=MWkxed
151.101.86.133200 OK 430 B URL HTTP/2 fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=MWkxed
IP 151.101.86.133:0
File type JSON data\012- , ASCII text, with very long lines (430), with no line terminators
Hash e8f391469ecd4e166f80f6537c08a8ab
c0715c7a93cd16fc678c7289337fd23e6a7c27fb
da36a4ae7ec2076382bccd1a5302e728cf7ad87228181a161cead82cfce580e6
GET /custom-fonts/api/v1/company-fonts/onsite?company_id=MWkxed HTTP/1.1
Host: fast.a.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, HEAD, OPTIONS
cache-control: max-age=10
content-type: application/json; charset=utf-8
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
age: 5022239
x-served-by: cache-bos4678-BOS, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 22693, 1
vary: Cookie
strict-transport-security: max-age=900
content-length: 430
X-Firefox-Spdy: h2
static-forms.klaviyo.com/forms/api/v6/MWkxed/full-forms
151.101.86.133200 OK 4.8 kB URL HTTP/2 static-forms.klaviyo.com/forms/api/v6/MWkxed/full-forms
IP 151.101.86.133:0
File type ASCII text, with very long lines (40942), with no line terminators
Hash eb5d7ac8bc2f86eb0ae3357beee5ec3d
f0e794248b50cd42f6ff1f68196f46c8ff72a05f
ef75f7f9d8a72a86679c4e9b1304f397f634b6f2dbc47dd3b2b5abbb2195facf
GET /forms/api/v6/MWkxed/full-forms HTTP/1.1
Host: static-forms.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fL5vRKK09RIivTtFpV6ehKTZAhCqQSMnV0mRme8aYXpWZ4+12lLT3G210cJ50NIBDV/GdWbn/54=
x-amz-request-id: XQ97JFABMM7R8DMP
last-modified: Wed, 23 Nov 2022 18:57:37 GMT
etag: "e4464c94d097cbcc3b13db37253a3ec9"
cache-control: max-age=5
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/MWkxed custom-fonts/MWkxed
x-amz-version-id: aD4347Nu2DwvRQiErhG9c_sO.NA_Tu_n
content-type: application/json
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 08:22:03 GMT
via: 1.1 varnish
age: 47490
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669278124.745204,VS0,VE1
vary: Accept-Encoding
client-geo-continent: EU
client-geo-country: NO
access-control-expose-headers: client-geo-continent, client-geo-country
access-control-allow-origin: *
content-length: 4777
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 24 Nov 2022 01:07:28 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YUBkszEl9iZxmP2SKd6pVA18tzjng9gusH13W8mUTpLdYYu8JRp-Ug==
Age: 26076
ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
IP 142.250.74.3:0
Hash e6b79f364f118c1af26312cb573c151e
bde5798f1c5b5b04a3d807a80bc4b36cced708a3
fcd9e617bb5245f63c3b70905efdcc932693a20b0a10b45229853755df70e0d1
POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsfXEpmsg2OxERxP_ajYkutGu6O6sY_dQeHNHm3dE8thrDAwwnBgBjfr-mVb__6Q4QaQgdXwiDmxMsmd_1t5-d9BA
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Thu, 24 Nov 2022 08:14:16 GMT
expires: Thu, 24 Nov 2022 09:14:16 GMT
cache-control: public, max-age=3600
age: 467
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
IP 142.250.74.3:0
Hash e6b79f364f118c1af26312cb573c151e
bde5798f1c5b5b04a3d807a80bc4b36cced708a3
fcd9e617bb5245f63c3b70905efdcc932693a20b0a10b45229853755df70e0d1
POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 4d7960a8b3330c81e75432802b46364d
f7797d1dfa635482d554c7908cf6ef679bc60cf5
eb28504fcca1330e37e0f14512837be4ec696a0c6dc13f76898a4e950373ddb5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 24 Nov 2022 08:22:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 21:51:14 GMT
Expires: Thu, 24 Nov 2022 21:51:14 GMT
ETag: "f7797d1dfa635482d554c7908cf6ef679bc60cf5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 3af0e8934d2c538a59314aefbd226eff
9a8f0b8c2ee8c152b07e6ad6c7d2cbe13a08f1f6
bb5edff15828e0b5bc67b29714efece36ec64637b5f0e50d4f0c17839481d436
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 24 Nov 2022 08:22:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 19:56:12 GMT
Expires: Thu, 24 Nov 2022 19:56:12 GMT
ETag: "9a8f0b8c2ee8c152b07e6ad6c7d2cbe13a08f1f6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7G8L4FB3D4VREVL30A0&hostname=naadam.co
23.36.79.32200 OK 1.8 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7G8L4FB3D4VREVL30A0&hostname=naadam.co
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type C source, ASCII text, with very long lines (3948)
Hash c52b63ec5aa42c10f7b54846846460ff
f8077ce57ed389d1d8d8ef75c6a3cae2e75f10d2
03a659623ca27a4fe7cc5db6bf210bec4614eb250408e6bc0df3ed9967a252df
GET /i18n/pixel/config.js?sdkid=C7G8L4FB3D4VREVL30A0&hostname=naadam.co HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211240822047A380ED92BCFCE557BEF
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bb095ec2209e00a92bc626232deb0d43167405a8c86ca483684e27a91fe5123d7a44c70398a456fa75950c5b53a8ef99f
content-encoding: gzip
expires: Thu, 24 Nov 2022 08:22:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:04 GMT
content-length: 1826
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=104
x-origin-response-time: 104,23.36.79.28
x-akamai-request-id: 4c480313
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b9d9f8ed6c8abffda48365f6bc32b84b
33ad802992d04ae77047e05a68120cb4e42a00e6
7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b9d9f8ed6c8abffda48365f6bc32b84b
33ad802992d04ae77047e05a68120cb4e42a00e6
7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trkn.us/pixel/conv/ppt=18354;g=sitewide;gid=42145;ord=[uniqueid]
3.208.143.38302 Found 0 B URL HTTP/1.1 trkn.us/pixel/conv/ppt=18354;g=sitewide;gid=42145;ord=[uniqueid]
IP 3.208.143.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/conv/ppt=18354;g=sitewide;gid=42145;ord=[uniqueid] HTTP/1.1
Host: trkn.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Nov 2022 08:22:04 GMT
Location: /pixel/conv/ppt=18354;g=sitewide;gid=42145;ord=[uniqueid];ip=91.90.42.154;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: Apache
Set-Cookie: barometric[cuid]=cuid_90ae3c1f-8b2e-47c1-a608-26f8e5842156; expires=Fri, 24-Nov-2023 08:22:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.trkn.us
X-Content-Type-Options: nosniff
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Lato:ital,wght@0,400&family=Rubik:ital,wght@0,400&display=swap
142.250.74.10200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css2?family=Lato:ital,wght@0,400&family=Rubik:ital,wght@0,400&display=swap
IP 142.250.74.10:0
Hash 323ebab8363d1931f8f5097409ae1de7
dc2d7f198e8c264368672482169e8555dc153636
b749a6e704f2f6158b45a931e58631a66f6b1ba7326732593d2a5c8c5454d108
GET /css2?family=Lato:ital,wght@0,400&family=Rubik:ital,wght@0,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 08:22:04 GMT
date: Thu, 24 Nov 2022 08:22:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 755
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112408220455F5C8578200936A1751
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b36e1c603df17b3b2cb2ad5d39fa8faa3efbf3934a4f41fcf3f4f7d40de6dab7fe81009d86c72a5225a65319f40eb8e2c
expires: Thu, 24 Nov 2022 08:22:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=3, origin; dur=110
x-origin-response-time: 110,23.36.79.28
x-akamai-request-id: 4c4803f2
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 721
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124082204A2FB068D0955B463F71A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bb095ec2209e00a92bc626232deb0d4317b8006c2d3836854c978b9b1fdb5ee5a812a0be6b86f42ca39b7af5b63d701c7
expires: Thu, 24 Nov 2022 08:22:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=3, origin; dur=109
x-origin-response-time: 109,23.36.79.28
x-akamai-request-id: 4c4803fa
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://naadam.co/
Origin: https://naadam.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: atecz44ldzfw
x-powered-by: Express
x-cloud-trace-context: 071efb34d3e87fd91b3dc646ccdf3d61
content-encoding: gzip
date: Thu, 24 Nov 2022 08:22:04 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dx.mountain.com/spx?dxver=4.0.0&shaid=33172&tdr=&plh=https%3A%2F%2Fnaadam.co%2F&cb=39638522610294184term=value
54.69.255.140200 6.2 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33172&tdr=&plh=https%3A%2F%2Fnaadam.co%2F&cb=39638522610294184term=value
IP 54.69.255.140:0
Hash 2edd3bbaa6452c051dcadfaad2d71e69
cd776d7c2e6d276b56f349b25063ca584bd404a4
2f5fa2911794f00a4c1e4bfcb517bd322d0b61c59128c24abea460366745b0fc
GET /spx?dxver=4.0.0&shaid=33172&tdr=&plh=https%3A%2F%2Fnaadam.co%2F&cb=39638522610294184term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 24 Nov 2022 08:22:03 GMT
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbd25cdf6f9152bba7daa4d5ee210518
529193e24d54be9954bd87c184649f83e5f039c0
0ec16c2134dfb701f10efab451eb1e97cd42e8d05e65e09434bc92380fce00c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EC16C2134DFB701F10EFAB451EB1E97CD42E8D05E65E09434BC92380FCE00C0"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12085
Expires: Thu, 24 Nov 2022 11:43:29 GMT
Date: Thu, 24 Nov 2022 08:22:04 GMT
Connection: keep-alive
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Content-Type: application/json
Origin: https://naadam.co
Content-Length: 461
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: i3qnnmuzsv3s
x-powered-by: Express
x-cloud-trace-context: d47e1cb77c59016370491e847f1f5f6d
date: Thu, 24 Nov 2022 08:22:04 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 88 kB IP 93.184.220.29:0
Hash ef94448c11025573069dab3f1f0f2cdc
3747009eae10fcbf84271d5e9aecb0ee184221b9
576ad2ed4b9b29adf3a015a27e308d646386fa9186755004d20c630d39b07e25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Last-Modified: Thu, 24 Nov 2022 06:50:03 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 025475ae68cc1101169ad51d94786201
e583fd9e69598fa8981a374958e4a30a76d1d151
8824ae1eda1254c6fc1992c654004458bca41925f41156310685fddbc1981040
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1727
Cache-Control: max-age=140510
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Etag: "637ea4cb-117"
Expires: Fri, 25 Nov 2022 23:23:54 GMT
Last-Modified: Wed, 23 Nov 2022 22:55:07 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
shop.app/pay/session?v=1&token=d32ed997-235a-46eb-9290-7b1e03cca4be&shop_id=3137821
23.227.38.33200 OK 18 B URL HTTP/2 shop.app/pay/session?v=1&token=d32ed997-235a-46eb-9290-7b1e03cca4be&shop_id=3137821
IP 23.227.38.33:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c07fe8d0c031632d49b937f7b64cc318
b50ff5d4241ed1d437505098707c289683f62acf
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
GET /pay/session?v=1&token=d32ed997-235a-46eb-9290-7b1e03cca4be&shop_id=3137821 HTTP/1.1
Host: shop.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Origin: https://naadam.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:04 GMT
content-type: application/json; charset=utf-8
content-length: 18
x-sorting-hat-podid: -1
access-control-allow-origin: https://naadam.co
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-credentials: true
p3p: CP="Not used"
x-frame-options: DENY
x-robots-tag: noindex
vary: Accept, Origin, Accept-Encoding
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://*.shopifycs.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com
set-cookie: _pay_session=XGfD5UUDoOGIme%2B%2FphFzUUMVDK0DK3jNVASYwUSqSwcmcpNlNZRxctjt7MRTuiKPA4XooLbmuoDelIeVZowIuRD3pbl49oy0%2BZCR5FrcXTJP8VPs%2By%2BJu5eguIT67ioxBPB0qn0lECzTXaxWRaIDSMO1oXLUYYeLzJQW3Nk48UG8htJOu4nPs3eOor%2BWhejP7Xe0LA%3D%3D--5TPIGJYeKyw%2B9rU2--rNVWW31d94HTVBptlXgb8g%3D%3D; path=/; secure; HttpOnly
x-request-id: 24ab4108-c32f-45fa-bc9f-af099fe98352
x-runtime: 0.007145
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
x-xss-protection: 1; mode=block
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vqkCn5ArUs5mF%2Bq4%2FzbFeODEqiUhmiwJIBLkaqaVi3fq5dkD1ZGGgCkLIWAUiRpEGxkAwfZwcW05KGytJmPOf5Zwh2Q7d2EI5sV7HIAA%2Bs5kVtZiey0CsNo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=185.000181
server: cloudflare
cf-ray: 76f0bc15ab79b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter-init.js?v=143573699782106147931638480220
162.159.135.68200 OK 679 B URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter-init.js?v=143573699782106147931638480220
IP 162.159.135.68:0
File type ASCII text, with very long lines (350)
Hash 79a4fcc830ab86c4fa85940845b1ea62
528ba2b56735dd07c4db58e8d91d47159ae474d1
513ed5db29f0db8d697f226e65c6a46347e9c44488eeeefbecfb1b688e5b8a34
GET /s/files/1/0313/7821/t/621/assets/bc-sf-filter-init.js?v=143573699782106147931638480220 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter-init.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c338dbdb-8926-4228-ad84-b988c05a942a
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Fri, 26 Aug 2022 03:02:14 GMT
cf-cache-status: HIT
age: 7780247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUnELOgbixRc2OxUNGh3c6HwabcfjdoJjuSupsmutgq1Dfl1zPsQspRUD%2Bd%2BDG0G0mwpor7f7EFilH9X23mkLTTa2yRh8DMUm1GJsD5lbt6eTa1wR8BYoxzXocTc%2BSrcqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=42.683, imageryFetch;dur=41.554, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 76f0bc0e6c251c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-3EP91R3KYF>m=2oeb90&_p=51587114&_gaz=1&cid=976980553.1669278124&ul=en-us&sr=1280x1024&_s=1&sid=1669278123&sct=1&seg=0&dl=https%3A%2F%2Fnaadam.co%2F&dt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 27 kB URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-3EP91R3KYF>m=2oeb90&_p=51587114&_gaz=1&cid=976980553.1669278124&ul=en-us&sr=1280x1024&_s=1&sid=1669278123&sct=1&seg=0&dl=https%3A%2F%2Fnaadam.co%2F&dt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash 336df7590a36c2ee4beeee377b8404ff
f0d9543b00e6f12b0b3d783649003246bad481c7
6373631fbf207feac234db49a20e54ffa00d546dd6f107cb01489c1189daeff5
POST /g/collect?v=2&tid=G-3EP91R3KYF>m=2oeb90&_p=51587114&_gaz=1&cid=976980553.1669278124&ul=en-us&sr=1280x1024&_s=1&sid=1669278123&sct=1&seg=0&dl=https%3A%2F%2Fnaadam.co%2F&dt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://naadam.co
date: Thu, 24 Nov 2022 08:22:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-3EP91R3KYF&cid=976980553.1669278124>m=2oeb90&aip=1
142.251.1.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-3EP91R3KYF&cid=976980553.1669278124>m=2oeb90&aip=1
IP 142.251.1.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-3EP91R3KYF&cid=976980553.1669278124>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://naadam.co
date: Thu, 24 Nov 2022 08:22:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash 5e4b85790e3e8fd1d6d4cc0da4eb7161
596669947022f74d91afc3e8b8a4c14489a3ccbc
d74a276485732483d950276deae7d0c14e201fe38a410313d75abaffa40ee15b
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211240822044679BF3BC3D72F49E7DE
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b0be634410c44d6b1b59f6fa8dadaf90e6c70aa3253dc4dcebe0f887b311a8c40b0dae5e6f8dfaf4ad9b035310e70b35b
content-encoding: gzip
expires: Thu, 24 Nov 2022 08:22:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=99
x-origin-response-time: 99,23.36.79.28
x-akamai-request-id: 4c4802f7
X-Firefox-Spdy: h2
events.attentivemobile.com/e?v=4.16.15_17d90e5be2&pd=https%3A%2F%2Fnaadam.co%2F&u=38709a38916340bca1b31b20de8658e7&c=naadam&ceid=-t_<=1669278124246&tag=modern&cs=862935069&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1669278124255
104.18.43.48200 OK 8.1 kB URL HTTP/2 events.attentivemobile.com/e?v=4.16.15_17d90e5be2&pd=https%3A%2F%2Fnaadam.co%2F&u=38709a38916340bca1b31b20de8658e7&c=naadam&ceid=-t_<=1669278124246&tag=modern&cs=862935069&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1669278124255
IP 104.18.43.48:0
Hash cbdb1e50d6fd7b83d123625bbd70ee9b
8fad89cf3842bc603ef3a68c3ced698b9592a5b1
ed397ecffffc9581d223f9c52ad5c8f8aa9c56e14b699677590372a34cb3607a
POST /e?v=4.16.15_17d90e5be2&pd=https%3A%2F%2Fnaadam.co%2F&u=38709a38916340bca1b31b20de8658e7&c=naadam&ceid=-t_<=1669278124246&tag=modern&cs=862935069&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1669278124255 HTTP/1.1
Host: events.attentivemobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:04 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
x-envoy-upstream-service-time: 3
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f0bc166be1fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ea42a973eb04253b1a202cb6201098a4
8381ef4efe9812d88e0a7b21a4e2eb62525acb86
7709b1626160ea619e22bb6e34c64c011ceb9e8af8ed14ca294aa99d8efda343
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 08:22:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 13:02:17 GMT
Expires: Mon, 28 Nov 2022 13:02:16 GMT
Etag: "8381ef4efe9812d88e0a7b21a4e2eb62525acb86"
Cache-Control: max-age=361811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f0bc170d29b4fd-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 513b4fbd13051ba6dc057dca4dd6855e
bda8f8c897c1d9b3c1b0d1e86ec57902f259b14a
383185b9366dcf8452ce5a1d7aee86d2c06c6047302e41a3e496f8f64b3af247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Last-Modified: Thu, 24 Nov 2022 06:50:03 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b93675d1a
143.204.55.4200 OK 31 kB URL HTTP/2 cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b93675d1a
IP 143.204.55.4:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8e6c672988a9fdee6131fce41f181057
368c13f09752689910bf15dd6d9c1dc684816700
a62a1b4eedda4f973c6a0bcb9d58193423c353754fb8d7f6924521b1e2a84732
GET /tag/4-latest/unified-tag.js?v=4-latest_3b93675d1a HTTP/1.1
Host: cdn.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Nov 2022 20:06:54 GMT
x-amz-version-id: x0Objo8mh5xnr8rjMMaNbUyv0VPpr3Lx
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Nov 2022 08:17:18 GMT
cache-control: public, max-age=300
etag: W/"e66321305cd13cc7db094b6a0e342c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DAYXsKhXmMNKZRq66Ch3fkLDM1n-2kGSCyYD0LkueymjGvK6hX5ssw==
age: 288
X-Firefox-Spdy: h2
44.228.85.26/is
44.228.85.26200 OK 32 B IP 44.228.85.26:0
File type ASCII text, with no line terminators
Hash a9c5da8e8bda58493eb2b9776f5861a4
a25ec7733b4268b945b51b9280229b8ddab99062
23a221bc12470c5f9cef49959f5874fb74d1b4b31a93bbb2ca96ed9864589738
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 44.228.85.26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Origin: https://naadam.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 08:22:04 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.116200 OK 905 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.116:0
File type ASCII text, with very long lines (559)
Hash 8f9a4e574f11ca1ea10db98fd6687660
24524c8493f0ca5573f353600dd66ba22406cd9c
f16fda04be22fc56edd4df978a54704d27b942f694ba82fab5a7d3b1c13428b8
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 07:40:43 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PelQTcumWgEPbAm_scKR48YyRGbaxINbHyIveXR15OcVOk9RehIu7g==
age: 2483
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 025475ae68cc1101169ad51d94786201
e583fd9e69598fa8981a374958e4a30a76d1d151
8824ae1eda1254c6fc1992c654004458bca41925f41156310685fddbc1981040
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1728
Cache-Control: max-age=140510
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:05 GMT
Etag: "637ea4cb-117"
Expires: Fri, 25 Nov 2022 23:23:55 GMT
Last-Modified: Wed, 23 Nov 2022 22:55:07 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
cdn.pbbl.co/r/2556.js
143.204.55.77403 Forbidden 986 B IP 143.204.55.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dc27c91638586be5f87e45c79183f206
e9a6011ad1d24fb7eb0494a790e8d19840e9f2d3
95e65e5f6eabeb0f76009598090f2a82e97e94cc3ab034775857d3fe3eef7fd6
GET /r/2556.js HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Thu, 24 Nov 2022 08:22:05 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KZsFYyECUojzX0MwIDaVc4WeFJasObcGs3S0bDE4zvGqZk8I5NYgeQ==
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:05 GMT
Last-Modified: Thu, 24 Nov 2022 06:33:32 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
naadam.attn.tv/d/?attn_vid=38709a38916340bca1b31b20de8658e7
104.18.37.231200 OK 20 kB URL HTTP/2 naadam.attn.tv/d/?attn_vid=38709a38916340bca1b31b20de8658e7
IP 104.18.37.231:0
File type ASCII text, with very long lines (1325)
Hash 4ac439645ad1f87b72addf036c8d9ba6
5845ae88e2cc41769ad18808e85086dfc4960b50
437ad6ce2674ea59ff746c2c046f78d0b0b178b3817dd2352088d6ee9f7d05c5
GET /d/?attn_vid=38709a38916340bca1b31b20de8658e7 HTTP/1.1
Host: naadam.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Origin: https://naadam.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:05 GMT
content-type: application/json
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f0bc167e18b51b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staticw2.yotpo.com/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/widget.js
2.23.139.120200 OK 117 kB URL HTTP/2 staticw2.yotpo.com/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/widget.js
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (50657)
Size 117 kB (117442 bytes)
Hash 73e55b01cfa235d5ec1297c880e9ef35
f85ccb68c5a1aceecc5ed067093e9968f0e5e01a
d9adef3938628287aecad479c38b3eec2419f9ebb5f949ea74839c92725114ee
GET /MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/widget.js HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
etag: W/"73e55b01cfa235d5ec1297c880e9ef35"
x-request-id: 89d55ac0ce237b4ae2193383d6671c16
x-runtime: 0.049172
access-control-allow-headers: *
content-length: 117442
cache-control: public, max-age=14801
date: Thu, 24 Nov 2022 08:22:05 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=5
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/972491183/?random=1669278123473&cv=11&fst=1669278123473&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnaadam.co%2F&tiba=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&auid=838487408.1669278123&rfmt=3&fmt=4
142.250.74.98200 OK 903 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/972491183/?random=1669278123473&cv=11&fst=1669278123473&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnaadam.co%2F&tiba=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&auid=838487408.1669278123&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (1893), with no line terminators
Hash 7ac7417898ecee5d425f36c9bb4d353d
7fee5369f4ee053a93cc23b8f3d81c1b6050cd8a
1891625bead7d5f4c77f750f11d8cfcbfd515f02db0e383c516ae93089a11685
GET /pagead/viewthroughconversion/972491183/?random=1669278123473&cv=11&fst=1669278123473&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnaadam.co%2F&tiba=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&auid=838487408.1669278123&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 08:22:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 903
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 08:37:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c13735d15a9ff7f5ca545a09bad9ce06
b04879e73a66dfdff044ba70d4b57a3332c28f98
ec7cf255c87d0271ba038a145f2d9a767d8ab3d1e4bb062ed29ecd30fd30117b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1341
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:05 GMT
Last-Modified: Thu, 24 Nov 2022 07:59:44 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=3C2D78C346EA6FD034776AA5471F6E34; domain=.bing.com; expires=Tue, 19-Dec-2023 08:22:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B61675E35B404318A0228CEC06799F04 Ref B: OSL30EDGE0113 Ref C: 2022-11-24T08:22:05Z
date: Thu, 24 Nov 2022 08:22:04 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3EP91R3KYF&cid=976980553.1669278124>m=2oeb90&aip=1&z=596644656
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3EP91R3KYF&cid=976980553.1669278124>m=2oeb90&aip=1&z=596644656
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3EP91R3KYF&cid=976980553.1669278124>m=2oeb90&aip=1&z=596644656 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 08:22:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ZwV9FTsMAdFJMPMWj2rqI3JuMucM5E0DRVc/p8UUoeMG2iSGXun1+XyRvIgedh1YDVLqk0YoYMxy86PjMqYr4A==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 08:22:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:05 GMT
Last-Modified: Thu, 24 Nov 2022 06:33:32 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
naadam.attn.tv/unrenderedCreative?v=4.16.15&r=&id=38709a38916340bca1b31b20de8658e7&pv=1&l=https%3A%2F%2Fnaadam.co%2F&w=1280&h=939&ss_ref=ORGANIC&m=marketing&m=live-sms
104.18.37.231204 No Content 0 B URL HTTP/2 naadam.attn.tv/unrenderedCreative?v=4.16.15&r=&id=38709a38916340bca1b31b20de8658e7&pv=1&l=https%3A%2F%2Fnaadam.co%2F&w=1280&h=939&ss_ref=ORGANIC&m=marketing&m=live-sms
IP 104.18.37.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /unrenderedCreative?v=4.16.15&r=&id=38709a38916340bca1b31b20de8658e7&pv=1&l=https%3A%2F%2Fnaadam.co%2F&w=1280&h=939&ss_ref=ORGANIC&m=marketing&m=live-sms HTTP/1.1
Host: naadam.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Content-Type: text/plain;charset=UTF-8
Origin: https://naadam.co
Content-Length: 29
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 08:22:06 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f0bc1f2968b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staticw2.yotpo.com/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/widget.css?widget_version=2021-09-15_08-34-56
2.23.139.120200 OK 46 kB URL HTTP/2 staticw2.yotpo.com/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/widget.css?widget_version=2021-09-15_08-34-56
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (65436)
Hash 45f485512ee3de106e0e7e28b7354fd1
74553dfa47bbcdebd3b546f858b59c190bd9ed4a
c6ca8ff12e253bdaa1400fb62ba66f0c76211fa9bac3b1530559734721bc6f71
GET /MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/widget.css?widget_version=2021-09-15_08-34-56 HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
etag: W/"45f485512ee3de106e0e7e28b7354fd1"
x-request-id: 14bee22dbe804996e780926c38cc25f0
x-runtime: 0.104707
access-control-allow-headers: *
content-length: 46176
cache-control: public, max-age=13681
date: Thu, 24 Nov 2022 08:22:06 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=6
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7farW5y_f4dRzMnNnUhK8DOSdZdq4IAKQ4e7OPBzfOBqeC9aiDWnow==
age: 69120
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash d4daf1dfe64a0efc5307761240844950
5b7380b1249c7ba65c5d3cf3ef7db0a0aa0f87fa
26330bc9faf9f88ea49947d9253df1ba70c061730a628813391dc9b7d946e74f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:06 GMT
Last-Modified: Thu, 24 Nov 2022 07:58:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
staticw2.yotpo.com/batch/app_key/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/domain_key/yotpononproductrelatedwidget/widget/GenericGallery
2.23.139.120200 OK 6.5 kB URL HTTP/2 staticw2.yotpo.com/batch/app_key/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/domain_key/yotpononproductrelatedwidget/widget/GenericGallery
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 22346654da2c82debbce45142533e635
fa3ae079ecd455422255acaaa356fe46fa27f569
8491aa842784e55727aae1e0770011810f9cc07ef14024c8a3502c10fee52899
POST /batch/app_key/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/domain_key/yotpononproductrelatedwidget/widget/GenericGallery HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1676
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
etag: W/"22346654da2c82debbce45142533e635"
x-request-id: ff07ff17f6dcbc1a37b5601ecaaa1fe3
x-runtime: 0.087826
access-control-allow-headers: *
content-length: 6495
cache-control: public, max-age=21597
date: Thu, 24 Nov 2022 08:22:06 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=189
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: https://naadam.co
X-Firefox-Spdy: h2
telemetrics.klaviyo.com/v1/metric
54.230.111.60204 No Content 0 B URL HTTP/2 telemetrics.klaviyo.com/v1/metric
IP 54.230.111.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/metric HTTP/1.1
Host: telemetrics.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 126
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 08:22:06 GMT
x-amzn-requestid: 219c5345-bd20-4b13-9836-95aa877e1ff5
access-control-allow-origin: *
x-amz-apigw-id: cGNzQGihoAMFzVA=
x-amzn-trace-id: Root=1-637f29ae-01a2b4aa300c05ea78e8a267;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yGgz33VVnjo18yriPJB1qvDvIt-7a3Atg7AsBezCi0XpYtsnk9C_iQ==
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=naadam.co&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=naadam.co&origin=onetag
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?topUrl=naadam.co&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:05 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=c483d302-b06e-45f2-951b-af6098edf199; expires=Tue, 19 Dec 2023 08:22:05 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 728784
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 997 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 1efabf1c6d828c31b8d1dde20f771aee
3f45b3396a16388d79d579b575aa8e0eb6d3a98f
664c2b13319e018818dd3902d60e02f41ab285370f973764873e32aca3878265
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3208
Cache-Control: max-age=95542
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:06 GMT
Etag: "637def5c-139"
Expires: Fri, 25 Nov 2022 10:54:28 GMT
Last-Modified: Wed, 23 Nov 2022 10:01:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4c861992892fa95077df1563e02322cc
188c4cfab75610dfe76ba5651e35998f78534ffb
edf1912df1d191151791bf6f968480e9f9a675611f27218e98ab1f0074f33eae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3208
Cache-Control: max-age=95542
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:06 GMT
Etag: "637def5c-139"
Expires: Fri, 25 Nov 2022 10:54:28 GMT
Last-Modified: Wed, 23 Nov 2022 10:01:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://naadam.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 221307
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2021-09-15_08-34-56
2.23.139.120200 OK 12 kB URL HTTP/2 staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2021-09-15_08-34-56
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type Web Open Font Format, TrueType, length 12288, version 1.0\012- data
Hash 652f1f8f7ffd92a8fc5b8b1ea66dcca3
e79b5a779aa32ecb953d7c182744653b577b6000
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143
GET /assets/yotpo-widget-font.woff?version=2021-09-15_08-34-56 HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://naadam.co
Connection: keep-alive
Referer: https://staticw2.yotpo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 12288
last-modified: Mon, 14 Nov 2022 12:57:11 GMT
etag: "63723b27-3000"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 01 Dec 2022 08:22:06 GMT
date: Thu, 24 Nov 2022 08:22:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 4.2 kB IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (1007)
Hash 3761bd715bf3e9f48782fb22b720de56
c3e95ef8b2b750cb249bd7da78db2b132c0e6dc3
f14e874ff2fea1ea68fc2f5231bc7fc9c4ebae37929c13e09045b91b6bd3c6a1
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=R7wD2l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czl6cklHenViQ1hicTRVZHFoQVM2VDcyVCUyRlU4dkl4TmFGT01sWDclMkZnTUs5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=fSyL2180M0RITmhlJTJCZkMwOUJGQlhaMUN2czl6cklHenViQ1hicTRVZHFoQVM2VDdvZ3lZVHJ5ekJwS1lIcnFHZERnQXc; expires=Tue, 19 Dec 2023 08:22:06 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 326915
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
staticw2.yotpo.com/assets/spacer.gif
2.23.139.120200 OK 43 B URL HTTP/2 staticw2.yotpo.com/assets/spacer.gif
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /assets/spacer.gif HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Fri, 18 Nov 2022 10:18:17 GMT
etag: "63775be9-2b"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 01 Dec 2022 08:22:06 GMT
date: Thu, 24 Nov 2022 08:22:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
script.hotjar.com/modules.e1bdbadbcc63daea6270.js
143.204.55.68200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.e1bdbadbcc63daea6270.js
IP 143.204.55.68:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 53db6c810ee48127f87a9c79e206fc67
aa53e521ba10b23524afc519c6e6ba8d1eb5147c
f89c4d3c17828a5c54ecc60f5107e2bfe92cb8b4622fb766fda6d1fca1c95fdd
GET /modules.e1bdbadbcc63daea6270.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68720
date: Thu, 24 Nov 2022 08:09:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "53db6c810ee48127f87a9c79e206fc67"
last-modified: Thu, 24 Nov 2022 08:08:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vbDm2ndDgAxOxx9YnthrNqDG0gyvtHbSFI3zdeUQp7kUIQlB_mOFow==
age: 780
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=134598221&Ver=2&mid=c1a8ebb3-3080-464c-8eca-20d621b99b60&sid=14b655106bd111edb38b37eae5cc6092&vid=14b67b706bd111edb340a79194a42798&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&p=https%3A%2F%2Fnaadam.co%2F&r=<=3672&evt=pageLoad&sv=1&rn=255871
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=134598221&Ver=2&mid=c1a8ebb3-3080-464c-8eca-20d621b99b60&sid=14b655106bd111edb38b37eae5cc6092&vid=14b67b706bd111edb340a79194a42798&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&p=https%3A%2F%2Fnaadam.co%2F&r=<=3672&evt=pageLoad&sv=1&rn=255871
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=134598221&Ver=2&mid=c1a8ebb3-3080-464c-8eca-20d621b99b60&sid=14b655106bd111edb38b37eae5cc6092&vid=14b67b706bd111edb340a79194a42798&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&p=https%3A%2F%2Fnaadam.co%2F&r=<=3672&evt=pageLoad&sv=1&rn=255871 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=26262D2515BB69D71B9C3F43144E68C3; domain=.bing.com; expires=Tue, 19-Dec-2023 08:22:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 87742F8730C844F49F5215020BC4F2FF Ref B: OSL30EDGE0113 Ref C: 2022-11-24T08:22:06Z
date: Thu, 24 Nov 2022 08:22:06 GMT
X-Firefox-Spdy: h2
staticw2.yotpo.com/batch/app_key/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/domain_key/yotpononproductrelatedwidget/widget/generic_lightbox_container
2.23.139.120200 OK 18 kB URL HTTP/2 staticw2.yotpo.com/batch/app_key/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/domain_key/yotpononproductrelatedwidget/widget/generic_lightbox_container
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type JSON data\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Hash 90bd6665d2c07c50fd2ba2edfe61ebac
0587955d8b8c9e1cf2c979d95cc2b35019f4212f
34b3f3e7324530928b060d627f91e5a80231349cfea5271a7e12f99b8f0fceda
POST /batch/app_key/MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc/domain_key/yotpononproductrelatedwidget/widget/generic_lightbox_container HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4570
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
etag: W/"90bd6665d2c07c50fd2ba2edfe61ebac"
x-request-id: d6265f1ae649a28c966303f76edd57e3
x-runtime: 0.212100
access-control-allow-headers: *
content-length: 17767
cache-control: public, max-age=21585
date: Thu, 24 Nov 2022 08:22:06 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=315
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: https://naadam.co
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 46 kB IP 142.250.74.3:0
Hash 56d72ab0d44b37bb1d46b36ee30c4121
9f6c5d756a073ed18e6e86543622d862661ed8eb
265afc934b3dd23ca812e4095e430f2a9dd974dd8d0dc97b356f5e745eaf8872
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46014150-1&cid=976980553.1669278124&jid=1888142247&_u=YCDAgEABBAAAAEgCIAB~&z=1830260438
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46014150-1&cid=976980553.1669278124&jid=1888142247&_u=YCDAgEABBAAAAEgCIAB~&z=1830260438
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46014150-1&cid=976980553.1669278124&jid=1888142247&_u=YCDAgEABBAAAAEgCIAB~&z=1830260438 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 08:22:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/134598221.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/134598221.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/134598221.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=29CE3CC23378658A2A892EA4328D64C2; domain=.bing.com; expires=Tue, 19-Dec-2023 08:22:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6CD4E84F3B9F452E945427D2A550C75E Ref B: OSL30EDGE0113 Ref C: 2022-11-24T08:22:06Z
date: Thu, 24 Nov 2022 08:22:06 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/972491183/?random=1669278123473&cv=11&fst=1669276800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fnaadam.co%2F&tiba=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&fmt=3&is_vtc=1&random=3025782040&rmt_tld=0&ipr=y
142.250.74.164200 OK 644 B URL HTTP/2 www.google.com/pagead/1p-user-list/972491183/?random=1669278123473&cv=11&fst=1669276800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fnaadam.co%2F&tiba=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&fmt=3&is_vtc=1&random=3025782040&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type gzip compressed data, max compression\012- data
Hash 1ee517495fcf38b01df8589772429854
231ea6dd545c4489b75792b66c8f719a15492aad
0b063e548ae61b3adde20f7c7fd16a3bba43eb3220a775a4d837de846c38725f
GET /pagead/1p-user-list/972491183/?random=1669278123473&cv=11&fst=1669276800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fnaadam.co%2F&tiba=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&fmt=3&is_vtc=1&random=3025782040&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 08:22:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729
178.250.2.151302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729
IP 178.250.2.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:06 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 14652833
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
143.204.55.116200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP 143.204.55.116:0
File type ASCII text, with very long lines (778)
Hash db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f
GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0iCp4XB8esSDH-E8z8G1ptTXVl2Dn3cbSx3SlZmzi0EwWm5vPamchg==
age: 729695
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-46014150-1&ga_client_id=976980553.1669278124&shpt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-46014150-1%22%2C%22ga_client_id%22%3A%22976980553.1669278124%22%2C%22shpt%22%3A%22NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM%22%2C%22dcm_cid%22%3A%221669278123.1%22%2C%22dcm_gid%22%3A%22480836834.1669278126%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1669278123.1&dcm_gid=480836834.1669278126&dxver=4.0.0&shaid=33172&plh=https%3A%2F%2Fnaadam.co%2F&cb=39638522610294184term%3Dvalue&shcp=&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Cshopify%3Dtrue%2Ccriteo%3Dtrue
35.81.173.170200 OK 4.0 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-46014150-1&ga_client_id=976980553.1669278124&shpt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-46014150-1%22%2C%22ga_client_id%22%3A%22976980553.1669278124%22%2C%22shpt%22%3A%22NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM%22%2C%22dcm_cid%22%3A%221669278123.1%22%2C%22dcm_gid%22%3A%22480836834.1669278126%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1669278123.1&dcm_gid=480836834.1669278126&dxver=4.0.0&shaid=33172&plh=https%3A%2F%2Fnaadam.co%2F&cb=39638522610294184term%3Dvalue&shcp=&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Cshopify%3Dtrue%2Ccriteo%3Dtrue
IP 35.81.173.170:0
Hash 3335f410af529c5e646e38c15ffa9e5a
04543cf3698613d48dc911c2f067340a2d9739e9
ca35052a83fa9e8d7b02430acda7df1e252c34f102e0c56f14fcfe4558b78ef7
GET /st?ga_tracking_id=UA-46014150-1&ga_client_id=976980553.1669278124&shpt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-46014150-1%22%2C%22ga_client_id%22%3A%22976980553.1669278124%22%2C%22shpt%22%3A%22NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM%22%2C%22dcm_cid%22%3A%221669278123.1%22%2C%22dcm_gid%22%3A%22480836834.1669278126%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1669278123.1&dcm_gid=480836834.1669278126&dxver=4.0.0&shaid=33172&plh=https%3A%2F%2Fnaadam.co%2F&cb=39638522610294184term%3Dvalue&shcp=&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Cshopify%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 08:22:06 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=15691bc6-6bd1-11ed-99d4-33b9f4663e79;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 57fe3d4356c31ba3e085b89c26122bd7
72becc4365b3657a33d2db6b79e93ba9a7245995
b8c5cafb215f66f50d1779b364839b90d78bf6155ef0476a2b64509f7a944a52
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105473
Date: Thu, 24 Nov 2022 08:22:07 GMT
Etag: "637e1981-1d7"
Expires: Fri, 25 Nov 2022 13:40:00 GMT
Last-Modified: Wed, 23 Nov 2022 13:00:49 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fDcm-1irpNv0Zz1SaX5HRWq-4iE7EzUwWziv08CxBwmgTyn-UtsIjg==
Age: 2351
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 57fe3d4356c31ba3e085b89c26122bd7
72becc4365b3657a33d2db6b79e93ba9a7245995
b8c5cafb215f66f50d1779b364839b90d78bf6155ef0476a2b64509f7a944a52
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103402
Date: Thu, 24 Nov 2022 08:22:07 GMT
Etag: "637e1981-1d7"
Expires: Fri, 25 Nov 2022 13:05:29 GMT
Last-Modified: Wed, 23 Nov 2022 13:00:49 GMT
Server: ECS (dcb/7FA8)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W7DuxsgJTdGgkShHMpMYgJaIy8374SHO9of2ZT3og1MzjDaFajp8lA==
Age: 280
p.yotpo.com/i?e=pv&page=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&se_va=MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc&cx=eyJwdl91dWlkIjo3NjQxNjM0MjB9&dtm=1669278125892&tid=289609&vp=1280x939&ds=1268x5709&vid=1&duid=207012e28b4e1f2c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fnaadam.co%2F
3.9.241.244200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=pv&page=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&se_va=MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc&cx=eyJwdl91dWlkIjo3NjQxNjM0MjB9&dtm=1669278125892&tid=289609&vp=1280x939&ds=1268x5709&vid=1&duid=207012e28b4e1f2c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fnaadam.co%2F
IP 3.9.241.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=pv&page=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&se_va=MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc&cx=eyJwdl91dWlkIjo3NjQxNjM0MjB9&dtm=1669278125892&tid=289609&vp=1280x939&ds=1268x5709&vid=1&duid=207012e28b4e1f2c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fnaadam.co%2F HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:07 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=7c097801-3126-40fc-5701-1628092da3fb; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 25 Nov 2022 08:22:07 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
p.yotpo.com/i?e=se&se_ca=dedicated_page&se_ac=loaded&se_va=MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc&cx=eyJwdl91dWlkIjo3NjQxNjM0MjAsImxheW91dCI6ImNhcm91c2VsIiwiYWxidW1fdHlwZSI6ImN1c3RvbSIsImFsYnVtX2lkIjoibm9uZSIsImdhbGxlcnlfaWQiOiI2MGVjNDRhNzE5Y2Y4NDc1MmQ4YzI4NzUiLCJudW1fb2ZfaW1hZ2VzX3RvX2Rpc3BsYXkiOjUsImhhc192aWRlbyI6ZmFsc2V9&dtm=1669278126254&tid=980401&vp=1280x939&ds=1268x5743&vid=1&duid=207012e28b4e1f2c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fnaadam.co%2F
3.9.241.244200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=se&se_ca=dedicated_page&se_ac=loaded&se_va=MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc&cx=eyJwdl91dWlkIjo3NjQxNjM0MjAsImxheW91dCI6ImNhcm91c2VsIiwiYWxidW1fdHlwZSI6ImN1c3RvbSIsImFsYnVtX2lkIjoibm9uZSIsImdhbGxlcnlfaWQiOiI2MGVjNDRhNzE5Y2Y4NDc1MmQ4YzI4NzUiLCJudW1fb2ZfaW1hZ2VzX3RvX2Rpc3BsYXkiOjUsImhhc192aWRlbyI6ZmFsc2V9&dtm=1669278126254&tid=980401&vp=1280x939&ds=1268x5743&vid=1&duid=207012e28b4e1f2c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fnaadam.co%2F
IP 3.9.241.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=se&se_ca=dedicated_page&se_ac=loaded&se_va=MWkjQJo4CoaqskhffvqEQcWH5n0Cv2PWuIFM8ZSc&cx=eyJwdl91dWlkIjo3NjQxNjM0MjAsImxheW91dCI6ImNhcm91c2VsIiwiYWxidW1fdHlwZSI6ImN1c3RvbSIsImFsYnVtX2lkIjoibm9uZSIsImdhbGxlcnlfaWQiOiI2MGVjNDRhNzE5Y2Y4NDc1MmQ4YzI4NzUiLCJudW1fb2ZfaW1hZ2VzX3RvX2Rpc3BsYXkiOjUsImhhc192aWRlbyI6ZmFsc2V9&dtm=1669278126254&tid=980401&vp=1280x939&ds=1268x5743&vid=1&duid=207012e28b4e1f2c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fnaadam.co%2F HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:07 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=f03921b7-e516-4552-78e5-3f0a37636482; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 25 Nov 2022 08:22:07 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 7166a2da0cee5aae6ba9d83a2ad45d67
90e7c5033563e4c5e682c1f3d012a447169ffd81
de07d0192a185aea71cf5bb1fab9d2c339b1983ab44fd0efd8e99f60579ea895
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5597
Cache-Control: max-age=161631
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:07 GMT
Etag: "637ee831-138"
Expires: Sat, 26 Nov 2022 05:15:58 GMT
Last-Modified: Thu, 24 Nov 2022 03:42:41 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
www.facebook.com/tr/?id=1329054443868128&ev=PageView&dl=https%3A%2F%2Fnaadam.co%2F&rl=&if=false&ts=1669278127003&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22140388094861902%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22492558395373116%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22500949154528501%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22617867715849408%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22339650151097216%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22324640035872817%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669278127002.84451765&it=1669278125850&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1329054443868128&ev=PageView&dl=https%3A%2F%2Fnaadam.co%2F&rl=&if=false&ts=1669278127003&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22140388094861902%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22492558395373116%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22500949154528501%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22617867715849408%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22339650151097216%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22324640035872817%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669278127002.84451765&it=1669278125850&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1329054443868128&ev=PageView&dl=https%3A%2F%2Fnaadam.co%2F&rl=&if=false&ts=1669278127003&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22140388094861902%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22492558395373116%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22500949154528501%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22617867715849408%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22339650151097216%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22324640035872817%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669278127002.84451765&it=1669278125850&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 08:22:07 GMT
X-Firefox-Spdy: h2
gs.mountain.com/gs
52.12.117.226200 OK 144 B IP 52.12.117.226:0
File type ASCII text, with no line terminators
Hash e51b96c76bb4f1326e9baf070ae591a7
925f8a8394a2844b9ff4b7abc66c613e9fb5e042
0aa39f6f827d3c2051514e55c9a3886931aa75b8cac372e67141690a58654c9b
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Cookie: guid=15691bc6-6bd1-11ed-99d4-33b9f4663e79
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 08:22:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=UA-46014150-1&ga_client_id=976980553.1669278124&shpt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-46014150-1%22%2C%22ga_client_id%22%3A%22976980553.1669278124%22%2C%22shpt%22%3A%22NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM%22%2C%22dcm_cid%22%3A%221669278123.1%22%2C%22dcm_gid%22%3A%22480836834.1669278126%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1669278123.1&dcm_gid=480836834.1669278126&dxver=4.0.0&shaid=33172&plh=https%3A%2F%2Fnaadam.co%2F&shcp=&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Cshopify%3Dtrue%2Ccriteo%3Dtrue&cb=1669278126990174&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669278127690
35.81.173.170200 OK 1.4 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-46014150-1&ga_client_id=976980553.1669278124&shpt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-46014150-1%22%2C%22ga_client_id%22%3A%22976980553.1669278124%22%2C%22shpt%22%3A%22NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM%22%2C%22dcm_cid%22%3A%221669278123.1%22%2C%22dcm_gid%22%3A%22480836834.1669278126%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1669278123.1&dcm_gid=480836834.1669278126&dxver=4.0.0&shaid=33172&plh=https%3A%2F%2Fnaadam.co%2F&shcp=&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Cshopify%3Dtrue%2Ccriteo%3Dtrue&cb=1669278126990174&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669278127690
IP 35.81.173.170:0
Hash 3b2fae70abb6965f009d55caefc3e948
2c1a439196b157d2285348b4eed81f87d24fa8f6
9195ca1472c9fb609c8081810fa2a63a23938351b31088e68b064c1533410058
GET /st?ga_tracking_id=UA-46014150-1&ga_client_id=976980553.1669278124&shpt=NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-46014150-1%22%2C%22ga_client_id%22%3A%22976980553.1669278124%22%2C%22shpt%22%3A%22NAADAM%20%7C%20Sustainable%20Mongolian%20Cashmere%20Clothing%C2%A0%E2%80%93%20NAADAM%22%2C%22dcm_cid%22%3A%221669278123.1%22%2C%22dcm_gid%22%3A%22480836834.1669278126%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1669278123.1&dcm_gid=480836834.1669278126&dxver=4.0.0&shaid=33172&plh=https%3A%2F%2Fnaadam.co%2F&shcp=&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Cshopify%3Dtrue%2Ccriteo%3Dtrue&cb=1669278126990174&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669278127690 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Cookie: guid=15691bc6-6bd1-11ed-99d4-33b9f4663e79
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 08:22:08 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtW8guKNzY2NDeKN7IwtlCyMtBBEjG3NAaLICswNDOzNDK3MATyLE10lMqUrIxqAf3T1NlGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzMxNzI6MTY2OTI3ODEyOA==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=15691bc6-6bd1-11ed-99d4-33b9f4663e79;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70c46dc76f349062e9ac40ea37639c2a
85afd81252292f380845502603fe113e3f48b326
35436bb7254a4301b041897812efc0b4673c7e920e9a098a328c0987c16780b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35436BB7254A4301B041897812EFC0B4673C7E920E9A098A328C0987C16780B0"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7977
Expires: Thu, 24 Nov 2022 10:35:06 GMT
Date: Thu, 24 Nov 2022 08:22:09 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-7FL89Tueu14NUk49bbHjnZeyguxdNpuMciMeCA
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-7FL89Tueu14NUk49bbHjnZeyguxdNpuMciMeCA
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-7FL89Tueu14NUk49bbHjnZeyguxdNpuMciMeCA HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 24 Nov 2022 08:22:08 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70c46dc76f349062e9ac40ea37639c2a
85afd81252292f380845502603fe113e3f48b326
35436bb7254a4301b041897812efc0b4673c7e920e9a098a328c0987c16780b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35436BB7254A4301B041897812EFC0B4673C7E920E9A098A328C0987C16780B0"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7977
Expires: Thu, 24 Nov 2022 10:35:06 GMT
Date: Thu, 24 Nov 2022 08:22:09 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9c9fcc8a4e3c5f2bd5bff5d33385dc76
ce22c8ddf0fa1f3118db865d0cf01e003ca3d091
c1c33db8d78970ab2f7be07deac1c36824404180c8737c107bb44eec386a4d49
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163239
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637efea6-1d7"
Expires: Sat, 26 Nov 2022 05:42:48 GMT
Last-Modified: Thu, 24 Nov 2022 05:18:30 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HaLN3xmHRBUh_CpVZS3EH1Mjb_TkJeRVkFs6fQvS4bmH3HsgunbUUQ==
Age: 1458
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:08 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 536981
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c289bcb2d22c912d781279e16dd9ea30
3cae3ea21540f9bcf1998f7cea7844bf7c33bd69
aff014398aa6e2cab3e595b33dc536e596124078d09a6c55c0fe8465aa42480a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: max-age=135835
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e8749-118"
Expires: Fri, 25 Nov 2022 22:06:04 GMT
Last-Modified: Wed, 23 Nov 2022 20:49:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-24Te-Tueu14NUk49bbHjnZeyguwoZDgj--SMYA
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-24Te-Tueu14NUk49bbHjnZeyguwoZDgj--SMYA
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-24Te-Tueu14NUk49bbHjnZeyguwoZDgj--SMYA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3122797293580243000V10; Expires=Fri, 24 Nov 2023 08:22:09 GMT; domain=.media.net; Path=/;
data-c-ts=1669278129;Expires=Sat, 24 Dec 2022 08:22:09 GMT;path=/;domain=.media.net;
data-c=k-24Te-Tueu14NUk49bbHjnZeyguwoZDgj--SMYA~~3;Expires=Sat, 24 Dec 2022 08:22:09 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 24 Nov 2022 08:22:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:09 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw
142.250.74.2302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7dc2ed151e03e4137df60a42f0877704
812247c9b8c07b51b8a7abcec510999a83a64e4a
2119f32da3d1abffa1f7570e33b6f3db1d661434baecbde38a961526a06c9c8e
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm=&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw&google_tc=
date: Thu, 24 Nov 2022 08:22:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 08:37:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7dc2oTueu14NUk49bbHjnZeyguweXYogkKy9Qg
172.64.154.237302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7dc2oTueu14NUk49bbHjnZeyguweXYogkKy9Qg
IP 172.64.154.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-7dc2oTueu14NUk49bbHjnZeyguweXYogkKy9Qg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:09 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-7dc2oTueu14NUk49bbHjnZeyguweXYogkKy9Qg&C=1
cf-ray: 76f0bc33ebcbb518-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y38pseBnBnrsJctW5d1SxAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 24 Nov 2023 08:22:09 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1839; Path=/; Domain=casalemedia.com; Expires=Wed, 22 Feb 2023 08:22:09 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1839; Path=/; Domain=casalemedia.com; Expires=Wed, 22 Feb 2023 08:22:09 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRITTpTX%2B06HmuED7Xx4ORl9P8qPy%2Fm9DKDBPy7OioumXuFmOiXtdG46dCx%2BFc7Yd6mKzZ7KNc4svXItLKz7mYxba8TEnbHbHTIm7qO4WN%2BcAfcnT%2BZ7Q%2BkzyuB8N5OSE9T%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6106238b7557ccdfb37e30571a4cddd0
f8c6aa9837f33318ce05482e9a8b63746437710b
7fefccd99a48308cee65aac1de81f007c46cc0770be346529b9a7724470bc154
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6233
Cache-Control: max-age=152922
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637ec3b2-1d7"
Expires: Sat, 26 Nov 2022 02:50:51 GMT
Last-Modified: Thu, 24 Nov 2022 01:06:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 269daeccc73eda2c3691db3dc5efbbb4
16d9fd5c3a5451574f8786bf64cb5b40fd03cd68
5f6df29fc9a421a3aa07c9358a46a6312bffbe219aafd4132d9ab38c4fb0e0be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=119556
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e424a-138"
Expires: Fri, 25 Nov 2022 17:34:45 GMT
Last-Modified: Wed, 23 Nov 2022 15:54:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.211.116307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 08:22:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 95ab0060-9b4c-4da5-844a-3bad8d49db92
Set-Cookie: uuid2=8040794532968356980; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 08:22:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c289bcb2d22c912d781279e16dd9ea30
3cae3ea21540f9bcf1998f7cea7844bf7c33bd69
aff014398aa6e2cab3e595b33dc536e596124078d09a6c55c0fe8465aa42480a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: max-age=135835
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e8749-118"
Expires: Fri, 25 Nov 2022 22:06:04 GMT
Last-Modified: Wed, 23 Nov 2022 20:49:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5nKRbjueu14NUk49bbHjnZeyguymMdpSo0_dsw&expires=30
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5nKRbjueu14NUk49bbHjnZeyguymMdpSo0_dsw&expires=30
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-5nKRbjueu14NUk49bbHjnZeyguymMdpSo0_dsw&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 2eb7d209ab67664d6226c75331547ba1
Content-Type: image/gif
ad.yieldlab.net/m?dt_id=8664&ext_id=k-CSfExDueu14NUk49bbHjnZeyguyXKE1LJ5Qu5g
23.61.208.154204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-CSfExDueu14NUk49bbHjnZeyguyXKE1LJ5Qu5g
IP 23.61.208.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-CSfExDueu14NUk49bbHjnZeyguyXKE1LJ5Qu5g HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 23 Nov 2022 08:22:09 GMT
Date: Thu, 24 Nov 2022 08:22:09 GMT
Connection: keep-alive
Set-Cookie: id=6c16e845-cc3d-4630-81b5-ec8ff99d5d00; Path=/; Domain=yieldlab.net; Expires=Fri, 24-Nov-2023 08:22:09 GMT; Max-Age=31536000; Secure; SameSite=None
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-yLSrKjueu14NUk49bbHjnZeyguyhW60uxW9tUQ
185.86.139.113200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-yLSrKjueu14NUk49bbHjnZeyguyhW60uxW9tUQ
IP 185.86.139.113:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-yLSrKjueu14NUk49bbHjnZeyguyhW60uxW9tUQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 24 Nov 2022 08:22:09 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=4808414521909655203; expires=Sun, 24 Dec 2023 08:22:09 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 24 Dec 2023 08:22:09 GMT; domain=smartadserver.com; path=/
csync=79:k-yLSrKjueu14NUk49bbHjnZeyguyhW60uxW9tUQ; expires=Fri, 24 Nov 2023 08:22:09 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
criteo-sync.teads.tv/um?eid=80&uid=k-n570Gjueu14NUk49bbHjnZeygux4kDaoVEE_TA
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-n570Gjueu14NUk49bbHjnZeygux4kDaoVEE_TA
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-n570Gjueu14NUk49bbHjnZeygux4kDaoVEE_TA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Thu, 24 Nov 2022 08:22:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:09 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm=&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw&google_tc=
142.250.74.2302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm=&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw&google_tc=
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5ca95c46bda70224eed6f460c67b7604
aec23eb5c54671ad008fa44f07924a1c36dfa66a
0708cbbc71690e71970ff3e0fcd0eed6e22962e4c5ba5875cbb64e5e223bc45f
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_cm=&google_hm=ay1PVElrLXp1ZXUxNE5VazQ5YmJIam5aZXlndXpUTnVmcHRhRkZWZw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_error=3
date: Thu, 24 Nov 2022 08:22:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.211.116302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 08:22:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 58ba49fa-f37e-4612-953e-cbd1437917ad
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 268dba7e088444ec60a00e22179bb279
9f0e2354da358bd889ac182941c7d534c14fcbad
10a56e73a9bcda9a3939f262316d4ad67a7e68cf980491dbae3d732ef7642c13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5391
Cache-Control: max-age=115333
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e3427-1d7"
Expires: Fri, 25 Nov 2022 16:24:22 GMT
Last-Modified: Wed, 23 Nov 2022 14:54:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8f95964d3de7b251291347f52eadc0fa
c39a42df4a24153b8f2aac828f8e30f9a724fc1a
612438addb46ea6b3edae579f938eeca02b8d5a96b1db38e237fa28bf27745fe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150774
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637ebcbb-1d7"
Expires: Sat, 26 Nov 2022 02:15:03 GMT
Last-Modified: Thu, 24 Nov 2022 00:37:15 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mxS-Zfs2G2H65v2-DN1VlFa5dELG-n92wBboPhGyYMrJh9JlJofjcA==
Age: 5868
cm.adform.net/pixel?adform_pid=15&adform_pc=k-Ll6yYDueu14NUk49bbHjnZeyguxURMM8vbu_5Q
37.157.5.141200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-Ll6yYDueu14NUk49bbHjnZeyguxURMM8vbu_5Q
IP 37.157.5.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-Ll6yYDueu14NUk49bbHjnZeyguxURMM8vbu_5Q HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
etag: "6377b780-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.2.151200 OK 514 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.2.151:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45ec1a3d5b6165416f89b47ee7eeb977
4e693245a9a63b35cd3f98cf027aef1bee23b74e
c54a3f354b495fe1512ba317684dee19dbb0db9da6d1266cd0b597ba9ad24acd
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 430160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c10f8c32732eb516be8f42938d780535
e9f55071168dde3f1667e1b6630905d3bf95c863
3008b69ea6d7683eeb50576aaea94cf9c1f5fd0542dadd28f4309891e2165bb7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164832
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637efa7e-1d7"
Expires: Sat, 26 Nov 2022 06:09:21 GMT
Last-Modified: Thu, 24 Nov 2022 05:00:46 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AmHWWPNtDE_aSJD5DtwWOzW804JH3qHdHOdpu52YKd0HIXW8CGPfbQ==
Age: 4115
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3484eada5513911745e2b13b40b9d72a
e23579aabf6452646a38233f4134f033ab3b7801
355c38e21503bdedf6b6970a67de17380a22663db03c3c595da93d6caf1aeeda
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2489
Cache-Control: max-age=93354
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637de9a2-1d7"
Expires: Fri, 25 Nov 2022 10:18:03 GMT
Last-Modified: Wed, 23 Nov 2022 09:36:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:09 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLEpf2MCEMi-qyK1KUkv8wJSYjEIShEFEgEBAQF7gGOJYwAAAAAA_eMAAA&S=AQAAAmYx3HKQOgq3CzGH-rq-2HI; Expires=Fri, 24 Nov 2023 14:22:09 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 2b1d0a1b09c7828ca398bb4abf25d22b
4ed7a379b33fe6bbabefce17f32b46e2aea29ca1
b9705a28d731d8644441f9dc2feabd646ad36fb57da4739f05ca8a686d92b1bd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109021
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e19a1-1d7"
Expires: Fri, 25 Nov 2022 14:39:10 GMT
Last-Modified: Wed, 23 Nov 2022 13:01:21 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BcxmwCmCyFxF-DoDyVzCXeuX2vBI8wKIrEtfRg1kGoTcPy_G_aywMg==
Age: 5869
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds5XYtMbH9xoCE5EepMwBGdeiWX5V40eKgSJ95UqIr1WpSFssERJArAbtuzSNenJnxhaOkSz2SGO30fjM7gY5pBrf5sBcdf
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 24 Nov 2022 05:53:53 GMT
expires: Thu, 24 Nov 2022 09:53:53 GMT
cache-control: public, max-age=14400
age: 8896
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fef181349a0dd9c4320c1fe7bbdce92b
338f720af51516010986d28d5b450f5fee08ad39
bb671ecb45dbfcd9216e90c5fa89ab966468b5979d091f62f4299185b314108d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 08:22:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:11:52 GMT
Expires: Wed, 30 Nov 2022 03:11:51 GMT
Etag: "338f720af51516010986d28d5b450f5fee08ad39"
Cache-Control: max-age=499181,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f0bc3598c10b51-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 86776344fc6dd826ff48ca2f315dec8a
23054ddd051e653c90cc3232bbe1ecb88820b29a
7a6a778b4a383d8385e3843a7fd1ad88a5e7182d5627740511dd2c83a6f264c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 08:22:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:56:48 GMT
Expires: Tue, 29 Nov 2022 13:56:47 GMT
Etag: "23054ddd051e653c90cc3232bbe1ecb88820b29a"
Cache-Control: max-age=451477,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f0bc34bfdbb4fd-OSL
naadam.co/
23.227.38.65200 OK 84 kB IP 23.227.38.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2029)
Hash d6e640541f4b482f5b3d0c334a57693d
67a7837acaa670fccfec9b4bdb36b5df2d34e4d5
c79e5b9f7a85c1a688314c6bbe12ddfbc4635f19c009ad92a3cdc8870c9cac2e
GET / HTTP/1.1
Host: naadam.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:02 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 95
x-sorting-hat-shopid: 3137821
x-storefront-renderer-rendered: 1
set-cookie: keep_alive=f77719cd-b8d1-4eb8-8275-97968ab987d2; path=/; expires=Thu, 24 Nov 2022 08:52:01 GMT; HttpOnly; SameSite=Lax
secure_customer_sig=; path=/; expires=Fri, 24 Nov 2023 08:22:02 GMT; secure; HttpOnly; SameSite=Lax
localization=US; path=/; expires=Fri, 24 Nov 2023 08:22:02 GMT; SameSite=Lax
cart_currency=USD; path=/; expires=Thu, 08 Dec 2022 08:22:02 GMT; SameSite=Lax
_orig_referrer=; Expires=Thu, 08-Dec-22 08:22:02 GMT; Domain=naadam.co; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F; Expires=Thu, 08-Dec-22 08:22:02 GMT; Domain=naadam.co; Path=/; HttpOnly; SameSite=Lax
_y=d32ed997-235a-46eb-9290-7b1e03cca4be; Expires=Fri, 24-Nov-23 08:22:02 GMT; Domain=naadam.co; Path=/; SameSite=Lax
_s=f202dfe9-185f-4102-93e9-866ee5b80aa6; Expires=Thu, 24-Nov-22 08:52:02 GMT; Domain=naadam.co; Path=/; SameSite=Lax
_shopify_y=d32ed997-235a-46eb-9290-7b1e03cca4be; Expires=Fri, 24-Nov-23 08:22:02 GMT; Domain=naadam.co; Path=/; SameSite=Lax
_shopify_s=f202dfe9-185f-4102-93e9-866ee5b80aa6; Expires=Thu, 24-Nov-22 08:52:02 GMT; Domain=naadam.co; Path=/; SameSite=Lax
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-alternate-cache-key: cacheable:858586e494e9f2084192f858a650d3a5
x-cache: miss
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 3137821
x-shardid: 95
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-north1,europe-west1,gcp-europe-west1
x-request-id: 9a1b5b74-7c4d-4600-922c-ef06c34c56a2
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcQJp40g1APsObJ6pmi33ML%2BD6mbb%2BINA%2BjbJ%2FqwBK5%2F4pfo1W5FXxY5yp6oX8brGWj4Mh5pal3BsKH2eJLGRmSeKuaYfON5MGsI7B%2BdGiW1pqGkcEOwEy9gHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f0bc01cec6b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server-timing: processing;dur=1656, db;dur=336, parse;dur=8, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=1894.000053, earlyhints
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8NhDiTueu14NUk49bbHjnZeyguwwrR9evghjxg
3.120.168.177204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8NhDiTueu14NUk49bbHjnZeyguwwrR9evghjxg
IP 3.120.168.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8NhDiTueu14NUk49bbHjnZeyguwwrR9evghjxg HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 08:22:09 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ebfc7cbd74089324a63ee2fbd512c436
4dd817c8cd4f918bd3bba8b4e9c7157f2d42e7b7
e0411c1f91e7f52f3be5fc42ef0b3778e4bd1c7e7bc17d669ce7b853e3fa3590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3107
Cache-Control: max-age=167796
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637f0a02-1d7"
Expires: Sat, 26 Nov 2022 06:58:45 GMT
Last-Modified: Thu, 24 Nov 2022 06:06:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=2711&xuid=k-Ekwwfzueu14NUk49bbHjnZeyguw0Hh2FKSJFVw&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-Ekwwfzueu14NUk49bbHjnZeyguw0Hh2FKSJFVw&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-Ekwwfzueu14NUk49bbHjnZeyguw0Hh2FKSJFVw&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-odMWNTueu14NUk49bbHjnZeyguzqBr-OP1Su8A&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 08:22:09 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLEpf2MCED4w1AKrgaltN2nDkG8qe5sFEgEBAQF7gGOJYwAAAAAA_eMAAA&S=AQAAAlSfjHb8RpbFoDFTu2Th4Lk; Expires=Fri, 24 Nov 2023 14:22:09 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-W5VU3jueu14NUk49bbHjnZeyguwIdGunMk8ulw&expires=30
3.123.160.250200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-W5VU3jueu14NUk49bbHjnZeyguwIdGunMk8ulw&expires=30
IP 3.123.160.250:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?dsp_id=46&user_id=k-W5VU3jueu14NUk49bbHjnZeyguwIdGunMk8ulw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-0Jf6Tzueu14NUk49bbHjnZeyguwbRzoTAZOmTg
185.255.84.153200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-0Jf6Tzueu14NUk49bbHjnZeyguwbRzoTAZOmTg
IP 185.255.84.153:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-0Jf6Tzueu14NUk49bbHjnZeyguwbRzoTAZOmTg HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=c01f8a16e6e143974d6bbc95092e5e80; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 08:22:09 GMT
content-length: 49
x-envoy-upstream-service-time: 9
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 011e73b89d6bdf43c0e777fd5b8f5b24
77355b677020497e8186c6d0ec057eff4a98baf2
180eb7521b0577e2a0bc09fd14806ea2492dd42ae9b80f0880927f41fb70721b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 08:22:09 GMT
Last-Modified: Thu, 24 Nov 2022 07:15:02 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cxknwWvVs_uFAH5yjO_UjOOtTzOqQif9jFQvlEHwC91ugu5ulMiNcg==
Age: 4027
dpm.demdex.net/ibs:dpid=28645&dpuuid=
54.76.115.10302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 54.76.115.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=51894814503933254074134604273222174685; Max-Age=15552000; Expires=Tue, 23 May 2023 08:22:09 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: rOI3qFB3Qo8=
Content-Length: 0
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-RZRNUjueu14NUk49bbHjnZeyguynrcc_WMgo4g
64.202.112.95200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-RZRNUjueu14NUk49bbHjnZeyguynrcc_WMgo4g
IP 64.202.112.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-RZRNUjueu14NUk49bbHjnZeyguynrcc_WMgo4g HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 08:22:09 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: f7c680a9e6dacac2030398dcb3d10c87
sync-criteo.ads.yieldmo.com/sync?id=k-8vENrzueu14NUk49bbHjnZeyguwTDVh-aHh5MA&pn_id=criteo&ext=1
54.220.128.66200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-8vENrzueu14NUk49bbHjnZeyguwTDVh-aHh5MA&pn_id=criteo&ext=1
IP 54.220.128.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-8vENrzueu14NUk49bbHjnZeyguwTDVh-aHh5MA&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g253f27f7c78e2182b54%7C1669278129694%7C0%7C; Domain=.yieldmo.com; Expires=Fri, 24-Nov-2023 08:22:09 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-8vENrzueu14NUk49bbHjnZeyguwTDVh-aHh5MA; Domain=ads.yieldmo.com; Expires=Fri, 24-Nov-2023 08:22:09 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
54.76.115.10200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 54.76.115.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0305a06ee.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: fT45/7mHTsw=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8d3e0eb4f3a8994c4afcc9bb03a1c8a9
66e7d69e546add93a8ca6d68f1ef818f8db18b77
fb0d91278a6f08f872b0e560a341edea1ce8a113954d005d6544d676c4ca966a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 08:22:09 GMT
Last-Modified: Thu, 24 Nov 2022 07:00:00 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 40mAEwluLp4r3jelszwipoWxEoq5MbfnYrcbFQwRbbvD_f_i-0fZAw==
Age: 4929
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FFdNZjueu14NUk49bbHjnZeyguwvBx93Tnh9ig
3.124.69.7302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FFdNZjueu14NUk49bbHjnZeyguwvBx93Tnh9ig
IP 3.124.69.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-FFdNZjueu14NUk49bbHjnZeyguwvBx93Tnh9ig HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-FFdNZjueu14NUk49bbHjnZeyguwvBx93Tnh9ig
set-cookie: tuuid=79705a1a-3f09-4094-afbb-15e7c40207ee; Expires=Wed, 22 Feb 2023 08:22:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1669278129; Expires=Wed, 22 Feb 2023 08:22:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d02dfe24b0202f2dfd0e9c7f9c0ac39c
2b1726db6a478ba4be534962023d6ea040ef97f2
e5c8e22666f4a56b30ee24e7ac6e67398c2dcaf3a4a5b290389ab4356d110694
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109216
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e24d1-1d7"
Expires: Fri, 25 Nov 2022 14:42:25 GMT
Last-Modified: Wed, 23 Nov 2022 13:49:05 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xNRjBq3vDo7CwuMMHLmS5i3lQhsRW23TL8gqNBvV5cKPU81fDodOSQ==
Age: 3200
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:08 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 944852
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 17db0540b8b1b217ecc40ac04ca22df1
fcad1201a44108d37ad5d9f4a7aaae73d5ae64f3
86571da159287acfdd6aa440095ba2b0e7cd230a81b2244727ebacdfee8ecd29
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164829
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637f0731-1d7"
Expires: Sat, 26 Nov 2022 06:09:18 GMT
Last-Modified: Thu, 24 Nov 2022 05:54:57 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v_sv01hsA-CNzoQ-R7k4cRX-07WFAguu8F_vHeftInguZCpsBthZMw==
Age: 861
addshoppers.s3.amazonaws.com/customize/636e7fab79d60f04e15e4e79/03cffbcb73c94d04a9a2dfbac104bfab.js?_t=1668422853
52.216.38.17200 OK 1.5 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/636e7fab79d60f04e15e4e79/03cffbcb73c94d04a9a2dfbac104bfab.js?_t=1668422853
IP 52.216.38.17:0
File type ASCII text, with very long lines (6457), with no line terminators
Hash 2003fe5ef67708c596ee585730713013
b47a27fa073aa536be272e55280a91529c270398
fbb67c94aa9d96744d4270fa97d2581cad761d0bbb851b2e68019b9ab0967148
GET /customize/636e7fab79d60f04e15e4e79/03cffbcb73c94d04a9a2dfbac104bfab.js?_t=1668422853 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: C2CWWwmuet24Q9KMcXI+BgQP18vnkWAk6MtSLajVdLO5YlUq580xqrHGl4Efskugad5yrOf5oTw=
x-amz-request-id: C10M49RHKAGJ1E1M
Date: Thu, 24 Nov 2022 08:22:10 GMT
Last-Modified: Mon, 14 Nov 2022 10:47:35 GMT
ETag: "2003fe5ef67708c596ee585730713013"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: TSKbcE3WJ_sZnE4gmb2OR2F8FIR_KU3n
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1518
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5b753ebdba4e80c55efd05607882ad08
91e2b4ba0593db19df1a1fb990ae8a1ba705d735
dff804a9c0e5394f731f419781b2f2a0ade62026ba4f80dca062cc0be90fa7c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2757
Cache-Control: max-age=102304
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 08:22:09 GMT
Etag: "637e0b8c-1d7"
Expires: Fri, 25 Nov 2022 12:47:13 GMT
Last-Modified: Wed, 23 Nov 2022 12:01:16 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter.scss.css?v=12321411537464873041669240181
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter.scss.css?v=12321411537464873041669240181
IP 162.159.135.68:0
GET /s/files/1/0313/7821/t/621/assets/bc-sf-filter.scss.css?v=12321411537464873041669240181 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-filter.scss.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 597af7e2-0ccc-452f-ba0b-22c844765fed
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Wed, 23 Nov 2022 21:49:44 GMT
cf-cache-status: HIT
age: 34414
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvmVy6GNQmFKSl6FS%2Ft%2BArnHxilNwE%2BGGzpK28JZwINuhH2VDFs8%2B%2FPhJUnTNbEq7H%2BD5xXvLK1pwNvSGmg%2F2VMZ9zYf%2B24gFh8QFQrTbSPG7jE1NPJDjFZD1zi3a8lWvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=480.815, imageryFetch;dur=30.192, imageryProcess;dur=444.107;desc="scss", cfRequestDuration;dur=79.999924
server: cloudflare
cf-ray: 76f0bc0e0bcf1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/main.min.css?v=19794065774050630611669240181
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/main.min.css?v=19794065774050630611669240181
IP 162.159.135.68:0
GET /s/files/1/0313/7821/t/621/assets/main.min.css?v=19794065774050630611669240181 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/main.min.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: e95583d1-b304-41ab-b48c-94a6f9690017
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 23 Nov 2022 21:49:44 GMT
cf-cache-status: HIT
age: 34414
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXKrHM3GH33bA5Mjnb6c4gduwUlgAsRV9n4e8kB%2F0hlk07IRv%2BE64ZaXEW0xLNUn7EBx6L8hSTfX6PRQjCpgFUPTZN1yDn6ccHboqUkpRwt%2FPBP5%2BkwhnEQ6H0UqNezW3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=37.141, imageryFetch;dur=36.973, cfRequestDuration;dur=11.999846
server: cloudflare
cf-ray: 76f0bc0e6c2a1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=yb2iw3m&ct=0:ohdtq7b&fmt=3
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=yb2iw3m&ct=0:ohdtq7b&fmt=3
IP 52.223.40.198:0
GET /track/evnt/?adv=yb2iw3m&ct=0:ohdtq7b&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:08 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn.myshopapps.com/iwish/iwishlist_v2.js
54.230.111.25200 OK 0 B URL HTTP/2 cdn.myshopapps.com/iwish/iwishlist_v2.js
IP 54.230.111.25:0
GET /iwish/iwishlist_v2.js HTTP/1.1
Host: cdn.myshopapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 12 Nov 2022 05:28:56 GMT
x-amz-version-id: SrhnwazPlh9OB8wUlJROPRwz_iRQ5Gun
server: AmazonS3
content-encoding: br
date: Sun, 20 Nov 2022 05:29:40 GMT
etag: W/"63f407c762c213c3a4bd59dd3133fbf4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WVhovGj_CpU8XqmEJPuS5YnyjX9H6vwreJoJVnbjm6IS5FjRYpO-qw==
age: 355964
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_error=3
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_error=3
IP 178.250.2.151:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OTIk-zueu14NUk49bbHjnZeyguzTNufptaFFVg&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 359196
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-l4vOETueu14NUk49bbHjnZeyguwcDGFJbLOFHA
54.224.7.6200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-l4vOETueu14NUk49bbHjnZeyguwcDGFJbLOFHA
IP 54.224.7.6:0
GET /sync?UICR=k-l4vOETueu14NUk49bbHjnZeyguwcDGFJbLOFHA HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906
IP 162.159.135.68:0
GET /shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naadam.co
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 2f67c775-22f4-46cb-a459-ca8598a05dbc
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Tue, 25 Oct 2022 19:43:38 GMT
cf-cache-status: HIT
age: 2539176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZ9Y%2FR902UE95O3JbW%2BLRxna5rKD8oz29ij4JZFzpANa%2BTby3X82rxroi%2BkMDqsFxuKiIn%2BHwD1tHLaEu4BaSSZ%2B1L0xnEusnHJdYGP6kq%2FqG27%2BftiuZfMlA%2Bduxml0cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=29.928, imageryFetch;dur=29.703, cfRequestDuration;dur=8.999825
server: cloudflare
cf-ray: 76f0bc0e1ca8b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7G8L4FB3D4VREVL30A0&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7G8L4FB3D4VREVL30A0&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C7G8L4FB3D4VREVL30A0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211240822035BF7B6D58246055FE62B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b448e7c8a6cd4adcc70925adaece0888ef236235d9bda6e200594f82f199d36b4e69b7d9b530fec36aea30650fbfd863a
content-encoding: gzip
expires: Thu, 24 Nov 2022 08:22:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 08:22:03 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
x-origin-response-time: 99,23.36.79.28
x-akamai-request-id: 4c48015d
X-Firefox-Spdy: h2
cdn.attn.tv/naadam/dtag.js
143.204.55.4200 OK 0 B URL HTTP/2 cdn.attn.tv/naadam/dtag.js
IP 143.204.55.4:0
GET /naadam/dtag.js HTTP/1.1
Host: cdn.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Sep 2022 18:38:58 GMT
x-amz-version-id: QKhzI_RigRIVOUYvunmb6mXS7eoMrGsP
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Nov 2022 08:22:05 GMT
cache-control: public, max-age=120
etag: W/"83cda1722077f45bfbd6046a10c937d5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZsxgDVDFruqXTHhGPN1t4kwquPnkUqr0rFkzcsVc5WqKakxUEgPBbg==
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729
74.119.119.150200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729
IP 74.119.119.150:0
GET /event?a=52689&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-gd&p3=e%3Ddis&adce=1&bundle=nhocll9PeDNkSkpXeUUwVzNjZTVQamVFUndGaHV4TkFkVUJnNm1qUTNyU0ZiV1pwR3JyU1NyTzhJYWM3cnJlSXhPVVREQWRQajUzeWlOWFNnJTJGMjRud1FMZ3BhZm1IOVZzb2xvZnVKRnE2MDltZERSc3dvRWpRMFJwQVNvdnBBbnh4RG5Zbncza0Z1Q3Z2SVFIRENVcGVIWmFrQSUzRCUzRA&tld=naadam.co&dy=1&fu=https%253A%252F%252Fnaadam.co%252F&dtycbr=91729 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:06 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 15037857
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-LKXRwjueu14NUk49bbHjnZeyguw9maYrBqNmUAuUJewehzsR
18.196.96.69200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-LKXRwjueu14NUk49bbHjnZeyguw9maYrBqNmUAuUJewehzsR
IP 18.196.96.69:0
GET /usersync/push?partner=criteo&partnerId=k-LKXRwjueu14NUk49bbHjnZeyguw9maYrBqNmUAuUJewehzsR HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:09 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2216bbd9a0-6bd1-11ed-aca5-d91c2ac00154%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 08:22:09 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2216bbd9a0-6bd1-11ed-aca5-d91c2ac00154%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 08:22:09 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2216bbd9a0-6bd1-11ed-aca5-d91c2ac00154%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 08:22:09 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2216bbd9a0-6bd1-11ed-aca5-d91c2ac00154%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 08:22:09 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-LKXRwjueu14NUk49bbHjnZeyguw9maYrBqNmUAuUJewehzsR%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 08 Dec 2022 08:22:09 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1760717.js?sv=6
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1760717.js?sv=6
IP 143.204.55.37:0
GET /c/hotjar-1760717.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 24 Nov 2022 08:21:38 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/34a87b2e5526fd478fb4cff7af1bb264
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: byOWbF3LD2fyjIjpWEibT9WvdjAtZ-ur5LzfrBZiOOwUPnoZ6XDOXA==
age: 27
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/main.js?v=128324184492949033201668718103
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/main.js?v=128324184492949033201668718103
IP 162.159.135.68:0
GET /s/files/1/0313/7821/t/621/assets/main.js?v=128324184492949033201668718103 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/main.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 04e9559e-16c6-481e-8939-34301bc7930b
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Thu, 17 Nov 2022 20:48:25 GMT
cf-cache-status: HIT
age: 559608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bl%2FDva62WArxr11WcYziowu0%2B%2BovvTa2T809CrnGaGH0CH24WpC44Fl4Gl6S33iMIqObW3vHWF3Y3u38IURzNWm33dARaONh3sMicwZ6fJ%2Fs0InzL5D5g%2F2bznqmvkPbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=41.504, imageryFetch;dur=27.854, cfRequestDuration;dur=10.999918
server: cloudflare
cf-ray: 76f0bc0e4c061c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-search.js?v=109833092603589082761638480223
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-search.js?v=109833092603589082761638480223
IP 162.159.135.68:0
GET /s/files/1/0313/7821/t/621/assets/bc-sf-search.js?v=109833092603589082761638480223 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0313/7821/t/621/assets/bc-sf-search.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: f2426bab-3513-4c7b-a92c-d7528620cd55
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 05:59:30 GMT
cf-cache-status: HIT
age: 7780247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yTDFLEeC%2FO4NG%2Bd18nn7iVrumDVcqkG5HhCAN90%2FNpnRHIlSw5peOR%2BpXqfjVoG4MzKQ5fYapMHVEV0L8KNR6Yxu6cLJJZfIGr%2F3oUVB5tzi5oBs6NB0bnCG58y59ZL%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=96.478, imageryFetch;dur=95.791, cfRequestDuration;dur=14.000177
server: cloudflare
cf-ray: 76f0bc0e4c0d1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js
104.16.122.175302 Found 0 B URL HTTP/2 unpkg.com/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js
IP 104.16.122.175:0
GET /@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 08:22:03 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@loophq/onstore-sdk@1.0.13/dist/loop-onstore-sdk.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJMBH5MMJT6CKRE6G6E1PHFP-fra
cf-cache-status: HIT
age: 143
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f0bc0ead071bfa-OSL
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.209200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.209:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93198
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=52689
178.250.0.147200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=52689
IP 178.250.0.147:0
GET /js/ld/ld.js?a=52689 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naadam.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:05 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.107200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.107:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 08:22:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 78596
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
app.zest.co/api/shopify/available?shopId=naadamcashmere.myshopify.com
76.76.21.123200 OK 0 B URL HTTP/2 app.zest.co/api/shopify/available?shopId=naadamcashmere.myshopify.com
IP 76.76.21.123:0
GET /api/shopify/available?shopId=naadamcashmere.myshopify.com HTTP/1.1
Host: app.zest.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naadam.co/
Origin: https://naadam.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: *
age: 461
cache-control: public
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
content-type: application/json; charset=utf-8
date: Thu, 24 Nov 2022 08:14:22 GMT
etag: W/"10d7-0QDPbvXZGEEZADWThjgYSkxO63E"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-matched-path: /api/shopify/available
x-vercel-cache: HIT
x-vercel-id: arn1::iad1::85pn6-1669278124407-6facfc3fcba3
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://cdn.segment.com https://cdn.mxpnl.com https://edge.fullstory.com https://rs.fullstory.com https://browser.sentry-cdn.com https://client.crisp.chat; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://client.crisp.chat; object-src 'self'; base-uri 'self'; connect-src 'self' https://*.supabase.co https://*.myshopify.com https://*.sentry.io https://vitals.vercel-insights.com https://maps.googleapis.com https://cdn.segment.com https://api.segment.io https://edge.fullstory.com https://rs.fullstory.com https://api-js.mixpanel.com https://client.crisp.chat wss://client.relay.crisp.chat; font-src 'self' https://fonts.gstatic.com https://client.crisp.chat; frame-src 'self' https://www.loom.com; img-src 'self' data: https://*.supabase.co https://cdn.shopify.com https://cdn.loom.com https://image.crisp.chat https://client.crisp.chat; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-cy4B1Dueu14NUk49bbHjnZeyguzcPiBSvnHkNQ
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-cy4B1Dueu14NUk49bbHjnZeyguzcPiBSvnHkNQ
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-cy4B1Dueu14NUk49bbHjnZeyguzcPiBSvnHkNQ HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 08:22:09 GMT
x-fastly-to-nlb-rtt: 21920
access-control-allow-credentials: true
X-Firefox-Spdy: h2