r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18775
Expires: Sun, 15 Jan 2023 09:40:14 GMT
Date: Sun, 15 Jan 2023 04:27:19 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13183
Expires: Sun, 15 Jan 2023 08:07:02 GMT
Date: Sun, 15 Jan 2023 04:27:19 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5301
Expires: Sun, 15 Jan 2023 05:55:40 GMT
Date: Sun, 15 Jan 2023 04:27:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 03:42:05 GMT
content-type: application/json
age: 2714
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WjG34kEqpJWtUAGJmtG3Qa3L9koFPK7dwpuwQbCkqtFZ2ABuxjnGVUJdd7efd3yPR3dp76Gf1xsAqnIt5MpHXw==
x-amz-request-id: BCCVMNJ30CYCHEWG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 03:44:00 GMT
age: 2599
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:27:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
199.34.228.57200 OK 24 kB URL HTTP/1.1 www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
IP 199.34.228.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42953)
Hash 0ac2f648aa61e3bb2799939ce0a4d67a
5f42a8f03e849dd2ad098d8c715a0d84c59c56e9
5c48d169ea69e647e244767739b90847e75238395a8bb4a6e621ecbd66f06466
GET /my-attempt-at-blogging/november-23rd-2012 HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:19 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: language=en; expires=Sun, 29-Jan-2023 04:27:19 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"09c2283e39a07c53f4b10896a1d04135-gzip"
Content-Encoding: gzip
X-Host: grn30.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 23976
Keep-Alive: timeout=10, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.106200 OK 471 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.106:0
Hash 0c25875b36f3fb245e7c2fd59057d479
8135703d160ed58535e2bc51db78aefb9a8b3907
a4b87ce4891dff7fbf8e40b1ed386c531b7488b23a9cd07d8b2ccd63c7d1d945
GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 15 Jan 2023 04:27:19 GMT
Date: Sun, 15 Jan 2023 04:27:19 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn2.editmysite.com/css/old/fancybox.css?1645834000
151.101.1.46200 OK 1.2 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/fancybox.css?1645834000
IP 151.101.1.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1645834000 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 12 Jan 2023 01:36:55 GMT
ETag: "63bf6437-f47"
Expires: Thu, 26 Jan 2023 11:14:05 GMT
Cache-Control: max-age=1209600
X-Host: grn52.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 234794
X-Served-By: cache-sjc10075-SJC, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 37, 1
X-Timer: S1673756840.999521,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.googleapis.com/css?family=Gudea:400,700,400italic&subset=latin,latin-ext
142.250.74.106200 OK 400 B URL HTTP/1.1 fonts.googleapis.com/css?family=Gudea:400,700,400italic&subset=latin,latin-ext
IP 142.250.74.106:0
Hash 441605b3cdc18081785ad26f1f385787
393cf4bf694f1fbb93fbbaba17fc55c39aedb46c
413ba34609c5cca354dd6413fa96b4512612275385e19a480ec3b04d7aca6d6f
GET /css?family=Gudea:400,700,400italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 15 Jan 2023 04:27:19 GMT
Date: Sun, 15 Jan 2023 04:27:19 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1673386455
151.101.1.46200 OK 17 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1673386455
IP 151.101.1.46:0
File type ASCII text, with very long lines (32011)
Hash e32a0ae988b9f1c9de6f0f70bfa0ffbd
c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
GET /js/site/commerce-core.js?buildTime=1673386455 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17388
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 21:19:49 GMT
ETag: "63bdd675-f57e"
Expires: Tue, 24 Jan 2023 21:37:07 GMT
Cache-Control: max-age=1209600
X-Host: blu38.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:19 GMT
Age: 370213
X-Served-By: cache-sjc10079-SJC, cache-bma1646-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 33, 2
X-Timer: S1673756840.999668,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1645834000&
151.101.1.46200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1645834000&
IP 151.101.1.46:0
File type ASCII text, with very long lines (65024)
Hash db51c112ec84c20205d2bb0c609b12bb
95145a5ca01c0c404f9143b25f22b93a15e7fa3f
2136f467e2f6295a5978f160521626ee3b2295ed3611e5a6750869dfe37c236e
GET /js/lang/en/stl.js?buildTime=1645834000& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32827
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 09 Jan 2023 15:03:37 GMT
ETag: "63bc2cc9-2c2a4"
Expires: Tue, 24 Jan 2023 10:13:25 GMT
Cache-Control: max-age=1209600
X-Host: grn44.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 411235
X-Served-By: cache-sjc10035-SJC, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 36, 1
X-Timer: S1673756840.999812,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/sites.css?buildTime=1673386455
151.101.1.46200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/css/sites.css?buildTime=1673386455
IP 151.101.1.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1673386455 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 10 Jan 2023 21:19:27 GMT
ETag: W/"63bdd65f-347ac"
Expires: Tue, 24 Jan 2023 21:37:07 GMT
Cache-Control: max-age=1209600
X-Host: blu153.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:19 GMT
Age: 370213
X-Served-By: cache-sjc10047-SJC, cache-bma1641-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 40, 1
X-Timer: S1673756840.999253,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 12 Jan 2023 13:44:41 GMT
Expires: Fri, 12 Jan 2024 13:44:41 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 225758
cdn2.editmysite.com/fonts/Lilly/font.css?2
151.101.1.46200 OK 129 B URL HTTP/1.1 cdn2.editmysite.com/fonts/Lilly/font.css?2
IP 151.101.1.46:0
Hash 607fd4b159697383b25b4f2578dc1ae1
0a838a0ed2935d63ee2f1ed8d3fc64dbff407d7f
9937d14ce6cad708c3022aab1e77fa3726ce206146b94622599f7e2d812466d4
GET /fonts/Lilly/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 129
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 10 Jan 2023 18:07:38 GMT
ETag: "63bda96a-a2"
Expires: Fri, 27 Jan 2023 10:51:53 GMT
Cache-Control: max-age=1209600
X-Host: grn78.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 149726
X-Served-By: cache-sjc10082-SJC, cache-bma1665-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 42, 1
X-Timer: S1673756840.001100,VS0,VE4
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1673386455&
151.101.1.46200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1673386455&
IP 151.101.1.46:0
File type ASCII text, with very long lines (65024)
Hash db51c112ec84c20205d2bb0c609b12bb
95145a5ca01c0c404f9143b25f22b93a15e7fa3f
2136f467e2f6295a5978f160521626ee3b2295ed3611e5a6750869dfe37c236e
GET /js/lang/en/stl.js?buildTime=1673386455& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32827
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 21:16:55 GMT
ETag: "63bdd5c7-2c2a4"
Expires: Tue, 24 Jan 2023 21:37:06 GMT
Cache-Control: max-age=1209600
X-Host: blu122.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 370213
X-Served-By: cache-sjc10064-SJC, cache-bma1646-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 1
X-Timer: S1673756840.017556,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/site/main.js?buildTime=1673386455
151.101.1.46200 OK 146 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main.js?buildTime=1673386455
IP 151.101.1.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1673386455 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 21:19:49 GMT
ETag: "63bdd675-74804"
Expires: Tue, 24 Jan 2023 21:37:07 GMT
Cache-Control: max-age=1209600
X-Host: grn149.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 370213
X-Served-By: cache-sjc10058-SJC, cache-bma1620-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5, 1
X-Timer: S1673756840.999845,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.triflesntreasures.com/files/templateArtifacts.js?1645937657
199.34.228.57200 OK 1.6 kB URL HTTP/1.1 www.triflesntreasures.com/files/templateArtifacts.js?1645937657
IP 199.34.228.57:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
GET /files/templateArtifacts.js?1645937657 HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn73.sf2p.intern.weebly.net
Content-Encoding: gzip
www.triflesntreasures.com/files/main_style.css?1645937657
199.34.228.57200 OK 2.8 kB URL HTTP/1.1 www.triflesntreasures.com/files/main_style.css?1645937657
IP 199.34.228.57:0
File type HTML document, ASCII text, with very long lines (338)
Hash 44f270ca1e4c69d54468822ea1d3d9df
7d8cc834775b13de37420040632c5f8a29f60d38
a81e7ee81297bb6082fc63adccba34d66f40b17f40cd85bbc0c49464fe1a5e76
GET /files/main_style.css?1645937657 HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu148.sf2p.intern.weebly.net
Content-Encoding: gzip
s7.addthis.com/js/300/addthis_widget.js
2.18.172.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Sun, 15 Jan 2023 04:27:20 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
contextual.media.net/nmedianet.js?cid=8CU4B378P
2.18.172.23302 Moved Temporarily 0 B URL HTTP/1.1 contextual.media.net/nmedianet.js?cid=8CU4B378P
IP 2.18.172.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nmedianet.js?cid=8CU4B378P HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://contextual.media.net/nmedianet.js?cid=8CU4B378P
Date: Sun, 15 Jan 2023 04:27:20 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
resources.infolinks.com/js/infolinks_main.js
172.66.42.247200 OK 2.1 kB URL HTTP/1.1 resources.infolinks.com/js/infolinks_main.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (3585)
Hash 01c77bb8d5c2d2836473bc65eb20c806
db7f138d3b25c4fbfb6ed5e6fb23ea90c35ee6ec
5e4754f8e149501e4a73d7fe6f1f53a171221e7e5e63b7e0ee198dc0324eec49
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 19:06:53 GMT
ETag: W/"e02-5f215d1ecea08"
Cache-Control: max-age=3600
Expires: Sun, 15 Jan 2023 04:44:18 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 2582
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789bdbbb2a53fac4-OSL
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
172.217.21.174200 OK 21 kB URL HTTP/1.1 apis.google.com/js/plusone.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 296a5a06eafc4950f2cbcfb331e84089
7f9819fc037359fc7af6808bfcc6cf2c56718845
84877268694e5d2d037b75970fe362a7fc4775cfd76ebc9d7f7676b820019d00
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 20933
Date: Sun, 15 Jan 2023 04:27:20 GMT
Expires: Sun, 15 Jan 2023 04:27:20 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "a255ff5eb9ebf9b5"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
52.85.49.25301 Moved Permanently 167 B URL HTTP/1.1 www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
IP 52.85.49.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1 HTTP/1.1
Host: www.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
X-Cache: Redirect from cloudfront
Via: 1.1 e524b8092e2dda964664df0dfa35341a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C2
X-Amz-Cf-Id: v-RPPconVRkprf_raXuG9SR7fQLFmN0IP-cDWPbUaZFWd5HYgw2hGg==
ap.lijit.com/www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90
216.52.2.39301 Moved Permanently 0 B URL HTTP/1.1 ap.lijit.com/www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90
IP 216.52.2.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90 HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://ap.lijit.com/www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90
i1308.photobucket.com/albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png
143.204.55.73301 Moved Permanently 167 B URL HTTP/1.1 i1308.photobucket.com/albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png
IP 143.204.55.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png HTTP/1.1
Host: i1308.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1308.photobucket.com/albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png
X-Cache: Redirect from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gX-4WBNV_vzHf6jxa6n6Gs10hVI03Jvm5Yw3XVxhRxq5RyKUydw_LA==
Vary: Origin
cdn2.editmysite.com/images/old/bg_feed.gif
151.101.1.46200 OK 299 B URL HTTP/1.1 cdn2.editmysite.com/images/old/bg_feed.gif
IP 151.101.1.46:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 974a8ea2a8b86c3d99cfef5dd1e28827
b6217466f6bb598b26b39b60f661d87af7c6ae94
7082d702280aeb204b77e214abe9b35251155664449f8683c0290d9d71dce05a
GET /images/old/bg_feed.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 299
X-GUploader-UploadID: ADPycduu0Kp-x9x0iRLPzBR2sueagQqUyhzAegaoes2B-ntiLdHkkDhDc0rXajf7O66Ukq37SZ3AuTkrnTmNq72ergOwiQ
x-goog-generation: 1495737843178700
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 299
x-goog-hash: crc32c=SE8U5w==, md5=l0qOoqi4bD2Zz+9d0eKIJw==
x-goog-storage-class: STANDARD
Server: UploadServer
Expires: Thu, 08 Dec 2022 22:48:39 GMT
Cache-Control: public, max-age=86400, s-maxage=259200
Last-Modified: Thu, 25 May 2017 18:44:03 GMT
ETag: "974a8ea2a8b86c3d99cfef5dd1e28827"
Content-Type: image/gif
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Via: 1.1 varnish
Age: 106562
X-Served-By: cache-bma1677-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1673756840.254299,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
s7.addthis.com/js/300/addthis_widget.js
2.18.172.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 722e21e12eaa431752dfae3577fe0619
cdf8ee4381284ad6b6081663ae6ee322998e1b35
998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116406
date: Sun, 15 Jan 2023 04:27:20 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
contextual.media.net/nmedianet.js?cid=8CU4B378P
2.18.172.23200 OK 368 B URL HTTP/2 contextual.media.net/nmedianet.js?cid=8CU4B378P
IP 2.18.172.23:0
Hash 4e01e30c52f5ade890a47e3437d10949
e8cb020d88d767b710068d030954d40cdc4d7d30
5b2e0effadf375a2a1d527a83ef801a78225352b6ab728cddde302eb4b97a90c
GET /nmedianet.js?cid=8CU4B378P HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 368
content-type: text/javascript; charset=utf-8
x-mnt-h: 21-7qck
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-control: max-age=300
expires: Sun, 15 Jan 2023 04:32:20 GMT
date: Sun, 15 Jan 2023 04:27:20 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws-na.amazon-adsystem.com/widgets/q?rt=tf_mfw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Ftrintre-20%2F8001%2F40b4ac6a-3426-4fce-8149-d95c49c8dcfd
52.46.135.132404 Not Found 2.4 kB URL HTTP/1.1 ws-na.amazon-adsystem.com/widgets/q?rt=tf_mfw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Ftrintre-20%2F8001%2F40b4ac6a-3426-4fce-8149-d95c49c8dcfd
IP 52.46.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3df3b6962a3834d77ede57390e342cd
d33bcfb66808c42eeb18b5c30060f78e4878dda7
9125abf03b7fb3fc8acfa7f9ca13d72b95d5a6f42f012905bec02dd2ed37aeac
GET /widgets/q?rt=tf_mfw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Ftrintre-20%2F8001%2F40b4ac6a-3426-4fce-8149-d95c49c8dcfd HTTP/1.1
Host: ws-na.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 04:27:20 GMT
Server: Server
Last-Modified: Wed, 30 Jun 2021 08:31:24 GMT
ETag: "936-5c5f78c3daf00"
Accept-Ranges: bytes
Content-Length: 2358
Vary: User-Agent
Connection: close
Content-Type: text/html
www.triflesntreasures.com/uploads/3/1/8/6/3186221/5294550_orig.gif
199.34.228.57200 OK 5.2 kB URL HTTP/1.1 www.triflesntreasures.com/uploads/3/1/8/6/3186221/5294550_orig.gif
IP 199.34.228.57:0
File type GIF image data, version 89a, 125 x 125\012- data
Hash e8a94cc66845f4a051b77a1ae34f6038
f7b9365907cd94671be2bcf7cffd970916c0ec8b
eb3ddc0ea03c46b05e88b3decb64e7237562de2144bf59d2ec662101d884c877
GET /uploads/3/1/8/6/3186221/5294550_orig.gif HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/gif
Content-Length: 5238
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:33:43 GMT
x-rgw-object-type: Normal
ETag: "e8a94cc66845f4a051b77a1ae34f6038"
x-amz-request-id: tx0000000000000020874d4-006284cd36-b9fbc29-sfo1
X-Storage-Bucket: zeb3d
X-Storage-Object: eb3ddc0ea03c46b05e88b3decb64e7237562de2144bf59d2ec662101d884c877
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 15 Jan 2023 04:27:20 GMT
Connection: keep-alive
Content-Length: 0
fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/1.1 fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Hash 15d9bbcfbc1d668a43c85d156d23262b
c436963710c58453c4ae27e66c051e85c084cd49
6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
GET /s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7908
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 14 Jan 2023 19:06:46 GMT
Expires: Sun, 14 Jan 2024 19:06:46 GMT
Cache-Control: public, max-age=31536000
Age: 33634
Last-Modified: Thu, 21 Apr 2022 16:47:58 GMT
Content-Type: font/woff2
cdn2.editmysite.com/fonts/Lilly/regular.ttf
151.101.1.46200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/fonts/Lilly/regular.ttf
IP 151.101.1.46:0
File type TrueType Font data, 17 tables, 1st "LTSH", 22 names, Macintosh, \251 Apostrophic Laboratories & Dana Rice. All rights reserved. apostrofe@mail.comLillyRegularAp\012- data
Hash 19f20af33ec5fcb9ad06e008999f05cf
ae477be06357fc6b07c7211fe318ea3fed705569
641042dbe8dfdad6b390cd029133461cda02b334d062a96ddcdc93c5b21a5b36
GET /fonts/Lilly/regular.ttf HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://cdn2.editmysite.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29475
Server: nginx
Content-Type: application/octet-stream
Last-Modified: Tue, 03 Jan 2023 17:24:49 GMT
ETag: "63b464e1-e5e4"
Expires: Thu, 19 Jan 2023 07:42:11 GMT
Cache-Control: max-age=1209600
X-Host: grn98.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 852309
X-Served-By: cache-sjc10047-SJC, cache-bma1661-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1702, 1
X-Timer: S1673756840.443889,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/images/editor/theme-background/stock/Orange-Purple-Thread.jpg
151.101.1.46200 OK 387 kB URL HTTP/1.1 cdn2.editmysite.com/images/editor/theme-background/stock/Orange-Purple-Thread.jpg
IP 151.101.1.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Mario Habenbacher], baseline, precision 8, 2280x1667, components 3\012- data
Size 387 kB (386770 bytes)
Hash 4c0ea8ab97fa60897bf997018d55aaf9
74e4347cd8227616763a385adb0b6b019a583eb1
0538707ed5f6f2080e3a19a7b4a2f0095942de72cb1d4c4c6d0dbde4b66a24ac
GET /images/editor/theme-background/stock/Orange-Purple-Thread.jpg HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 386770
X-GUploader-UploadID: ADPycdvOFcM_KG2lrWn-UslOSwx0_3REtUoaOvKXyud8dub52PkC8CgtpROESh-zIr3Tclp5W-u5RsG-gjbUghMo9wW590Fsin7u
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Sun, 04 Dec 2022 07:40:40 GMT
Last-Modified: Thu, 25 May 2017 17:34:11 GMT
ETag: "4c0ea8ab97fa60897bf997018d55aaf9"
x-goog-generation: 1495733651439076
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 386770
Content-Type: image/jpeg
x-goog-hash: crc32c=VKYajw==, md5=TA6oq5f6YIl7+ZcBjVWq+Q==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Via: 1.1 varnish
Age: 128572
X-Served-By: cache-bma1677-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1673756840.429770,VS0,VE2
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.triflesntreasures.com/uploads/3/1/8/6/3186221/4378898_orig.jpg
199.34.228.57200 OK 5.6 kB URL HTTP/1.1 www.triflesntreasures.com/uploads/3/1/8/6/3186221/4378898_orig.jpg
IP 199.34.228.57:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 95", progressive, precision 8, 100x75, components 3\012- data
Hash 79499a0c4d5541b7fc4b14a0aa9db285
2542e9ef6859852f37d2109360f631991cd01991
e4d60494d606bc11a8cc0d4cf8b1bd6f75a81a1acfbfb0c39c510934316ee6ab
GET /uploads/3/1/8/6/3186221/4378898_orig.jpg HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/jpeg
Content-Length: 5552
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:35:09 GMT
x-rgw-object-type: Normal
ETag: "79499a0c4d5541b7fc4b14a0aa9db285"
x-amz-request-id: tx000000000000001f6a851-006284bc72-b9fbc63-sfo1
X-Storage-Bucket: ze4d6
X-Storage-Object: e4d60494d606bc11a8cc0d4cf8b1bd6f75a81a1acfbfb0c39c510934316ee6ab
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 08 Jan 2023 07:40:47 GMT
Expires: Mon, 08 Jan 2024 07:40:47 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
Age: 593193
theyarnbox.com/wp-content/themes/directorypress/thumbs/blog-share-button.png
104.196.151.207301 Moved Permanently 162 B URL HTTP/1.1 theyarnbox.com/wp-content/themes/directorypress/thumbs/blog-share-button.png
IP 104.196.151.207:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/themes/directorypress/thumbs/blog-share-button.png HTTP/1.1
Host: theyarnbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: http://www.theyarnbox.com/wp-content/themes/directorypress/thumbs/blog-share-button.png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fc38856297a28cd362a2b0421acf8e7
6f83afbac6052fe285eacd2b69e92fd5b81ed7d9
710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2547
Cache-Control: max-age=145297
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:20 GMT
Etag: "63c30b46-1d7"
Expires: Mon, 16 Jan 2023 20:48:57 GMT
Last-Modified: Sat, 14 Jan 2023 20:06:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash e8cf5f3caffab43010fb3250e5def56f
7231de9ec663e869a726b442f78f38d4f6320c97
b873a0ec706838a80dbc9f7f77fbf5016203d9e2515d1d34a327ef76a88522c8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 14 Jan 2023 21:03:04 GMT
Expires: Sun, 15 Jan 2023 21:03:04 GMT
ETag: "7231de9ec663e869a726b442f78f38d4f6320c97"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.mooglyblog.com/wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png
104.21.23.62301 Moved Permanently 542 B URL HTTP/1.1 www.mooglyblog.com/wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png
IP 104.21.23.62:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386)
Hash 06fe4436c9cfb25236e59ab33f6eef5d
a4aed10bcbfe8ab3caa56a7e0581ac657f443ae4
072eef2012f1a2d1d71eca352d0166f705875e2bb74eec147fedad610753887a
GET /wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png HTTP/1.1
Host: www.mooglyblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.mooglyblog.com/wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png
Cache-Control: public, max-age=120
Expires: Sun, 15 Jan 2023 04:27:50 GMT
Vary: Accept-Encoding
ki-cache-type: None
Ki-CF-Cache-Status: BYPASS
ki-edge: v=17.13
Ki-Edge-o2o: yes
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6meLd5%2B1ki%2FmGX2%2BmOWLcMajPhUpqjIYpJskWVzOz7Krg%2FKSPq9giVb3hWdh0RxQdsN%2FhfEAqn8tCASwmKisdsqGBLsX9Jf7ovuvbo64y%2BKEblJWReleotAFTIORtryR44eATA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
Server-Timing: cf-q-config;dur=6.0000020312145e-06
Server: cloudflare
CF-RAY: 789bdbbb99791c16-OSL
alt-svc: h2=":443"; ma=60
www.triflesntreasures.com/files/theme/input-bg-blue.png?1645937657
199.34.228.57200 OK 1.4 kB URL HTTP/1.1 www.triflesntreasures.com/files/theme/input-bg-blue.png?1645937657
IP 199.34.228.57:0
File type PNG image data, 157 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fe71b9a4a9b059c8b530b915d6aaa0d
ca418b285d65675bdd35a671909075f0f4938cfa
b8645d209e6ece649e86c7d75758cdcf9a96e6c65493bc58b7d053d92e2851da
GET /files/theme/input-bg-blue.png?1645937657 HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/files/main_style.css?1645937657
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/png; charset=binary
Content-Length: 1393
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 23:13:44 GMT
x-rgw-object-type: Normal
ETag: "5fe71b9a4a9b059c8b530b915d6aaa0d"
x-amz-request-id: tx0000000000000505d8e9f-0063ab4eb9-c6aed46-sfo1
X-Storage-Bucket: zb864
X-Storage-Object: b8645d209e6ece649e86c7d75758cdcf9a96e6c65493bc58b7d053d92e2851da
X-Host: blu135.sf2p.intern.weebly.net
Accept-Ranges: bytes
i1308.photobucket.com/albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png
143.204.55.73200 OK 5.6 kB URL HTTP/2 i1308.photobucket.com/albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png
IP 143.204.55.73:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e7540b81dd05519324940a98df8ee2b9
0549906f24a3ef47bfa0fe1b80834624f64040ef
40d61c66410071ef0299a84bafc35fbcb8d2ac9de783f8407ca2b622cd6c7db7
GET /albums/s620/LaurieBethBrown/OfftheHook-150button_zps7c92409a.png HTTP/1.1
Host: i1308.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 5574
date: Sun, 15 Jan 2023 04:27:20 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="OfftheHook-150button_zps7c92409a.webp"
content-security-policy: script-src 'none'
expires: Mon, 15 Jan 2024 04:27:20 GMT
server: photobucket
x-amzn-trace-id: Root=1-63c380a8-33f40478375edfa8415999be
x-request-id: Vlgrar11ez1y_LvjBNOGy
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5V-yy08K-a2w2xLIjdW93kHBSUYm_DWvw7j1kaFGT7HhLdTwleG08w==
vary: Accept, Origin
X-Firefox-Spdy: h2
ap.lijit.com/www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90
216.52.2.39200 OK 2.7 kB URL HTTP/1.1 ap.lijit.com/www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90
IP 216.52.2.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5373)
Hash acb063bea53ec87ab689f8a74f7da554
be1fc45a1f85ba9a97233d4b001e91c901d7933f
f626799bb10b81aec6032acd4be7ab4d6f0ae7a175b8950e573cb43a8b7b6461
GET /www/delivery/fpi.js?z=245882&u=tkulling&width=728&height=90 HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"6390d276-1540"
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap7ams1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fc38856297a28cd362a2b0421acf8e7
6f83afbac6052fe285eacd2b69e92fd5b81ed7d9
710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2547
Cache-Control: max-age=145297
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:20 GMT
Etag: "63c30b46-1d7"
Expires: Mon, 16 Jan 2023 20:48:57 GMT
Last-Modified: Sat, 14 Jan 2023 20:06:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 03:33:45 GMT
age: 3215
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.triflesntreasures.com/files/theme/submit-bg-blue.png?1645937657
199.34.228.57200 OK 1.6 kB URL HTTP/1.1 www.triflesntreasures.com/files/theme/submit-bg-blue.png?1645937657
IP 199.34.228.57:0
File type PNG image data, 27 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash b97b6634a6ad26af76def3071924ba23
03e831a61e2ec24535ced2aac3df472cdf1ed661
d3f37592a9fe849cce5f55acdc63756413f4785b1df80ba7447fb1389bc65331
GET /files/theme/submit-bg-blue.png?1645937657 HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/files/main_style.css?1645937657
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/png; charset=binary
Content-Length: 1613
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 23:13:48 GMT
x-rgw-object-type: Normal
ETag: "b97b6634a6ad26af76def3071924ba23"
x-amz-request-id: tx000000000000051abd098-0063ab900e-c669cc6-sfo1
X-Storage-Bucket: zd3f3
X-Storage-Object: d3f37592a9fe849cce5f55acdc63756413f4785b1df80ba7447fb1389bc65331
X-Host: grn72.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.triflesntreasures.com/uploads/3/1/8/6/3186221/170911-furls-product15592_orig.jpg
199.34.228.57200 OK 45 kB URL HTTP/1.1 www.triflesntreasures.com/uploads/3/1/8/6/3186221/170911-furls-product15592_orig.jpg
IP 199.34.228.57:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 768x1024, components 3\012- data
Hash 47b410afa71878b2142091677e4da8f1
58e42bb492946f024d238d0266df05a54b634c3c
853d674cbb2a93da9275765b23d5274757203cb3234ed454e7e06f84e977c0cc
GET /uploads/3/1/8/6/3186221/170911-furls-product15592_orig.jpg HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/jpeg
Content-Length: 45101
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:26:31 GMT
x-rgw-object-type: Normal
ETag: "47b410afa71878b2142091677e4da8f1"
x-amz-request-id: tx00000000000000268fed0-0062851458-b9fbc7f-sfo1
X-Storage-Bucket: z853d
X-Storage-Object: 853d674cbb2a93da9275765b23d5274757203cb3234ed454e7e06f84e977c0cc
X-Host: grn82.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.triflesntreasures.com/uploads/3/1/8/6/3186221/8897958_orig.jpg
199.34.228.57200 OK 13 kB URL HTTP/1.1 www.triflesntreasures.com/uploads/3/1/8/6/3186221/8897958_orig.jpg
IP 199.34.228.57:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash fd694c57e6e41e262ad77dd2d2666b1e
463d3945861ab3c26f43fceab272d1b089eae951
150ff8821b0a2707765ff08c1c92999c59c5f99e622f9bde4966f719049a4dcf
GET /uploads/3/1/8/6/3186221/8897958_orig.jpg HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/jpeg
Content-Length: 13251
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:34:12 GMT
x-rgw-object-type: Normal
ETag: "fd694c57e6e41e262ad77dd2d2666b1e"
x-amz-request-id: tx0000000000000020262d3-006284cd35-b9fbc7f-sfo1
X-Storage-Bucket: z150f
X-Storage-Object: 150ff8821b0a2707765ff08c1c92999c59c5f99e622f9bde4966f719049a4dcf
X-Host: blu40.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.triflesntreasures.com/uploads/3/1/8/6/3186221/3290550.jpg
199.34.228.57200 OK 32 kB URL HTTP/1.1 www.triflesntreasures.com/uploads/3/1/8/6/3186221/3290550.jpg
IP 199.34.228.57:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 480x480, segment length 16, baseline, precision 8, 250x248, components 3\012- data
Hash 5f92b3b2742dcba4330d4780909c8e64
8ead0d045169ee9c171fe1c228f8e32d6fdb89bb
b5ed30fcd8f0b36942759bc71a5d82f027f0142134d72b83269f64d5f99ae68d
GET /uploads/3/1/8/6/3186221/3290550.jpg HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/jpeg
Content-Length: 31838
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:25:41 GMT
x-rgw-object-type: Normal
ETag: "5f92b3b2742dcba4330d4780909c8e64"
x-amz-request-id: tx00000000000005b8a002e-0063bdb8cc-c699baa-sfo1
X-Storage-Bucket: zb5ed
X-Storage-Object: b5ed30fcd8f0b36942759bc71a5d82f027f0142134d72b83269f64d5f99ae68d
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes
ap.lijit.com/sync
216.52.2.39200 OK 18 kB IP 216.52.2.39:0
File type ASCII text, with very long lines (1288)
Hash 838b79865a1573c6dbc5b8f2e6465f3d
1cec804dc44dfe070436042c5a1d74d56bca0238
e70395927cb3ceb652b7e5332914da757b96c8967000b90aeec3a283e87e4cb8
GET /sync HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/javascript
Last-Modified: Wed, 07 Dec 2022 17:52:05 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"6390d2c5-14179"
Expires: Mon, 16 Jan 2023 04:27:20 GMT
Cache-Control: max-age=86400, must-revalidate
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap7ams1
cdn2.editmysite.com/images/common/blog/blog-comment-header.png
151.101.1.46200 OK 395 B URL HTTP/1.1 cdn2.editmysite.com/images/common/blog/blog-comment-header.png
IP 151.101.1.46:0
File type PNG image data, 6 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash c1fba4a7097392ef0d29d699eaa4bce4
07140ed3b35c775de5e777741fd413f383c1afa6
2ea0670a5cd43dcb07a95ab4c146c5cac1069600764735d6afaef082024dddc2
GET /images/common/blog/blog-comment-header.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/sites.css?buildTime=1673386455
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 395
X-GUploader-UploadID: ADPycds6PezbuQVi12Z91BPnTha06r1bGPjCgrBKcm6DWsx0fWNGTQxT8H-xId0EUs3AWKrPnsEwdDfZ_6mDsfb-OshrwA
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Sun, 08 Jan 2023 00:22:35 GMT
Last-Modified: Thu, 25 May 2017 17:20:33 GMT
ETag: "c1fba4a7097392ef0d29d699eaa4bce4"
x-goog-generation: 1495732833431641
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 395
Content-Type: image/png
x-goog-hash: crc32c=2zmlnA==, md5=wfukpwlzku8NKdaZ6qS85A==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Via: 1.1 varnish
Age: 98995
X-Served-By: cache-bma1677-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1673756841.765456,VS0,VE2
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1359
Cache-Control: max-age=104525
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:20 GMT
Etag: "63c270a7-1d7"
Expires: Mon, 16 Jan 2023 09:29:25 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cdn2.editmysite.com/images/common/blog/blog-comment-pointer.png
151.101.1.46200 OK 249 B URL HTTP/1.1 cdn2.editmysite.com/images/common/blog/blog-comment-pointer.png
IP 151.101.1.46:0
File type PNG image data, 20 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 8eccf7fccea52d8473809d85ca5242fe
69268d1be54cf096fce696ec294b98fd19533dfd
d0c7ee6d003bd8c4a945841a1d939a28b9c67b1c5cb241e7cb577ac9dc0de21f
GET /images/common/blog/blog-comment-pointer.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/sites.css?buildTime=1673386455
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 249
X-GUploader-UploadID: ADPycdv4hwaUH26kjkb7Me9FHsaH7enLFmokCAXV-7bVDjpm9w28fdwq1C5KJLd0c7T0LUjn3XDuLQpZnjnv4eZrdROVYg
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Fri, 13 Jan 2023 00:54:36 GMT
Last-Modified: Thu, 25 May 2017 17:20:36 GMT
ETag: "8eccf7fccea52d8473809d85ca5242fe"
x-goog-generation: 1495732836348854
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 249
Content-Type: image/png
x-goog-hash: crc32c=7Vr4MA==, md5=jsz3/M6lLYRzgJ2FylJC/g==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Via: 1.1 varnish
Age: 185514
X-Served-By: cache-bma1620-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1673756841.768572,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/images/common/blog/blog-comment-link.png
151.101.1.46200 OK 202 B URL HTTP/1.1 cdn2.editmysite.com/images/common/blog/blog-comment-link.png
IP 151.101.1.46:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d5a8a06943665bba7e937ec338ccafdc
df5fa9e21f0b64db138aa32aeff3b251f30a627b
1a49ecd12c12c41ea86dde6f4eced24bdcd54406f2529ae60360fa4cad615129
GET /images/common/blog/blog-comment-link.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/sites.css?buildTime=1673386455
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 202
X-GUploader-UploadID: ADPycds3X-WvhepAmJPCrMr0lqRjzFd9-2Bxc9QCPyWwcraEVZyI43lNtLVqMWpaDG_XdCZXNJbByI0dCxQeSMLm5Vt8yHXGXjmG
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Sat, 07 Jan 2023 02:04:26 GMT
Last-Modified: Thu, 25 May 2017 17:20:34 GMT
ETag: "d5a8a06943665bba7e937ec338ccafdc"
x-goog-generation: 1495732834419621
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 202
Content-Type: image/png
x-goog-hash: crc32c=Iw58jg==, md5=1aigaUNmW7p+k37DOMyv3A==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Via: 1.1 varnish
Age: 180685
X-Served-By: cache-bma1646-BMA
X-Cache: HIT
X-Cache-Hits: 3
X-Timer: S1673756841.769747,VS0,VE0
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/images/common/blog/blog-comment-button.png
151.101.1.46200 OK 605 B URL HTTP/1.1 cdn2.editmysite.com/images/common/blog/blog-comment-button.png
IP 151.101.1.46:0
File type PNG image data, 300 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash cc8c2ae5040116b5c226835c9dabf900
7c0dcda3b8081f12913fb3c5c2d1d875fe24f7cd
cac64c5d73cf901c5680507fc5c5fc81994424ebfca4e2ceb291368b7358bc34
GET /images/common/blog/blog-comment-button.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/sites.css?buildTime=1673386455
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 605
X-GUploader-UploadID: ADPycdumjcyCpgrLSArgxPPemo0SiXXb4rb6uKwlkzQzoVOl9ZcGxblnu1VIfHLMOFE7HJLZDrQoN2hr3sACv6_dJ2uKVQ
x-goog-generation: 1495732829170291
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 605
x-goog-hash: crc32c=HR4whw==, md5=zIwq5QQBFrXCJoNcnav5AA==
x-goog-storage-class: STANDARD
Server: UploadServer
Expires: Sat, 07 Jan 2023 23:29:16 GMT
Cache-Control: public, max-age=86400, s-maxage=259200
Last-Modified: Thu, 25 May 2017 17:20:29 GMT
ETag: "cc8c2ae5040116b5c226835c9dabf900"
Content-Type: image/png
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Via: 1.1 varnish
Age: 103724
X-Served-By: cache-bma1641-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1673756841.769906,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 13 Jan 2023 13:34:24 GMT
Expires: Sat, 13 Jan 2024 13:34:24 GMT
Cache-Control: public, max-age=31536000
Age: 139976
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
www.theyarnbox.com/wp-content/themes/directorypress/thumbs/blog-share-button.png
104.196.151.207301 Moved Permanently 162 B URL HTTP/1.1 www.theyarnbox.com/wp-content/themes/directorypress/thumbs/blog-share-button.png
IP 104.196.151.207:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/themes/directorypress/thumbs/blog-share-button.png HTTP/1.1
Host: www.theyarnbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: http://www.theyarnbox.com/wp-content/uploads/blog-share-button.png
www.triflesntreasures.com/uploads/3/1/8/6/3186221/4987118_orig.jpg
199.34.228.57200 OK 54 kB URL HTTP/1.1 www.triflesntreasures.com/uploads/3/1/8/6/3186221/4987118_orig.jpg
IP 199.34.228.57:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x256, components 3\012- data
Hash 807947bd61ae20e4ac862f11c8f15619
77b143891abfeb6e7cfd86809e681f7fdff787e5
f96d766962566532071bb74ae41728bb3dab8eb3737a5a632fd097c160d24e3a
GET /uploads/3/1/8/6/3186221/4987118_orig.jpg HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/jpeg
Content-Length: 53732
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:25:15 GMT
x-rgw-object-type: Normal
ETag: "807947bd61ae20e4ac862f11c8f15619"
x-amz-request-id: tx00000000000005f1f57e8-0063c380a8-c669cc6-sfo1
X-Storage-Bucket: zf96d
X-Storage-Object: f96d766962566532071bb74ae41728bb3dab8eb3737a5a632fd097c160d24e3a
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes
ap.lijit.com/adcfg?zoneid=245882&tid=b582b1d7def34fe0b713beded56ac053ca7175f7&mode=1&dmn=www.triflesntreasures.com
216.52.2.39200 OK 166 B URL HTTP/1.1 ap.lijit.com/adcfg?zoneid=245882&tid=b582b1d7def34fe0b713beded56ac053ca7175f7&mode=1&dmn=www.triflesntreasures.com
IP 216.52.2.39:0
File type ASCII text, with no line terminators
Hash c2965ce721db71c8938336f322777bdf
7f6065581f6781444da6703013f11636004ebd85
85e3f47965da00504cc0c6a9be29a7b530e340164b87ce3804654deaea402e47
GET /adcfg?zoneid=245882&tid=b582b1d7def34fe0b713beded56ac053ca7175f7&mode=1&dmn=www.triflesntreasures.com HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
Content-Length: 166
X-Sovrn-Pod: ad_ap7ams1
www.mooglyblog.com/wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png
104.21.23.62200 OK 6.7 kB URL HTTP/2 www.mooglyblog.com/wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png
IP 104.21.23.62:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9e90b0dce1149d3c7008c4eac98e067e
43abe870e7a9fe9d9fd4a840d1384afb0a6980e8
6a6078f469505635b8558b17253427248c39cd7bbd1d54465c5a2add8a422b45
GET /wp-content/uploads/2013/02/hookin-on-hump-day-150x150_01.png HTTP/1.1
Host: www.mooglyblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:20 GMT
content-type: image/webp
content-length: 6724
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
content-disposition: inline; filename="hookin-on-hump-day-150x150_01.webp"
etag: "5a382608-24b9"
expires: Wed, 12 Jan 2033 04:27:20 GMT
last-modified: Mon, 18 Dec 2017 20:33:12 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=9401
ki-cache-tag: 4efaedd9-70ef-41f5-b62d-1bb067d393c0,d0557e18d8d4ef7df05a59b08354147dd2ec2b37915f4b45fd52ed8e3d2cc692
ki-cache-type: CDN
ki-cf-cache-status: SAVING
ki-edge: v=17.13
ki-edge-o2o: yes
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BgGf6pbVrnWG5e4rLbZ%2BpY%2FoAIoRgV%2BTCb7vclClbQCjuMNlfhQOJlmgh1lietIv5BkGKRi2vpJ0XIXpMCW2CtM1kmX%2FTSycNloHuxPDyX8WOyQlsBLAvaYZSmfJEUma5bFpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 789bdbbe1fa8b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.theyarnbox.com/wp-content/uploads/blog-share-button.png
104.196.151.207200 OK 12 kB URL HTTP/1.1 www.theyarnbox.com/wp-content/uploads/blog-share-button.png
IP 104.196.151.207:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 125 x 125, 8-bit/color RGB, non-interlaced\012- data
Hash e29b3eff3dff9ce7855adb3f13733b70
041796e06834b85eccd97c453a87ad98ca5fd619
55d9598fb8a7f340a139b7441c0257fb51af98eb69a893dccbeb0e126b2f9189
GET /wp-content/uploads/blog-share-button.png HTTP/1.1
Host: www.theyarnbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/png
Content-Length: 12487
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 05 Oct 2016 15:50:45 GMT
ETag: "57f52155-30c7"
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ap.lijit.com/addelivery?zoneid=245882&tid=a_245882_d89568a424d14f28851d63f44715fadd&cb=undefined&mode=1&ifr=true&od=www.triflesntreasures.com&time=04%3A27%3A21&fd=1&be=fx&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&orig_loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_245882_d89568a424d14f28851d63f44715fadd
216.52.2.39200 OK 637 B URL HTTP/1.1 ap.lijit.com/addelivery?zoneid=245882&tid=a_245882_d89568a424d14f28851d63f44715fadd&cb=undefined&mode=1&ifr=true&od=www.triflesntreasures.com&time=04%3A27%3A21&fd=1&be=fx&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&orig_loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_245882_d89568a424d14f28851d63f44715fadd
IP 216.52.2.39:0
File type ASCII text, with very long lines (876), with no line terminators
Hash be5b55fdfd49eab5d7fbc5c7aacf38fb
80a9f46a574e8ff09432c5edb5bd0ca8e054cdec
aec2ce64231624a7b1e1232d439605a217718530f3abd5d36f4a53ef0e0c9fcd
GET /addelivery?zoneid=245882&tid=a_245882_d89568a424d14f28851d63f44715fadd&cb=undefined&mode=1&ifr=true&od=www.triflesntreasures.com&time=04%3A27%3A21&fd=1&be=fx&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&orig_loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_245882_d89568a424d14f28851d63f44715fadd HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
Content-Length: 637
X-Sovrn-Pod: ad_ap7ams1
www.triflesntreasures.com/files/theme/button_blue.png?1645937657
199.34.228.57200 OK 3.1 kB URL HTTP/1.1 www.triflesntreasures.com/files/theme/button_blue.png?1645937657
IP 199.34.228.57:0
File type PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Hash cc8486f546baa15dc280cb1729ec9677
d22af7d7cf81c4b40a95377e3a939fc63c07b0c0
53752557937ce14e9f1267abc88a151ea42ef86b554001d6ca83920712c262a3
GET /files/theme/button_blue.png?1645937657 HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/files/main_style.css?1645937657
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:20 GMT
Content-Type: image/png; charset=binary
Content-Length: 3125
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 23:13:42 GMT
x-rgw-object-type: Normal
ETag: "cc8486f546baa15dc280cb1729ec9677"
x-amz-request-id: tx000000000000004696459-0062871002-b9fbc20-sfo1
X-Storage-Bucket: z5375
X-Storage-Object: 53752557937ce14e9f1267abc88a151ea42ef86b554001d6ca83920712c262a3
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.weebly.com/editor/apps/showCommentForm-v2.php?user_id=3186221&blog_id=826955395899547715&post_id=597485478805823985&parent=http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012&is_mobile=&r=3&is_light=1
74.115.50.110200 OK 1.4 kB URL HTTP/1.1 www.weebly.com/editor/apps/showCommentForm-v2.php?user_id=3186221&blog_id=826955395899547715&post_id=597485478805823985&parent=http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012&is_mobile=&r=3&is_light=1
IP 74.115.50.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 13e015c0a861c4dae729ba5547639fa3
5064fce5c057b7435a4be22453247baecc0bbf58
7635c56f6b7fc8151ea5475face2645595104d3404c315f00e24fa5502e552ad
GET /editor/apps/showCommentForm-v2.php?user_id=3186221&blog_id=826955395899547715&post_id=597485478805823985&parent=http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012&is_mobile=&r=3&is_light=1 HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:20 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Host: grn102.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 1429
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: language=en; expires=Sun, 29-Jan-2023 04:27:21 GMT; Max-Age=1209600; path=/
sto-id-editor=NPFDBMAK; Domain=weebly.com; Path=/
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4egSrWG824BYeY2gJQyopg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kzUu20zityzP0ITbXx6eW3cy/4E=
pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&pn=%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&pubid=tkulling&v0=210991
23.32.96.121204 No Content 0 B URL HTTP/1.1 pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&pn=%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&pubid=tkulling&v0=210991
IP 23.32.96.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/d/t.dhj?dmn=triflesntreasures.com&pn=%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&pubid=tkulling&v0=210991 HTTP/1.1
Host: pxdrop.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Cache-Control: private, max-age=3600
Expires: Sun, 15 Jan 2023 05:27:21 GMT
Date: Sun, 15 Jan 2023 04:27:21 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
cdn2.editmysite.com/js/lang/en/utl.js?buildTime=1673649514&
151.101.1.46200 OK 367 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/utl.js?buildTime=1673649514&
IP 151.101.1.46:0
File type Unicode text, UTF-8 text, with very long lines (65021)
Size 367 kB (366693 bytes)
Hash 26b9050a2caabe02767b9d9c93d5d684
2560c9f930b54a8c612cf407be400bfa232f7514
8197d4888aa3d56cd12d590716ea895d813bca1ef88eb81f61ccd3e9e8fc53ab
GET /js/lang/en/utl.js?buildTime=1673649514& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weebly.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 366693
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 13 Jan 2023 22:10:14 GMT
ETag: "63c1d6c6-1d2c55"
Expires: Fri, 27 Jan 2023 22:41:14 GMT
Cache-Control: max-age=1209600
X-Host: blu45.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:21 GMT
Age: 107167
X-Served-By: cache-sjc10042-SJC, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 19, 1
X-Timer: S1673756841.107068,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn1.editmysite.com/weebly/libraries/jquery_effects.js?1
151.101.129.46200 OK 5.0 kB URL HTTP/1.1 cdn1.editmysite.com/weebly/libraries/jquery_effects.js?1
IP 151.101.129.46:0
File type ASCII text, with very long lines (10536)
Hash 27ff9553d4dde33f4e07dd19685a29bc
7cf73bfffb77ac0ebabb7567c11db31ece03ac05
2bbc568a204b95d414b409f64b06051d3801cbeb39af0326c076c407fcbe74ef
GET /weebly/libraries/jquery_effects.js?1 HTTP/1.1
Host: cdn1.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weebly.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 4951
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 03 Jan 2023 21:12:07 GMT
ETag: "63b49a27-39d4"
Expires: Wed, 04 Jan 2023 07:36:38 GMT
Cache-Control: max-age=300
X-Host: grn155.sf2p.intern.weebly.net
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:21 GMT
Age: 939343
X-Served-By: cache-sjc10069-SJC, cache-bma1666-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 571, 2
X-Timer: S1673756841.124869,VS0,VE0
Vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ap.lijit.com/containertag?containerId=18&zoneId=245882&v=2
216.52.2.39200 OK 4.1 kB URL HTTP/1.1 ap.lijit.com/containertag?containerId=18&zoneId=245882&v=2
IP 216.52.2.39:0
File type Unicode text, UTF-8 text, with very long lines (4080), with no line terminators
Hash 39804491f900f3a9917fc336aa3d8d87
e35b5cf40c2e33a27cef7387c7c496ae3ffedb21
f88a53d0637cda8b7b5b02df8303319481c8b4820cc27b7a6a8174b014545a4a
GET /containertag?containerId=18&zoneId=245882&v=2 HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:21 GMT
Set-Cookie: ctag=; Path=/; Domain=.lijit.com; Expires=Tue, 14-Feb-2023 04:27:21 GMT; Max-Age=2592000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: application/json
Content-Length: 4084
X-Sovrn-Pod: ad_ap7ams1
gslbeacon.lijit.com/beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2
72.251.249.13302 Found 0 B URL HTTP/1.1 gslbeacon.lijit.com/beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2
IP 72.251.249.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2 HTTP/1.1
Host: gslbeacon.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 15 Jan 2023 04:27:21 GMT
Set-Cookie: ljt_reader=F_RLqNZHlyaXEynYTTuz_sJc; Path=/; Domain=.lijit.com; Expires=Mon, 15-Jan-2024 04:27:21 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://gslbeacon.lijit.com/beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2&dnr=1
Content-Length: 0
X-Sovrn-Pod: ad_ap2ams1
rcm-na.amazon-adsystem.com/e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr
52.46.136.169301 Moved Permanently 163 B URL HTTP/1.1 rcm-na.amazon-adsystem.com/e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr
IP 52.46.136.169:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c4bede7d6b8e56951ae0c0e194153af0
f11f69eaee4f3cd0c75d0f41f1f1d213a359d5b7
b691e78554674f4bb12223fcd4d40aa99c80a83f96d7c251eb116afb33c5fe8a
GET /e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr HTTP/1.1
Host: rcm-na.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Server
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://rcm-na.amazon-adsystem.com/e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr
cdn2.editmysite.com/js/old/comments-jq.js?buildtime=1673649514
151.101.1.46200 OK 1.5 kB URL HTTP/2 cdn2.editmysite.com/js/old/comments-jq.js?buildtime=1673649514
IP 151.101.1.46:0
File type ASCII text, with very long lines (3849), with no line terminators
Hash bbeb46dc28446deca8d7aeec43aada3c
0fb53090399bf3ebf320368fedb051957400e3e2
8b5827a9a2e302de1798dd18681f39a95b71b38a81f3758789808d6158e0c637
GET /js/old/comments-jq.js?buildtime=1673649514 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 22:11:56 GMT
etag: "63c1d72c-f09"
expires: Fri, 27 Jan 2023 22:41:14 GMT
cache-control: max-age=1209600
x-host: grn71.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 15 Jan 2023 04:27:21 GMT
age: 107166
x-served-by: cache-sjc10077-SJC, cache-bma1621-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 1
x-timer: S1673756841.195447,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1461
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/common-v2.css?buildTime=1673649514
151.101.1.46200 OK 6.0 kB URL HTTP/2 cdn2.editmysite.com/css/old/common-v2.css?buildTime=1673649514
IP 151.101.1.46:0
File type ASCII text, with very long lines (29411)
Hash 2e9c283ef4c5edda6c287a9cde6637ce
febe7e228465dc2aca071e8bde9efadd57f483b5
cb3ee3b830778632ae5528f41e0d89462d87b00ce84a8f471a913de05c6c7398
GET /css/old/common-v2.css?buildTime=1673649514 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 13 Jan 2023 22:11:33 GMT
etag: W/"63c1d715-72e4"
expires: Fri, 27 Jan 2023 22:41:14 GMT
cache-control: max-age=1209600
x-host: grn113.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 15 Jan 2023 04:27:21 GMT
age: 107166
x-served-by: cache-sjc10052-SJC, cache-bma1621-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 1
x-timer: S1673756841.204344,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5996
X-Firefox-Spdy: h2
gslbeacon.lijit.com/beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2&dnr=1
72.251.249.13204 No Content 0 B URL HTTP/1.1 gslbeacon.lijit.com/beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2&dnr=1
IP 72.251.249.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /beacon?viewId=a_245882_d89568a424d14f28851d63f44715fadd&rand=5940&informer=11979184&type=fpads&loc=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&v=1.2&dnr=1 HTTP/1.1
Host: gslbeacon.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 15 Jan 2023 04:27:21 GMT
Set-Cookie: ljt_reader=F_RLqNZHFVHzlx2rShmJpjgh; Path=/; Domain=.lijit.com; Expires=Mon, 15-Jan-2024 04:27:21 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap2ams1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4dc72ba06ace9ad5795c9de974b66afa
d56fbd77e052b69ce1eaf5e43d24596d162c45fa
f8986ca3bd2b5c850b42dc287b7ea42b02eb8dee4943344ade7a03946d6f7325
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined
23.32.96.121301 Moved Permanently 0 B URL HTTP/1.1 pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined
IP 23.32.96.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined HTTP/1.1
Host: pxdrop.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined
Date: Sun, 15 Jan 2023 04:27:21 GMT
Connection: keep-alive
ap.lijit.com/data/ct?tid=a_245882_d89568a424d14f28851d63f44715fadd&zoneid=245882&cid=18&geo=NO&all_tags=590%2C604&tss=201&fired_tags=590&count=1&status=1%2C8&elapsed_ms=201
216.52.2.39200 OK 43 B URL HTTP/1.1 ap.lijit.com/data/ct?tid=a_245882_d89568a424d14f28851d63f44715fadd&zoneid=245882&cid=18&geo=NO&all_tags=590%2C604&tss=201&fired_tags=590&count=1&status=1%2C8&elapsed_ms=201
IP 216.52.2.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /data/ct?tid=a_245882_d89568a424d14f28851d63f44715fadd&zoneid=245882&cid=18&geo=NO&all_tags=590%2C604&tss=201&fired_tags=590&count=1&status=1%2C8&elapsed_ms=201 HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: image/gif
Content-Length: 43
X-Sovrn-Pod: ad_ap7ams1
vap7ams1.lijit.com/data/fp?tid=a_245882_d89568a424d14f28851d63f44715fadd&zoneid=245882&starttime=1673756841210&adcfg=5&adcfg_response=101&addelivery=106&addelivery_response=171&lgfired=172&beacon=173&container=174&EOL=175&ctstart=0&elapsed_ms=175
216.52.2.39200 OK 43 B URL HTTP/1.1 vap7ams1.lijit.com/data/fp?tid=a_245882_d89568a424d14f28851d63f44715fadd&zoneid=245882&starttime=1673756841210&adcfg=5&adcfg_response=101&addelivery=106&addelivery_response=171&lgfired=172&beacon=173&container=174&EOL=175&ctstart=0&elapsed_ms=175
IP 216.52.2.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /data/fp?tid=a_245882_d89568a424d14f28851d63f44715fadd&zoneid=245882&starttime=1673756841210&adcfg=5&adcfg_response=101&addelivery=106&addelivery_response=171&lgfired=172&beacon=173&container=174&EOL=175&ctstart=0&elapsed_ms=175 HTTP/1.1
Host: vap7ams1.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: image/gif
Content-Length: 43
X-Sovrn-Pod: ad_ap7ams1
www.google.com/recaptcha/api.js
216.58.211.4200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (850), with no line terminators
Hash f5e11cc338b7bd7222c32639ffeaf4b8
5fe68621ab0ae529b7ef6bf9444cda4c2679dc26
74870f2a72eadfd5da82d067cfca29f6a722b3b6535bb471c9061ef5b3b5ad6b
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 15 Jan 2023 04:27:21 GMT
date: Sun, 15 Jan 2023 04:27:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.triflesntreasures.com/files/main_style.css
199.34.228.57200 OK 2.8 kB URL HTTP/1.1 www.triflesntreasures.com/files/main_style.css
IP 199.34.228.57:0
File type HTML document, ASCII text, with very long lines (338)
Hash 44f270ca1e4c69d54468822ea1d3d9df
7d8cc834775b13de37420040632c5f8a29f60d38
a81e7ee81297bb6082fc63adccba34d66f40b17f40cd85bbc0c49464fe1a5e76
GET /files/main_style.css HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weebly.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn14.sf2p.intern.weebly.net
Content-Encoding: gzip
pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined
23.32.96.121204 No Content 0 B URL HTTP/1.1 pxdrop.lijit.com/1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined
IP 23.32.96.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/d/t.dhj?dmn=triflesntreasures.com&GDPR_v2=&pubid=tkulling&us_privacy=undefined HTTP/1.1
Host: pxdrop.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Cache-Control: private, max-age=3600
Expires: Sun, 15 Jan 2023 05:27:21 GMT
Date: Sun, 15 Jan 2023 04:27:21 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
cdn2.editmysite.com/images/old/blogging/blog-comment-field-bg.png
151.101.1.46200 OK 172 B URL HTTP/2 cdn2.editmysite.com/images/old/blogging/blog-comment-field-bg.png
IP 151.101.1.46:0
File type PNG image data, 1 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 8c2899a20bddd7b6272050b15142f38e
dd29f248524095e8deb619d07622271236774f5b
63036514fa79ceee38193f8ef6c364384e91e4ad241d8d04a9103daf6ab89c18
GET /images/old/blogging/blog-comment-field-bg.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/old/common-v2.css?buildTime=1673649514
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv-hZp2oRB5fPGJtBWe7qAJKWziFYdjR2DCPzgErLmpgR-bNCrQt-BI03vSWfixFguneBskvalD85hiPwNefePS5SL_iDXf
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 06 Jan 2023 23:44:28 GMT
last-modified: Thu, 25 May 2017 18:47:37 GMT
etag: "8c2899a20bddd7b6272050b15142f38e"
x-goog-generation: 1495738057761415
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 172
content-type: image/png
x-goog-hash: crc32c=3JT9PA==, md5=jCiZogvd17YnIFCxUULzjg==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 15 Jan 2023 04:27:21 GMT
via: 1.1 varnish
age: 189406
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673756841.302324,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 172
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/old/blogging/blog-comment-button.png
151.101.1.46200 OK 605 B URL HTTP/2 cdn2.editmysite.com/images/old/blogging/blog-comment-button.png
IP 151.101.1.46:0
File type PNG image data, 300 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash cc8c2ae5040116b5c226835c9dabf900
7c0dcda3b8081f12913fb3c5c2d1d875fe24f7cd
cac64c5d73cf901c5680507fc5c5fc81994424ebfca4e2ceb291368b7358bc34
GET /images/old/blogging/blog-comment-button.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/old/common-v2.css?buildTime=1673649514
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv926XdXnShTbybewo1Wi75DClGAF6-NSrXBYSAwoQP4-j6IY-WEE4W66-_kxOkiXHe8dA79N-clC1OjsYyYD-r1A
cache-control: public, max-age=86400, s-maxage=259200
expires: Sun, 04 Dec 2022 04:25:04 GMT
last-modified: Thu, 25 May 2017 18:47:34 GMT
etag: "cc8c2ae5040116b5c226835c9dabf900"
x-goog-generation: 1495738054425166
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 605
content-type: image/png
x-goog-hash: crc32c=HR4whw==, md5=zIwq5QQBFrXCJoNcnav5AA==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 15 Jan 2023 04:27:21 GMT
via: 1.1 varnish
age: 255038
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673756841.302495,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 605
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
216.58.211.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (534)
Size 163 kB (162972 bytes)
Hash 76ec8636078661afbc2c6fdd811b0b76
035c5fe2d57e0363a7abaedc294ef890a6e2a081
194068b0223ebb32c7e7026851a4c1eb6b70c988b269c7fa10f4dd3362bd650a
GET /recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.weebly.com
Connection: keep-alive
Referer: http://www.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 02:20:28 GMT
expires: Thu, 11 Jan 2024 02:20:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
content-type: text/javascript
age: 353213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crochetatplay.com/images/crochetbutton.jpg
192.185.225.57200 OK 45 kB URL HTTP/1.1 www.crochetatplay.com/images/crochetbutton.jpg
IP 192.185.225.57:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2013:01:14 02:54:20], baseline, precision 8, 125x125, components 3\012- data
Hash f7046b3a211b7d24ea464900232eaafa
729f054f833b3a86cbd2cc999ed9cba21161b5e8
b51e7a18461d72b43a387bfeb9cfab57dd9c02f50a1a8804089c07c5681991ae
GET /images/crochetbutton.jpg HTTP/1.1
Host: www.crochetatplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 12 Dec 2014 01:00:51 GMT
Accept-Ranges: bytes
Content-Length: 44605
Content-Type: image/jpeg
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 90ce9b2d70901dbae7697d3159655b47
216463ebda554025e232cdfdc4abbc342577aeb1
71ff6ea86636102fa6d4da1f7c91269c7353980a2db81293cd2eeda82cefe6b1
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1E5FF6051548E29C068EB827C968CBFC1643B143"
Expires: Sun, 15 Jan 2023 16:00:00 UTC
Last-Modified: Sun, 15 Jan 2023 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789bdbc1afc70b51-OSL
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.1.46200 OK 26 kB URL HTTP/1.1 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25752
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 04 Jan 2023 19:27:59 GMT
ETag: "63b5d33f-124fe"
Expires: Thu, 19 Jan 2023 08:38:42 GMT
Cache-Control: max-age=1209600
X-Host: grn114.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:21 GMT
Age: 848918
X-Served-By: cache-sjc10061-SJC, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 26, 9494
X-Timer: S1673756842.533277,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
104.16.227.72301 Moved Permanently 0 B URL HTTP/1.1 www.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
IP 104.16.227.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/19565/L5749_100x100_Man_Cave_Quilts.JPG HTTP/1.1
Host: www.shareasale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 15 Jan 2023 04:27:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 Jan 2023 05:27:21 GMT
Location: https://www.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 789bdbc3aa21b4f7-OSL
alt-svc: h2=":443"; ma=60
www.shareasale.com/image/47979/logo-125x125.jpg
104.16.227.72301 Moved Permanently 0 B URL HTTP/1.1 www.shareasale.com/image/47979/logo-125x125.jpg
IP 104.16.227.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/47979/logo-125x125.jpg HTTP/1.1
Host: www.shareasale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 15 Jan 2023 04:27:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 Jan 2023 05:27:21 GMT
Location: https://www.shareasale.com/image/47979/logo-125x125.jpg
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 789bdbc3a9aa0b49-OSL
alt-svc: h2=":443"; ma=60
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=31944
date: Sun, 15 Jan 2023 04:27:21 GMT
X-Firefox-Spdy: h2
lg3.media.net/flping.php?reason=0&action=16&pid=8PO11D45B&gdpr=1&cid=8CU4B378P&crid=686945277
2.18.172.23200 OK 15 B URL HTTP/2 lg3.media.net/flping.php?reason=0&action=16&pid=8PO11D45B&gdpr=1&cid=8CU4B378P&crid=686945277
IP 2.18.172.23:0
File type ASCII text, with no line terminators
Hash 2ba5e95642c652c708881ad3c9d8443f
5bfcc33bb9cc897546c600206b03d1307bd63a94
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
GET /flping.php?reason=0&action=16&pid=8PO11D45B&gdpr=1&cid=8CU4B378P&crid=686945277 HTTP/1.1
Host: lg3.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-length: 15
content-type: text/html; charset=UTF-8
ntcoent-length: 15
strict-transport-security: max-age=21600
vary: Accept-Encoding
cache-control: max-age=30816
date: Sun, 15 Jan 2023 04:27:21 GMT
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33993)
Hash d99f6ecedb967cd3313fcb33a517d5fa
8af28dea587613dc2aa8227a5a7115142be36c35
11c733ac4f070ff47a7f0264d047e65aedaeb16f053f3f2150dbf8ab42ffcb52
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1048
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 15 Jan 2023 04:27:21 GMT
Etag: "1f7a9d98d378a9b1ef4dcec793a1c434+gzip"
Last-Modified: Sat, 14 Jan 2023 01:47:45 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29165
connect.facebook.net/undefined/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/undefined/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/undefined/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 15 Jan 2023 04:27:21 GMT
Connection: keep-alive
Content-Length: 0
www.google-analytics.com/ga.js
142.250.74.110200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 15 Jan 2023 03:06:13 GMT
Expires: Sun, 15 Jan 2023 05:06:13 GMT
Cache-Control: public, max-age=7200
Age: 4868
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
assets.pinterest.com/js/pinit.js
151.101.244.84200 OK 290 B URL HTTP/1.1 assets.pinterest.com/js/pinit.js
IP 151.101.244.84:0
File type ASCII text, with very long lines (361), with no line terminators
Hash 82bfd941d2c9b3b9e0650a27c9d11737
2eb742a101e79067c9df4d15b518bde85e8eeb2e
3f6e9b85ad3ee165ec6c9587d98d2a43588f7ba0f63d31ad019a0d4cbfd3f3d1
GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 290
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
X-CDN: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Sun, 15 Jan 2023 04:27:21 GMT
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sun, 15 Jan 2023 04:23:56 GMT
Expires: Sun, 15 Jan 2023 06:23:56 GMT
Cache-Control: public, max-age=7200
Age: 205
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 50d12ff189e31e07479b683765b1180d
ec5812c12e3fc220421150e3e4b2e1e50a845873
1f9ebb1ad3a500768aa22e2af04873e7e88e6516f29500f466e7acc07ce916a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.226200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.226:0
File type ASCII text, with very long lines (4885)
Hash 783585154d4206e8f348360477ca1841
9f7b0b71a357214af667049e93859366bc9fd2ef
61099b3617ef7a0efe237306d60540d5225c42bed52f8c19694323ce9cc5e26c
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sun, 15 Jan 2023 04:27:21 GMT
Expires: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 15496212860033505177
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52289
X-XSS-Protection: 0
www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
52.85.49.25403 Forbidden 329 B URL HTTP/2 www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
IP 52.85.49.25:0
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Hash cf5688ee669495ae56c00f64efa97873
cafe50a290a15bfc2db3f76f1bc46de5c0f9ff33
6ad22941865bef2c85062b0737cef87fe11fa463faa6d9d463a0bf5583d36c35
GET /blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1 HTTP/1.1
Host: www.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 15 Jan 2023 04:27:21 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 50f8df1bd48d77c6aa66214d7e928e72.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: l57JJcRCfHHohn_rxQAUFr5A-Mn4nNWktYrr2NH1-rsXWhucl1eezQ==
X-Firefox-Spdy: h2
www.lduhtrp.net/image-7381584-11116564
89.207.16.75302 Found 86 B URL HTTP/1.1 www.lduhtrp.net/image-7381584-11116564
IP 89.207.16.75:0
File type HTML document, ASCII text
Hash 24fcb523b6a27ab1c3cccf045f08be3d
3715a96e79d2b31476bf4d17e587a71a33f29dd0
057676a2360464abe5c69976aacd9dd18d089a674f95559387841bbea5553458
GET /image-7381584-11116564 HTTP/1.1
Host: www.lduhtrp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 302 Found
Server: Resin/4.0.66
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 15 Jan 2023 04:27:21 GMT
Location: http://www.yceml.net/0020/11116564-1499411097929
Content-Type: text/html; charset=utf-8
Content-Length: 86
Date: Sun, 15 Jan 2023 04:27:21 GMT
www.ftjcfx.com/image-7381584-11636213
89.207.16.75302 Found 86 B URL HTTP/1.1 www.ftjcfx.com/image-7381584-11636213
IP 89.207.16.75:0
File type HTML document, ASCII text
Hash 00bcbce23ae66e7db9fed726a1cec76c
903b3d8795fff2dffb57d188e5a6b54c6ab220ce
7d7867c3f01cae0486ba18851e1c7b58da592b8963b0f5b304e55a2005381bc5
GET /image-7381584-11636213 HTTP/1.1
Host: www.ftjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 302 Found
Server: Resin/4.0.66
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 15 Jan 2023 04:27:21 GMT
Location: http://www.yceml.net/0501/11636213-1568059645505
Content-Type: text/html; charset=utf-8
Content-Length: 86
Date: Sun, 15 Jan 2023 04:27:21 GMT
www.tqlkg.com/image-7381584-10773728
89.207.16.75302 Found 86 B URL HTTP/1.1 www.tqlkg.com/image-7381584-10773728
IP 89.207.16.75:0
File type HTML document, ASCII text
Hash 8c9d9e76142b8b1b35ff8d3066c008be
1829399a43eb957975a7e946e81577ee5d7fe8dd
247ed70937de86fb1548328caea31f35f8300bd45a6dd83e50dafa458806fe09
GET /image-7381584-10773728 HTTP/1.1
Host: www.tqlkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 302 Found
Server: Resin/4.0.66
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 15 Jan 2023 04:27:21 GMT
Location: http://www.yceml.net/0224/10773728-1456768825276
Content-Type: text/html; charset=utf-8
Content-Length: 86
Date: Sun, 15 Jan 2023 04:27:21 GMT
rcm-na.amazon-adsystem.com/e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr
52.46.136.169200 OK 2.8 kB URL HTTP/1.1 rcm-na.amazon-adsystem.com/e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr
IP 52.46.136.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2794), with no line terminators
Hash ed28aa2c2f53a77469e4fdcf13f25d4a
c721d0f9e795a87f5dc8bcdc19ef205671277833
d5e8ee6b63cc4989bf4bc2f2ff7f8d412179088c7408b335eadcdb406cef89cc
GET /e/cm?t=trintre-20&o=1&p=8&l=bn1&mode=arts-crafts&browse=262625011&fc1=000000<1=_blank&lc1=3366FF&bg1=FFFFFF&f=ifr HTTP/1.1
Host: rcm-na.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-rid: 2XJ1Y6W70RFPK822XRVM
p3p: policyref="http://rcm.amazon.com/w3c/p3p-us.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Cache-control: no-store
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ws-na.amazon-adsystem.com/widgets/q?rt=tf_mfw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Ftrintre-20%2F8001%2F40b4ac6a-3426-4fce-8149-d95c49c8dcfd
52.46.135.132404 Not Found 51 kB URL HTTP/1.1 ws-na.amazon-adsystem.com/widgets/q?rt=tf_mfw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Ftrintre-20%2F8001%2F40b4ac6a-3426-4fce-8149-d95c49c8dcfd
IP 52.46.135.132:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 86c6f2978574b067bffce10c41b3ce1e
49af247de9e0b8e5b115abbf0fc1da89eaeb06e1
29a5e54b09dc38bb4cd5d3731b70af79ec47559f3ffb07be77f595781e8eb123
GET /widgets/q?rt=tf_mfw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Ftrintre-20%2F8001%2F40b4ac6a-3426-4fce-8149-d95c49c8dcfd HTTP/1.1
Host: ws-na.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 04:27:21 GMT
Server: Server
Last-Modified: Wed, 30 Jun 2021 08:31:24 GMT
ETag: "936-5c5f78c3daf00"
Accept-Ranges: bytes
Content-Length: 2358
Vary: User-Agent
Connection: close
Content-Type: text/html
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
2.18.172.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 15 Jan 2023 04:27:21 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/ice.js
172.66.42.247200 OK 57 kB URL HTTP/1.1 resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/ice.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0c2385f81fc6dea9e4e97b80ae947f5a
bc947bbe6cd581134b97a1cce2cc032fa2ffc195
3ec85e18e8d4b9ba240be2fe55c8c26bcb531750878db6ec198e87e5446c6f08
GET /js/1840.014-3.025.ab.1842.015-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 19:01:41 GMT
ETag: W/"2ce35-5f215bf49677e"
Cache-Control: max-age=2592000
Expires: Tue, 14 Feb 2023 04:27:21 GMT
Via: 1.1 google
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789bdbc3abcbfac4-OSL
Content-Encoding: gzip
www.triflesntreasures.com/favicon.ico
199.34.228.57200 OK 1.2 kB URL HTTP/1.1 www.triflesntreasures.com/favicon.ico
IP 199.34.228.57:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash de7c5bd8e49baaebe711f63d94c36b6e
330df8a496248a60c648d2eb09f0bc2fbc7892de
c839ecc7d188228f70005cdfdfede42ba4ce2371f4cccea0487bfc7a9ed8e5ef
GET /favicon.ico HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2019 02:24:15 GMT
x-rgw-object-type: Normal
ETag: "de7c5bd8e49baaebe711f63d94c36b6e"
x-amz-request-id: tx000000000000002613658-0062850b95-b9fbc29-sfo1
X-Storage-Bucket: zc839
X-Storage-Object: c839ecc7d188228f70005cdfdfede42ba4ce2371f4cccea0487bfc7a9ed8e5ef
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes
platform.twitter.com/widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=http%3A%2F%2Fwww.triflesntreasures.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=http%3A%2F%2Fwww.triflesntreasures.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 8ffceea9a3a32be9d4a59d53b31107a5
ac7bcaa964a2a11e106a6394226f4c4fa5c6dd8d
06f494b8857a17661582a184b20cb77a2a8c24861e43cd5eaf1cc973fc6d95fb
GET /widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=http%3A%2F%2Fwww.triflesntreasures.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 95901
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Jan 2023 04:27:21 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F715)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.addthis.com/live/red_lojson/300lo.json?si=63c380a9742509d6&bkl=0&bl=5&pdt=603&sid=63c380a9742509d6&pub=ra-52e42c6057057aea&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.triflesntreasures.com&fp=my-attempt-at-blogging%2Fnovember-23rd-2012&fr=&fcu=Y8OAqUzLeiA&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1673756842029&jsl=161&uvs=63c380a900a3e1b8000&skipb=1&callback=addthis.cbs.jsonp__84550608457904750
2.18.172.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63c380a9742509d6&bkl=0&bl=5&pdt=603&sid=63c380a9742509d6&pub=ra-52e42c6057057aea&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.triflesntreasures.com&fp=my-attempt-at-blogging%2Fnovember-23rd-2012&fr=&fcu=Y8OAqUzLeiA&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1673756842029&jsl=161&uvs=63c380a900a3e1b8000&skipb=1&callback=addthis.cbs.jsonp__84550608457904750
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 7a80df2151704f56142abce320eeb07f
84b16663cc4c5e37b99bf4a2ad7cb05c631ef79c
4aa63b60f6e4d73f4def87ec0ef234773c3f5cb057b960fbc73a77fab47c3d92
GET /live/red_lojson/300lo.json?si=63c380a9742509d6&bkl=0&bl=5&pdt=603&sid=63c380a9742509d6&pub=ra-52e42c6057057aea&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.triflesntreasures.com&fp=my-attempt-at-blogging%2Fnovember-23rd-2012&fr=&fcu=Y8OAqUzLeiA&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1673756842029&jsl=161&uvs=63c380a900a3e1b8000&skipb=1&callback=addthis.cbs.jsonp__84550608457904750 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sun, 15 Jan 2023 04:27:21 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230111/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 14 Jan 2023 22:41:44 GMT
expires: Sat, 28 Jan 2023 22:41:44 GMT
cache-control: public, max-age=1209600
age: 20737
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
developers.google.com/
142.250.74.174301 Moved Permanently 0 B IP 142.250.74.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: c31a7e69dc8a96577bd4060da8823e9a
Date: Sun, 15 Jan 2023 04:27:21 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a0323bca87228ca600ad58555e1b2d3e
a82132958ff2952767ff6b6b4c97ce81f899e226
ca54fbb1176415af368fc1d7d0711ba6a08c48124c3b33ce3ef2c77029568bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v1.addthisedge.com/live/boost/ra-52e42c6057057aea/_ate.track.config_resp
2.18.172.123200 OK 154 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-52e42c6057057aea/_ate.track.config_resp
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0
GET /live/boost/ra-52e42c6057057aea/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=60, s-maxage=86400
date: Sun, 15 Jan 2023 04:27:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
images-na.ssl-images-amazon.com/images/G/01/rcm/120x240.gif
54.230.82.142200 OK 8.4 kB URL HTTP/2 images-na.ssl-images-amazon.com/images/G/01/rcm/120x240.gif
IP 54.230.82.142:0
File type GIF image data, version 89a, 120 x 240\012- data
Hash 9de3319995a3559d39c546afbbc1ce83
6c8189593f5a8ce10a1f4084dfb75e79d0aa1a3c
f3dfb9a97d2f95e2436b864cf98c19de39cc618c5890c35842e2de61fc360f18
GET /images/G/01/rcm/120x240.gif HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcm-na.amazon-adsystem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 8385
server: Server
x-amz-ir-id: c7edb91f-3105-4732-9521-021c0e3b24f6
surrogate-key: x-cache-217 /images/G/01/rcm/120x240
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-217,/images/G/01/rcm/120x240
access-control-allow-origin: *
last-modified: Wed, 02 Jun 2010 18:35:37 GMT
x-nginx-cache-status: HIT
accept-ranges: bytes
date: Sun, 15 Jan 2023 01:51:23 GMT
expires: Sun, 15 Jan 2023 02:32:10 GMT
cache-control: max-age=86400,public
vary: Accept-Encoding
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
age: 60283
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mCG0WOfEV27TwTQPM6uvJw7goppLBggu7teFZoAztwA6anPF39VYmQ==
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836960751&utmhn=www.triflesntreasures.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Holly%20Sprig~FREE%20PATTERN%20-%20Trifles%20%26%20Treasures&utmhid=1602369472&utmr=-&utmp=%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&utmht=1673756842235&utmac=UA-47850047-1&utmcc=__utma%3D172754790.284848938.1673756842.1673756842.1673756842.1%3B%2B__utmz%3D172754790.1673756842.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=804056759&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.110200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836960751&utmhn=www.triflesntreasures.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Holly%20Sprig~FREE%20PATTERN%20-%20Trifles%20%26%20Treasures&utmhid=1602369472&utmr=-&utmp=%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&utmht=1673756842235&utmac=UA-47850047-1&utmcc=__utma%3D172754790.284848938.1673756842.1673756842.1673756842.1%3B%2B__utmz%3D172754790.1673756842.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=804056759&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836960751&utmhn=www.triflesntreasures.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Holly%20Sprig~FREE%20PATTERN%20-%20Trifles%20%26%20Treasures&utmhid=1602369472&utmr=-&utmp=%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&utmht=1673756842235&utmac=UA-47850047-1&utmcc=__utma%3D172754790.284848938.1673756842.1673756842.1673756842.1%3B%2B__utmz%3D172754790.1673756842.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=804056759&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sun, 15 Jan 2023 04:27:22 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.85.214.41200 OK 0 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.85.214.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.triflesntreasures.com/
Origin: http://www.triflesntreasures.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.triflesntreasures.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 600
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8716603714520671&plah=www.triflesntreasures.com
216.58.207.226200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8716603714520671&plah=www.triflesntreasures.com
IP 216.58.207.226:0
File type ASCII text, with very long lines (5919)
Size 120 kB (119980 bytes)
Hash 365461f87ee78c596da0bc6525d06996
1b77853a5160904976f12e8feaffc83347e2edaa
d1ee31f356ef0cfd99ad884ea76ec92d93be9eb9b940c8b99f09a69687508e7b
GET /pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8716603714520671&plah=www.triflesntreasures.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Jan 2023 04:27:22 GMT
expires: Sun, 15 Jan 2023 04:27:22 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15676280183369326792
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
router.infolinks.com/usync/lcmanage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/lcmanage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/lcmanage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbc6a816fac8-OSL
X-Firefox-Spdy: h2
router.infolinks.com/gsd?evt=afterGSD&pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&jsv=1840.014-3.025.ab.1842.015-3.025&_cb=16737568423030
172.66.42.247200 OK 263 B URL HTTP/1.1 router.infolinks.com/gsd?evt=afterGSD&pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&jsv=1840.014-3.025.ab.1842.015-3.025&_cb=16737568423030
IP 172.66.42.247:0
File type ASCII text, with very long lines (313), with no line terminators
Hash 12b902c3d9490e104880abb62db91ff9
837899a14531f9004347baa403969999914f9db4
916850790582b0d355ddf70fade0702576e286b846ae5902ea9129b8d3c3b731
GET /gsd?evt=afterGSD&pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&jsv=1840.014-3.025.ab.1842.015-3.025&_cb=16737568423030 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: max-age=0
P3P: CP="NON DSP NID OUR COR"
Set-Cookie: cuid=0d17c8e8-ffac-4a82-928e-9f0eabd07876; Domain=infolinks.com; Expires=Tue, 14-Jan-2025 04:27:22 GMT; Path=/; SameSite=None
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbc6c85db500-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 45af47345f718319d19ac74f7b7e34d3
b092360f6fee275bd601d5165820eb0748d0558c
660f70981627da5ac3e8493df545aba6e1e32979a19c2a78058e6106aa4abd1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5976
Cache-Control: max-age=94718
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c23850-13a"
Expires: Mon, 16 Jan 2023 06:46:00 GMT
Last-Modified: Sat, 14 Jan 2023 05:06:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
s7.addthis.com/static/counter.d27508c102582d608697.js
2.18.172.123200 OK 8.3 kB URL HTTP/2 s7.addthis.com/static/counter.d27508c102582d608697.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (24530), with no line terminators
Hash 47fcfb824ad738c29e3195451d5c755e
8a955f27a30f4a8c9cde94567c041040e3c60d61
1508b4ae159e51231031ce58f3a5c31aca11a438f4ea3c12ea3581bbc97f4305
GET /static/counter.d27508c102582d608697.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5fd2"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 8265
date: Sun, 15 Jan 2023 04:27:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1602369472&t=pageview&_s=1&dl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&ul=en-us&de=UTF-8&dt=Holly%20Sprig~FREE%20PATTERN%20-%20Trifles%20%26%20Treasures&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_utma=172754790.284848938.1673756842.1673756842.1673756842.1&_utmz=172754790.1673756842.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1673756842259&_u=IQBCAAABAAAAACAAI~&jid=1973258152&gjid=1520481544&cid=284848938.1673756842&tid=UA-11589536-2&_gid=2085885274.1673756842&_r=1&_slc=1&z=759953115
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1602369472&t=pageview&_s=1&dl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&ul=en-us&de=UTF-8&dt=Holly%20Sprig~FREE%20PATTERN%20-%20Trifles%20%26%20Treasures&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_utma=172754790.284848938.1673756842.1673756842.1673756842.1&_utmz=172754790.1673756842.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1673756842259&_u=IQBCAAABAAAAACAAI~&jid=1973258152&gjid=1520481544&cid=284848938.1673756842&tid=UA-11589536-2&_gid=2085885274.1673756842&_r=1&_slc=1&z=759953115
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1602369472&t=pageview&_s=1&dl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&ul=en-us&de=UTF-8&dt=Holly%20Sprig~FREE%20PATTERN%20-%20Trifles%20%26%20Treasures&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_utma=172754790.284848938.1673756842.1673756842.1673756842.1&_utmz=172754790.1673756842.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1673756842259&_u=IQBCAAABAAAAACAAI~&jid=1973258152&gjid=1520481544&cid=284848938.1673756842&tid=UA-11589536-2&_gid=2085885274.1673756842&_r=1&_slc=1&z=759953115 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://www.triflesntreasures.com
date: Sun, 15 Jan 2023 04:27:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
172.64.154.237302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
IP 172.64.154.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 789bdbc7a9f9b518-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8OAqscXa3oE.PVq7VDY7wAA; Path=/; Domain=casalemedia.com; Expires=Mon, 15 Jan 2024 04:27:22 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=719; Path=/; Domain=casalemedia.com; Expires=Sat, 15 Apr 2023 04:27:22 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=719; Path=/; Domain=casalemedia.com; Expires=Sat, 15 Apr 2023 04:27:22 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZB3ntTG4eL%2F43JXtx3rzxWzhPKbywYQPt6Xjm5dSf1%2FRvt2t6o8HnLyFImNuAhqLtTeNNMifvIiuVYmExx2p%2B2Ft6PDWDcNajshDXzKbxaeIP92LY4Q4ECHKt8mxN8qjpyJclVzMWTKqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
216.52.2.39204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
IP 216.52.2.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 15 Jan 2023 04:27:22 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap7ams1
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.85.214.41200 OK 2 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.85.214.41:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1828
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=be1a82f0-3865-4f89-8725-df8e91628e0b; Expires=Mon, 15 Jan 2024 04:27:22 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.triflesntreasures.com
Access-Control-Allow-Credentials: true
router.infolinks.com/dyn/iq-usync
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/dyn/iq-usync
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyn/iq-usync HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbc7783ffac8-OSL
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=7684b6f9ecb4e08d92f9d0f2448425f82c0f8ba0
104.244.42.72200 OK 445 B URL HTTP/2 syndication.twitter.com/settings?session_id=7684b6f9ecb4e08d92f9d0f2448425f82c0f8ba0
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (1288), with no line terminators
Hash 085b7006416242956fe024b62c671189
d9e42f59005b38d0a702c2a24f1216724e73af4e
e4cbfb80937967821b2aaae8843a80f35dfbd60c556c30879a22002436f16cfd
GET /settings?session_id=7684b6f9ecb4e08d92f9d0f2448425f82c0f8ba0 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:21 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 445
content-encoding: gzip
x-transaction-id: a4c328ec300e3228
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 104
x-connection-hash: f0e5af39616ab4d56eeac9e53198f7dd02d02ad70cfcd6d0161ae74ad6e791e8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
2.18.172.23302 Found 154 B URL HTTP/2 cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
IP 2.18.172.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
set-cookie: data-inf=setstatuscode~~41;Expires=Sat, 15 Apr 2023 04:27:22 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnet-hl2: E
expires: Sun, 15 Jan 2023 04:27:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 04:27:22 GMT
X-Firefox-Spdy: h2
www.triflesntreasures.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.57200 OK 348 B URL HTTP/1.1 www.triflesntreasures.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.57:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en; popup_user_login=yes; __atuvc=1%7C3; __atuvs=63c380a900a3e1b8000; _snow_ses.4daa=*; _snow_id.4daa=9551d8f3-d220-4938-88e3-b29dcf9fb39f.1673756842.1.1673756842.1673756842.30ad1cc6-82d6-4ffb-aa64-59535536fd33; __utma=172754790.284848938.1673756842.1673756842.1673756842.1; __utmb=172754790.1.10.1673756842; __utmc=172754790; __utmz=172754790.1673756842.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _ga=GA1.2.284848938.1673756842; _gid=GA1.2.2085885274.1673756842; _gat=1
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn114.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 400de606693e6019e14dabbf397d6837
b894326e556c85ddbeb615955805fd3fc654b79a
4d333674dec9ce863404c5f6b80513e70023724f8db764fbc230ee4c2802f23f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1362
Cache-Control: max-age=125407
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c2c237-1d7"
Expires: Mon, 16 Jan 2023 15:17:29 GMT
Last-Modified: Sat, 14 Jan 2023 14:54:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 95cdc42c7aafc79bcf39c7289570e91a
9df4a3f9ecc93dbadd78ea06679661c3d80a70e4
2d94c01c17995d40d71121b16d24ac0dd716418e35006f3acb5f178f2c3849b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5443
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Last-Modified: Sun, 15 Jan 2023 02:56:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fwww.triflesntreasures.com%252Fmy-attempt-at-blogging%252Fnovember-23rd-2012%2523.Y8OAqUzLeiA&pid=12306&adnxs_uid=$UID
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fwww.triflesntreasures.com%252Fmy-attempt-at-blogging%252Fnovember-23rd-2012%2523.Y8OAqUzLeiA&pid=12306&adnxs_uid=$UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fwww.triflesntreasures.com%252Fmy-attempt-at-blogging%252Fnovember-23rd-2012%2523.Y8OAqUzLeiA&pid=12306&adnxs_uid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fwww.triflesntreasures.com%25252Fmy-attempt-at-blogging%25252Fnovember-23rd-2012%252523.Y8OAqUzLeiA%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 8618804b-2b6b-4a76-b7fb-9803cc6864c5
Set-Cookie: uuid2=7204917993004083693; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 15-Apr-2023 04:27:22 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4f446caf76ceff6ffcd5a2f38764f44a
d16033665d33d3f88e4911b8e66d9651156e77ce
5a9fd60925ac60bd4512ba1d16ac042f3aed819c1e034e3cfb1ebb9409b6fdd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Last-Modified: Sun, 15 Jan 2023 03:39:20 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
router.infolinks.com/dyn/ix-usync?uid=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ix-usync?uid=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ix-usync?uid=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbc8d86efac8-OSL
X-Firefox-Spdy: h2
u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
34.98.64.218200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.131200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.131:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 20:43:51 GMT
expires: Fri, 12 Jan 2024 20:43:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 23:09:33 GMT
content-type: text/javascript
age: 200611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a050fa3b018be8a7613a3b2fa5825a63
48586237a7ef72153cfc5c69a9c87c776894fd3a
55e8dae00d0ce930b359b22c8d15919bfeb7873356a3a53db7b611bdb2865457
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 15 Jan 2023 04:27:22 GMT
Last-Modified: Sun, 15 Jan 2023 02:52:19 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ixbCTjA40ytehx7x2F4TynsxROa8YZ8B8TAK_wsqSGOvQDq-LrhpWw==
Age: 5703
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ad312d637689e5bad810aad96fbcbdaa
6fdddace49961ed53f69f9b95a925927f782a915
fec1cab8c10ea908f54c4d1da49e1a603b384a14e7698cf2d78b1bc851cc394e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3885
Cache-Control: max-age=128988
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c2c659-1d7"
Expires: Mon, 16 Jan 2023 16:17:10 GMT
Last-Modified: Sat, 14 Jan 2023 15:12:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/dyn/mnet-usync?uid=0000EEA
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/mnet-usync?uid=0000EEA
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:22 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:22 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbc90874fac8-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fwww.triflesntreasures.com%25252Fmy-attempt-at-blogging%25252Fnovember-23rd-2012%252523.Y8OAqUzLeiA%26pid%3D12306%26adnxs_uid%3D%24UID
37.252.173.215302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fwww.triflesntreasures.com%25252Fmy-attempt-at-blogging%25252Fnovember-23rd-2012%252523.Y8OAqUzLeiA%26pid%3D12306%26adnxs_uid%3D%24UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fwww.triflesntreasures.com%25252Fmy-attempt-at-blogging%25252Fnovember-23rd-2012%252523.Y8OAqUzLeiA%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: 8d1bdd4a-eb76-4721-8ce4-8fabc7618f0d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
198.47.127.18302 Found 267 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
IP 198.47.127.18:0
File type HTML document, ASCII text
Hash 4c3b0ed5d0694dfc6293df9d26db3427
d24a807f496ede8c6860cdfaef65db160c5bd622
bd7d1d9ab7cd90754ced171b8a2a5f8585295a99cbdaeeb377019e772442efe4
GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 267
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 15150949-a185-4054-88d9-15a0847720ee
Set-Cookie: uuid2=3107833676254650067; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 15-Apr-2023 04:27:22 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
connect.facebook.net/undefined/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash ab4281ca3d07c257fdf59034e201f31d
c1ccbea215fc805a0816f6d2b546c63b6fb0f4f9
30f65f86cfdbd4eb455d8bbc1768b22716408194d069f593ff98ed4194130e4d
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cee537fbdfb200592466a1470a42fc85
etag: "f6eabcd7f98a93ec7050e8f3686f18f2"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 15 Jan 2023 04:40:29 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: q0KByj0Hwlf99ZA04gHzHQ==
x-fb-debug: hQ2uhNnGC1KVf7qiZMYHn/NodfEBcxFNqYZ7OhwE97w9lztP9ULGK6vEf8VYJb+Ckk6YCpUW1jJ7TWfN2ZEvMw==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1904183273
date: Sun, 15 Jan 2023 04:27:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rt3051.infolinks.com/action/doq.htm?pcode=utf-8&r=16737568426151
172.66.41.9200 OK 735 B URL HTTP/1.1 rt3051.infolinks.com/action/doq.htm?pcode=utf-8&r=16737568426151
IP 172.66.41.9:0
File type JSON data\012- , ASCII text, with very long lines (1123)
Hash bc6351bed173ac12fd5816f0a3183d75
84272d66bae5f2a7bc0ea039c7af6934bf443606
48d0344817f695708c015c2b806c8befc439fd37767d0d8b07f14fdf8e416a35
POST /action/doq.htm?pcode=utf-8&r=16737568426151 HTTP/1.1
Host: rt3051.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 4062
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Application-Context: application:prod
Access-Control-Allow-Origin: http://www.triflesntreasures.com
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache,no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: cuid=0d17c8e8-ffac-4a82-928e-9f0eabd07876; Domain=infolinks.com; Expires=Tue, 14-Jan-2025 04:27:22 GMT; Path=/; SameSite=None
P3P: CP="NON DSP NID OUR COR"
Content-Language: en-US
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbc8db9f0b41-OSL
Content-Encoding: gzip
www.yceml.net/0992/10878944-1459987284128
23.32.102.87200 OK 4.8 kB URL HTTP/1.1 www.yceml.net/0992/10878944-1459987284128
IP 23.32.102.87:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x60, components 3\012- data
Hash 81e75774e6b5f2e2057737fd7e396b8f
ad1376bb62250537058acceae9078a42c860f058
c2ce16f891492de39ebd77a625ec66d0c3f6d81c8f9f83a62389f530d85af36a
GET /0992/10878944-1459987284128 HTTP/1.1
Host: www.yceml.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: Resin/4.0.66
Content-Length: 4786
Cache-Control: max-age=368605
Expires: Thu, 19 Jan 2023 10:50:47 GMT
Date: Sun, 15 Jan 2023 04:27:22 GMT
Connection: keep-alive
onetag-sys.com/usync/?pubId=598ce3ddaee8c90
51.89.9.254204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=598ce3ddaee8c90
IP 51.89.9.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
assets.pinterest.com/js/pinit_main.js?0.32041133783390763
151.101.244.84200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.32041133783390763
IP 151.101.244.84:0
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.32041133783390763 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 18679
X-Firefox-Spdy: h2
www.yceml.net/0020/11116564-1499411097929
23.32.102.87200 OK 32 kB URL HTTP/1.1 www.yceml.net/0020/11116564-1499411097929
IP 23.32.102.87:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 160x600, components 3\012- data
Hash 227d7564fadca0db7050cc17bff50786
107f2b59fe7c91cbfd38700699d49f3938a93e61
4134caa8679e924af1446815ca5102b638ebd254416da2b8b93d65bc8706e298
GET /0020/11116564-1499411097929 HTTP/1.1
Host: www.yceml.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: Resin/4.0.66
Content-Length: 31892
Cache-Control: max-age=398152
Expires: Thu, 19 Jan 2023 19:03:14 GMT
Date: Sun, 15 Jan 2023 04:27:22 GMT
Connection: keep-alive
www.yceml.net/0501/11636213-1568059645505
23.32.102.87200 OK 5.7 kB URL HTTP/1.1 www.yceml.net/0501/11636213-1568059645505
IP 23.32.102.87:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x125, components 3\012- data
Hash 047b68ac412d85ece54bf1895566d41b
fe622ccde70ea5f06b93368a3cf2392f1dbf4fbc
c4bb3bd0f3bcbcc38045b9f5b9add414766fece368567e1f51a6010f750d73bf
GET /0501/11636213-1568059645505 HTTP/1.1
Host: www.yceml.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: Resin/4.0.66
Content-Length: 5665
Cache-Control: max-age=291403
Expires: Wed, 18 Jan 2023 13:24:05 GMT
Date: Sun, 15 Jan 2023 04:27:22 GMT
Connection: keep-alive
www.yceml.net/0224/10773728-1456768825276
23.32.102.87200 OK 34 kB URL HTTP/1.1 www.yceml.net/0224/10773728-1456768825276
IP 23.32.102.87:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash 43eae58dfa43adfc878bbbd45bf51b5f
d0392c9415070807b687d5e637b4788b8e28b8f1
acdc26cf24f2821ffb1a31ad505fcc1f8e56548275718760a6967ac72cb9f99b
GET /0224/10773728-1456768825276 HTTP/1.1
Host: www.yceml.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: Resin/4.0.66
Content-Length: 33958
Cache-Control: max-age=368597
Expires: Thu, 19 Jan 2023 10:50:39 GMT
Date: Sun, 15 Jan 2023 04:27:22 GMT
Connection: keep-alive
ups.analytics.yahoo.com/ups/58422/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKqAw2MCEENDz4MW5L9WM0cVs9a2C1cFEgEBAQHSxGPNYwAAAAAA_eMAAA&S=AQAAAptBrGkUpBFjABMi3p77FCk; Expires=Mon, 15 Jan 2024 10:27:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
172.64.154.237200 OK 107 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
IP 172.64.154.237:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 7f7b0878ec96f4d3c88342406a3b0d3e
4b9b1784b072f9d99fee0d3b0a9649195032f80c
a006c760571fb5177ce9ae5b8ae1f5651c0eeedc7735e3ea13763a86f417a2ba
GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html
cf-ray: 789bdbc82a2eb518-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=excKKBM3Kzm5XJJINWbvtxTRjkdaitPXxGERbXqQLk0jGj%2BKSB8tqnIo6ovhUNPAD4eO%2B0TjlyWKdhRHPt%2FaNATMlBnmoCetPuDxWDo6bklSix6mhbA%2B7NqibD2Tgc0eVLQLGdZ9R7Q6%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a5581613f9a4041f0c93eac85f7f0e5c
8bb18529dbfddc332ffceb35de51161686dbc0ee
3abe91cc743af5f8ca69539aa9f994cb48aeb803fbf1fbe6a2044be076b86b29
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118283
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c2a79d-1d7"
Expires: Mon, 16 Jan 2023 13:18:45 GMT
Last-Modified: Sat, 14 Jan 2023 13:01:17 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SgAGn8PnFPzM1_lzeM51MXGrGzuSQIwTEuD-QzzdjEkPXWRlVxfIXg==
Age: 1048
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1673756842395&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22trintre-20%22%2C%22linkCode%22%3A%22bn1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.triflesntreasures.com%2F%22%2C%22panda%22%3Atrue%7D
52.94.237.66200 OK 43 B URL HTTP/1.1 fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1673756842395&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22trintre-20%22%2C%22linkCode%22%3A%22bn1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.triflesntreasures.com%2F%22%2C%22panda%22%3Atrue%7D
IP 52.94.237.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash e68cc604cab69bf03b8cd228d940f5ef
15c0c62c4c7c917b5dd82a8e1e439211a44b9e98
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
GET /1/associates-ads/1/OP/?cb=1673756842395&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22trintre-20%22%2C%22linkCode%22%3A%22bn1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.triflesntreasures.com%2F%22%2C%22panda%22%3Atrue%7D HTTP/1.1
Host: fls-na.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcm-na.amazon-adsystem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
x-amzn-RequestId: c348293a-7c7d-4663-b70d-fe3d8236e999
Content-Type: image/gif
Content-Length: 43
Date: Sun, 15 Jan 2023 04:27:22 GMT
ups.analytics.yahoo.com/ups/58422/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 04:27:22 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKqAw2MCEOs8GJWk2n5wicPCDXImnTAFEgEBAQHSxGPNYwAAAAAA_eMAAA&S=AQAAAtWT-jz9cyXXwRzVccG-LLo; Expires=Mon, 15 Jan 2024 10:27:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.156.0.31301 Moved Permanently 360 B URL HTTP/2 pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.156.0.31:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ef184c6b065a63adf6c94f609c0a0c72
12e8af72d7af8f029d4300991e1eda7ec9f2545b
b01d8ed4f119579d92815a648e454327ae4af8a4592e98462fb72f414ddba9af
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 15 Jan 2023 04:27:22 GMT
server: ATS/9.1.10.25
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
content-type: text/html
content-language: en
set-cookie: A3=d=AQABBKqAw2MCEFjlx5Qh2zljJK9PEYwdJMAFEgEBAQHSxGPNYwAAAAAA_eMAAA&S=AQAAAivIKYhAyfClh8QhvlvZbOQ; Expires=Mon, 15 Jan 2024 10:27:22 GMT; Max-Age=31557600; Domain=.advertising.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 360
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.triflesntreasures.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.triflesntreasures.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.triflesntreasures.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 04:27:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.triflesntreasures.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__
142.250.74.109200 OK 394 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.triflesntreasures.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__
IP 142.250.74.109:0
Hash bebdbf9159b1e9b59a1eae0befb8ad39
b3912dd064b740a3e5a90eada1283714282816ad
43f629436f97c8cd982fbf211cedc6798d7c9a9d9f923dbac696a57c8dd77cb6
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.triflesntreasures.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Jan 2023 04:27:22 GMT
content-security-policy: script-src 'nonce-P1Yennmn2TkiAk9HHFoVDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash c556111fdb039251c91ac0651f8860ba
0046bf99881285941b7d63ee68bcaa7f5bbe4fe0
2eabb5fb6405e4ecce1d3bdf0756752c68933b56ed61f7019d7c3eeeb16a8d0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163579
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c34abb-1d7"
Expires: Tue, 17 Jan 2023 01:53:41 GMT
Last-Modified: Sun, 15 Jan 2023 00:37:15 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WhrP5za2vcEwmwm2i408M266BboBwAhp7sCpCYigJP2HH6_KWlPiWg==
Age: 4586
adservice.google.no/adsid/integrator.js?domain=www.triflesntreasures.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.triflesntreasures.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.triflesntreasures.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 04:27:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
37.252.173.215302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: a3b0e17c-bb0b-4f4e-ace8-fd100c393818
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
18.184.64.43302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 18.184.64.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=36bc38da-1569-4b62-8f16-c94121a034e8; Expires=Sat, 15 Apr 2023 04:27:22 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1673756842; Expires=Sat, 15 Apr 2023 04:27:22 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 880baac61dd2f2e1b517bdc7843473b7
3508ca494069c1166158be979b58722da84578ea
261940f04e5719253df7aae072ae14228bb238f117a5c3a6e4eb0ed1ed43dd6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=155376
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c33c9a-116"
Expires: Mon, 16 Jan 2023 23:36:58 GMT
Last-Modified: Sat, 14 Jan 2023 23:36:58 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da03603b40e98fa7064adaefe155aa6a
4aed6ca2d45b89246744dcf268e5a811cca3833f
eb963c25697c2a4a3f82ed8a8a51dc347dfc28dc39e6e55a136492410c001ee4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5510
Cache-Control: max-age=170582
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c3627a-1d7"
Expires: Tue, 17 Jan 2023 03:50:24 GMT
Last-Modified: Sun, 15 Jan 2023 02:18:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&callback=_ate.cbs.sc_httpwwwtriflesntreasurescommyattemptatbloggingnovember23rd20120
2.18.172.123200 OK 108 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&callback=_ate.cbs.sc_httpwwwtriflesntreasurescommyattemptatbloggingnovember23rd20120
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash aec4a81f409259452cb1f6a3a6e38087
79b7bb6468afa4a6be59f03c193b7934a0de825c
96c206c382e057ed3c36cfb3a098a1c3c8b1d8eebc0f56d35d0d826dc3ae2d7d
GET /url/shares.json?url=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012&callback=_ate.cbs.sc_httpwwwtriflesntreasurescommyattemptatbloggingnovember23rd20120 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
last-modified: Sun, 15 Jan 2023 04:27:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 108
date: Sun, 15 Jan 2023 04:27:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cd9cc328fb5d6fdf8da24ff3622b7f33
6c3548099e6895b778f6b597a0e44075d57ed099
fffa94c5855965d725ed0ac13be34cb5c10b6692fc798764f50ec1347b7357e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 13:55:56 GMT
Expires: Sat, 21 Jan 2023 13:55:55 GMT
Etag: "6c3548099e6895b778f6b597a0e44075d57ed099"
Cache-Control: max-age=551912,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbcb0e2ab50b-OSL
www.triflesntreasures.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
199.34.228.57200 OK 2.1 kB URL HTTP/1.1 www.triflesntreasures.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
IP 199.34.228.57:0
File type JSON data\012- , ASCII text, with very long lines (2073), with no line terminators
Hash e9e60074f660a9ef0fe4ccfa30d8b58b
7b09e76d6d428652df161b55997a88d73d45eeb7
eae90e043d3bbd13760563ce92dc8186247a6ee489ace396b08f9766ed05db41
POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1
Host: www.triflesntreasures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://www.triflesntreasures.com/my-attempt-at-blogging/november-23rd-2012
Cookie: language=en; popup_user_login=yes; __atuvc=1%7C3; __atuvs=63c380a900a3e1b8000; _snow_ses.4daa=*; _snow_id.4daa=9551d8f3-d220-4938-88e3-b29dcf9fb39f.1673756842.1.1673756842.1673756842.30ad1cc6-82d6-4ffb-aa64-59535536fd33; __utma=172754790.284848938.1673756842.1673756842.1673756842.1; __utmb=172754790.1.10.1673756842; __utmc=172754790; __utmz=172754790.1673756842.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _ga=GA1.2.284848938.1673756842; _gid=GA1.2.2085885274.1673756842; _gat=1
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu73.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2073
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: application/json
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
198.47.127.18302 Found 272 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
IP 198.47.127.18:0
File type HTML document, ASCII text
Hash ebb92a4e4bfa9f49081d6d5490b87169
e986871fb2a1067935b9f45ff4ba155383056b29
fd3de728a94f948ba814f33b0020466ae949a4c493784a6b7a5f23687385747d
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sun, 15 Jan 2023 04:27:21 GMT
content-length: 272
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 59f61b6a017137010b124b219ca6136e
b6155334914b9c99f9349a387887476bc7cc1a8e
a851ba536ff61dbe81f553a46df4ac5494be033217c144b026c5c72bcf229c28
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 14 Jan 2023 20:50:53 GMT
Expires: Sun, 15 Jan 2023 20:50:53 GMT
ETag: "b6155334914b9c99f9349a387887476bc7cc1a8e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 318ac1651b36049882eb573b4f3b6939
19bbd4afc1f640e4f1437ffd9fb457cc0c798cc4
a78e24fec00a00faad694623292dc44cde2b7e6578963cb7ae21e9de3308421c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6294
Cache-Control: max-age=141857
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c2ef36-1d7"
Expires: Mon, 16 Jan 2023 19:51:39 GMT
Last-Modified: Sat, 14 Jan 2023 18:06:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
18.184.64.43200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 18.184.64.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKqAw2MCEAXMjpDKRBwLAzYVcpf5y24FEgEBAQHSxGPNYwAAAAAA_eMAAA&S=AQAAAuVLgSt1xQBXXhUWwGxmUEg; Expires=Mon, 15 Jan 2024 10:27:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e94c770c54fb1794cd09b789ab9d7ccf
df7942050a08f20facf1b5fb912fd5a43fba08f6
3cc221d4875fcc26775c9348e2d826a3e1a923f48d761b2c041613292b2f9681
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 23:33:46 GMT
Expires: Wed, 18 Jan 2023 23:33:45 GMT
Etag: "df7942050a08f20facf1b5fb912fd5a43fba08f6"
Cache-Control: max-age=327382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbcb4ce5b4ff-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6630
Expires: Sun, 15 Jan 2023 06:17:52 GMT
Date: Sun, 15 Jan 2023 04:27:22 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6630
Expires: Sun, 15 Jan 2023 06:17:52 GMT
Date: Sun, 15 Jan 2023 04:27:22 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cd9cc328fb5d6fdf8da24ff3622b7f33
6c3548099e6895b778f6b597a0e44075d57ed099
fffa94c5855965d725ed0ac13be34cb5c10b6692fc798764f50ec1347b7357e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 13:55:56 GMT
Expires: Sat, 21 Jan 2023 13:55:55 GMT
Etag: "6c3548099e6895b778f6b597a0e44075d57ed099"
Cache-Control: max-age=551912,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbcb6e57b50b-OSL
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 400de606693e6019e14dabbf397d6837
b894326e556c85ddbeb615955805fd3fc654b79a
4d333674dec9ce863404c5f6b80513e70023724f8db764fbc230ee4c2802f23f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1362
Cache-Control: max-age=125407
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c2c237-1d7"
Expires: Mon, 16 Jan 2023 15:17:29 GMT
Last-Modified: Sat, 14 Jan 2023 14:54:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
91.228.74.206302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
IP 91.228.74.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=-47OxfWNzJfg3s7B_9mAlfqOycPgi5yQ9YlcSTs3
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EFYBDQGHKM2aswA; expires=Sat, 15-Apr-2023 04:27:22 GMT; path=/; domain=.quantserve.com
mc=63c380aa-cc72d-c73d5-61f84; expires=Thu, 15-Feb-2024 04:27:22 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12751079fc17bca8630a1ea2b4334a75
0d0bb45beee28e37376cfc3de11074c6f981ff99
15b949a3524291d6c8bd8ef759d3cdb29d6fafd43f3ffba408f6aa7be7c14e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6024
x-amzn-requestid: 0c4e6a89-2fbc-42c8-ae1b-0cf608c134cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tFrJoAMFsVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-0731faff3ab762d4793376e7;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pWzVYiC2sHEVtlZzGN8FfxB1K3i14JfYzRn60x18gNP01nzlsEve9A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:46:07 GMT
age: 24075
etag: "0d0bb45beee28e37376cfc3de11074c6f981ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98b4bbbd2711ea868a79154cf2b53000
a3688a7892c5abeac934a5d0a13d4a64c359a2c3
e1565fb3b967e5aefec75f9943780da4a0de245dbc67469402de845e5b028e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3866
x-amzn-requestid: 0d1e5cba-18d2-4632-b45c-1a4db0b83228
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewIRcFg6oAMFttA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320d5-0d59bb2977949c053e99727b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DhDulNcsTyy_OdLR0kogtF8v9jkKyVlyMunJnHTdRKg4wij0xwpUKA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:30 GMT
etag: "a3688a7892c5abeac934a5d0a13d4a64c359a2c3"
content-type: image/jpeg
age: 24532
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
router.infolinks.com/dyn/apn-usync?user_id=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/apn-usync?user_id=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/apn-usync?user_id=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbcb58cefac8-OSL
X-Firefox-Spdy: h2
b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
64.74.236.31302 Found 70 B URL HTTP/1.1 b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
IP 64.74.236.31:0
File type HTML document, ASCII text
Hash 16ccc9da763aca428789e4f469fc7ff1
4a873c523b8d9bdbc30b8c48189817413a19ee7a
5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1
GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Sun, 15 Jan 2023 04:27:22 GMT
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d37a292be1cb14404731cdb3f9ab952e
088e4edbd57126bf1a04ad8971120cb4279df85a
d23e0cdda7960fb43fbc6d05f0fb2d6b6040df2dc1230dee10ab7316fe98442a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 14:15:44 GMT
Expires: Sat, 21 Jan 2023 14:15:43 GMT
Etag: "088e4edbd57126bf1a04ad8971120cb4279df85a"
Cache-Control: max-age=553100,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbcbbd06b4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 155500a4768c57ec27d1695b5e3dd912
07d7e84a66e817ab0a1a9c03fe72b29bc47c72c7
8a545f06c34653b2ac42aedcb0dbaed7307177a45020bdf195e29a1aa24853fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Last-Modified: Sun, 15 Jan 2023 02:38:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f9b18a-acad-4584-bb09-000347f67b75.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f9b18a-acad-4584-bb09-000347f67b75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63e6563cf37af474836f8d5d65cd2d0b
c2ad9366f32832bf2799f265683476713059e786
2d393d9ca4a3f4687b918bc2de654453a4fd3a5030da7322db97718905e1fbf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f9b18a-acad-4584-bb09-000347f67b75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7079
x-amzn-requestid: f8028d2a-bd1f-4b69-bec7-9c513d3b88b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etJfhESAIAMFRZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ef96-1c775bca6c8d1177720a5c0b;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 23:56:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZfTjVcVgHDg2EvAm7SHdkcWMq-r3nQYl0pUHmnN9QlxKNXePy20BUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:35:28 GMT
age: 82314
etag: "c2ad9366f32832bf2799f265683476713059e786"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
69.166.1.10302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
IP 69.166.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-150
X-Xss-Protection: 0
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=d9060ab9-47c8-41db-8530-16b5392fda8b
Server: sonobi-go
Set-Cookie: __uis=d9060ab9-47c8-41db-8530-16b5392fda8b; expires=Tue, 14 Feb 2023 04:27:22 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s85150|Y8OAr; path=/; domain=.go.sonobi.com; SameSite=None; secure
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bf7d9b668796b823c9af31c8b26c8822
aa1a6894cfc52f492bf853af4daa03c5ca80a512
8579351c5b2a8be5a0df85d0f017be844d49d8ccfef9a9f50c7035dd569e6b67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 13:57:51 GMT
Expires: Sat, 21 Jan 2023 13:57:50 GMT
Etag: "aa1a6894cfc52f492bf853af4daa03c5ca80a512"
Cache-Control: max-age=552027,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbcc0eb0b50b-OSL
router.infolinks.com/usync/manage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA
172.66.42.247200 OK 2.2 kB URL HTTP/2 router.infolinks.com/usync/manage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA
IP 172.66.42.247:0
Hash 977f81478858b8d6f44ea59bb052470f
fb29dd14dd6828fd84d36b29503831d05e248c60
89d97bf0a4d3162283b18192b26ca6dd2b68d8b12bab00c39e5655f2e7a6bd19
GET /usync/manage?pid=2028947&wsid=0&pdom=www.triflesntreasures.com&purl=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbc61801fac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
198.47.127.18200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
IP 198.47.127.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:22 GMT
content-length: 0
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 04:27:22 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKqAw2MCEIFNi2JWPJaKD2MhIOIB8yQFEgEBAQHSxGPNYwAAAAAA_eMAAA&S=AQAAAuE8BkNz97rhM4wDscY5_6Q; Expires=Mon, 15 Jan 2024 10:27:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
p.rfihub.com/cm?pub=43153&in=1
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=43153&in=1
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=43153&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 15 Jan 2023 04:27:22 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjE1twDSphYWQnyGumUBIY4GZiHB8RZpSQC-fb-2JQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 9 Feb 2024 04:27:22 GMT; Secure; SameSite=None
eud=H4sIAAAAAAAA_1slzmtoZm5sbmpmYWJkaWIBAKQZy4oQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 9 Feb 2024 04:27:22 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjE1twDSphYWQnyGumUBIY4GZiHB8RZpSQC-fb-2JQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5124322324578223588
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 06cd5906f8d849585f54d7e600f04fbb
a7f46ba7f04d8787837c47d376391bae1a96972f
3d1f8e5a87a5a009366015902740efd52cf3aab33adc0b82f2defdc2c0b391f3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120007
Date: Sun, 15 Jan 2023 04:27:22 GMT
Etag: "63c29990-1d7"
Expires: Mon, 16 Jan 2023 13:47:29 GMT
Last-Modified: Sat, 14 Jan 2023 12:01:20 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 84OZo-eHKolioprUIGZ5z9NX87Ahcr1VmF38sM5tyK80r0RrQ9_1Iw==
Age: 6369
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 80933
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bda8a71e1e7a2173911de887bcab274
a05c3182c259756d1a5327d5a133320313565fc8
b00ae81aae4e5867010548c35737058b2ccfd9a6a6e2a061c729a71d04a5a1a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2965
x-amzn-requestid: b17939c4-4838-4ec7-8459-93f88392a966
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euH1cFFaIAMFuCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c25355-4caee7f1070ed0c450f919f8;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:01:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fnUpBYZf6aDHW2v8vTN1O2N9GqPvYvbEytMf8fjkUVYzCjBCjU7grA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:46:14 GMT
etag: "a05c3182c259756d1a5327d5a133320313565fc8"
content-type: image/jpeg
age: 24069
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.1rx.io/usersync2/infolinks
213.19.147.44302 Found 471 B URL HTTP/2 sync.1rx.io/usersync2/infolinks
IP 213.19.147.44:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
GET /usersync2/infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-fef45205-6bfd-4dc9-b228-94c3ac1156d6-003%22%2C%22zdxidn%22%3A%222109%22%7D; path=/; expires=Mon, 15 Jan 2024 04:27:22 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1673756842817
etag: RXfef452056bfd4dc9b22894c3ac1156d6003
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccd9a6ee59820f0e819323256cdeebcf
4b7dc1d4fa669c62d8506add356364020c203c7b
4d55fcb90dddc5eae466cc9ce0c42b560b964e3c5c02f069f6a09695af996fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: 8ac0a8b3-b44c-4735-9c95-5d1181ba54e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: evzDbHE_IAMFukg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c2fee2-35ed118834e5a2337b0f132f;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 19:13:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: krkUG6UEh2CTA8g3mVJ2tviVDK8p00S7LdyN6mWXwQMwl9rF4nSyfg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 01:49:57 GMT
age: 9446
etag: "4b7dc1d4fa669c62d8506add356364020c203c7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7faf42637ea43ac6f0ca23f81bdf1a6b
7131978c3921b47040838e74ba862034f09f7b4d
2c105c6130a00fff88d291d46c0759d483859bd21de5c7c3511265b1506175d6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 19:14:54 GMT
Expires: Thu, 19 Jan 2023 19:14:53 GMT
Etag: "7131978c3921b47040838e74ba862034f09f7b4d"
Cache-Control: max-age=398249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbccaee0b50b-OSL
router.infolinks.com/dyn/qc-usync?&uid=-47OxfWNzJfg3s7B_9mAlfqOycPgi5yQ9YlcSTs3
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/qc-usync?&uid=-47OxfWNzJfg3s7B_9mAlfqOycPgi5yQ9YlcSTs3
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/qc-usync?&uid=-47OxfWNzJfg3s7B_9mAlfqOycPgi5yQ9YlcSTs3 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=-47OxfWNzJfg3s7B_9mAlfqOycPgi5yQ9YlcSTs3; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:22 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:22 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbcc38fffac8-OSL
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=fcd3868391c961d50dd7ba58b7fe7125
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=fcd3868391c961d50dd7ba58b7fe7125
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 8354680750a71a4c468d4e364a56eef8
acd2e278a9c0ef13554dafefe0352528d3c07076
17f2f7358e9dd62164140f3587aef2efe980a0f52327b8a902d07010378af56c
GET /en_US/sdk.js?hash=fcd3868391c961d50dd7ba58b7fe7125 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f51e682e29f52a2d6370f8af8e5f3b95
etag: "d05c459b60acb44d46f8cc39b2d9f4a5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 15 Jan 2024 03:40:17 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: g1RoB1CnGkxGjU42Slbu+A==
x-fb-debug: KK5Wr9dbK/WdGTvgOLahOOTaPxkyJq5arJIDxYjuT24Y/gNbguc0SSLxkCPedNJm3HS/M/H6F1+OwqsXGMP5Iw==
priority: u=3,i
content-length: 86954
x-fb-trip-id: 1904183273
date: Sun, 15 Jan 2023 04:27:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zmn-usync?uid=
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zmn-usync?uid=
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zmn-usync?uid= HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbcc7915fac8-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/sonobi-usync?uid=d9060ab9-47c8-41db-8530-16b5392fda8b
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/sonobi-usync?uid=d9060ab9-47c8-41db-8530-16b5392fda8b
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/sonobi-usync?uid=d9060ab9-47c8-41db-8530-16b5392fda8b HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=d9060ab9-47c8-41db-8530-16b5392fda8b; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:23 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:23 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbcc8918fac8-OSL
X-Firefox-Spdy: h2
ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
67.202.105.21204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
IP 67.202.105.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP015
date: Sun, 15 Jan 2023 04:27:22 GMT
X-Firefox-Spdy: h2
s.cpx.to/ca.png?ref=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&pid=12306&adnxs_uid=0
52.16.215.117200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?ref=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&pid=12306&adnxs_uid=0
IP 52.16.215.117:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?ref=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA&pid=12306&adnxs_uid=0 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: image/png
Date: Sun, 15 Jan 2023 04:27:23 GMT
Expires: Sun, 15 Jan 2023 04:27:23 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache, no-cache
Set-Cookie: cpSess=4e7c2919539af09; Expires=Mon, 15 Jan 2024 04:27:23 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive
router.infolinks.com/dyn/r1-usync?uid=OPTOUT
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/r1-usync?uid=OPTOUT
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/r1-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: R1USERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:23 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:23 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbcca91efac8-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/ur-usync?uid=OPTOUT
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ur-usync?uid=OPTOUT
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ur-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: URUSERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:23 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:23 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbccc924fac8-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zeta-usync?uid=5124322324578223588
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zeta-usync?uid=5124322324578223588
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zeta-usync?uid=5124322324578223588 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5124322324578223588; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:23 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:23 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbcce928fac8-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1506)
Hash 5b7f8f3b88683f1be8c3cd38c6eac34c
40ac969c50aa9e810c739114f36da64b9c0032c6
b058db00e166a46363182af58e3b632f131aa773e6721f14808c400ead7943a8
GET /pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7538
x-xss-protection: 0
date: Sat, 14 Jan 2023 18:59:22 GMT
expires: Sat, 28 Jan 2023 18:59:22 GMT
cache-control: public, max-age=1209600
age: 34081
etag: 18140588555649875417
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1569)
Hash 405113cd450d20a7a8794680fe6d9085
aa285e8e9e3a07ea817e5bbc81d36c40f3edfe40
884ddf0329fcc7c276fd337734c4454c42c4e9c8ca3ed4371d544c8c3acbdfd9
GET /pagead/js/r20230111/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8889
x-xss-protection: 0
date: Sat, 14 Jan 2023 19:03:53 GMT
expires: Sat, 28 Jan 2023 19:03:53 GMT
cache-control: public, max-age=1209600
age: 33810
etag: 3049769697470197148
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3504)
Hash e40f18060da80ec51347a32db6a47fab
b9199bd9cd65752cd17f99452a4d66a844ad01b8
1eb517784df31e4be7c639831d413ead1e59ae5f33dc767a98f9c548face5f03
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49309
date: Sun, 15 Jan 2023 04:27:23 GMT
expires: Sun, 15 Jan 2023 04:27:23 GMT
cache-control: private, max-age=3000
etag: "1673441803913192"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
34.236.103.226302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
IP 34.236.103.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:23 GMT
content-length: 0
location: https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==%26buyeruid%3D
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Mon, 15 Jan 2024 04:27:23 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e111e9eb8d0067758522e8cf7940c53c
67bd0e8fb7e2a67ccb293ba1f0a78e16cc921f29
ae5fb497c14f0567bccd1a3bdffaa69d1fdd8a4a4051818ca281cf4afa2c6b32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE5FB497C14F0567BCCD1A3BDFFAA69D1FDD8A4A4051818CA281CF4AFA2C6B32"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1806
Expires: Sun, 15 Jan 2023 04:57:29 GMT
Date: Sun, 15 Jan 2023 04:27:23 GMT
Connection: keep-alive
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 14:34:21 GMT
expires: Fri, 12 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
age: 222782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
104.16.227.72301 Moved Permanently 198 B URL HTTP/2 www.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
IP 104.16.227.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 665c8e9ab9ec5ea23a3e1fde32d28b40
7090014ebf874c0fa6df785c89e8594665fb5381
3850ee7f536acb08bbe6d1db6f267a175cf0a263c547a5264b849dfef2252c3f
GET /image/19565/L5749_100x100_Man_Cave_Quilts.JPG HTTP/1.1
Host: www.shareasale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html; charset=UTF-8
location: https://static.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 789bdbcb79050afa-OSL
X-Firefox-Spdy: h2
static.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
104.16.227.72200 OK 24 kB URL HTTP/2 static.shareasale.com/image/19565/L5749_100x100_Man_Cave_Quilts.JPG
IP 104.16.227.72:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=14, height=200, bps=0, compression=none, PhotometricIntepretation=RGB, orientation=upper-left, width=200], progressive, precision 8, 100x100, components 3\012- data
Hash 45868b7cb9179f8beb857b95bcc4b64d
37a08b9d6b09e03a852e46a183491bdab9fb93e5
e672b1623955961caffad7ea20411312472accdd4217534a1d4a549ca8edc005
GET /image/19565/L5749_100x100_Man_Cave_Quilts.JPG HTTP/1.1
Host: static.shareasale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: image/jpeg
content-length: 24232
cf-bgj: h2pri
etag: "45868b7cb9179f8beb857b95bcc4b64d"
last-modified: Mon, 13 Oct 2014 22:55:35 GMT
x-amz-id-2: SYfg9ESNe+2Adk/APcn1cWwDfuf51o6d1dPw/Pkz39FU2dgdk5sq/VXfuzxySETf3P16kmJQq18=
x-amz-meta-content-type: image/jpeg
x-amz-request-id: XGGYJBJXWYVW91MR
cf-cache-status: REVALIDATED
expires: Sun, 15 Jan 2023 04:57:23 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 789bdbccc9530afa-OSL
X-Firefox-Spdy: h2
ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=add2e511-8c0c-40c4-80e0-36a80e40f722&gdpr=&gdpr_consent=&us_privacy=
34.236.103.226302 Found 0 B URL HTTP/2 ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=add2e511-8c0c-40c4-80e0-36a80e40f722&gdpr=&gdpr_consent=&us_privacy=
IP 34.236.103.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=add2e511-8c0c-40c4-80e0-36a80e40f722&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:23 GMT
content-length: 0
location: https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
www.shareasale.com/image/47979/logo-125x125.jpg
104.16.227.72301 Moved Permanently 5.6 kB URL HTTP/2 www.shareasale.com/image/47979/logo-125x125.jpg
IP 104.16.227.72:0
Hash 1bb5e2f3f4309f2c018ba44c65d54c75
11d214936f049ac0d6a5f541042bd4faa07def7c
fed0f6f34b90c8e5d9522476b1eabce949c5ef9f09695b61c5edf3efe5781227
GET /image/47979/logo-125x125.jpg HTTP/1.1
Host: www.shareasale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 15 Jan 2023 04:27:23 GMT
content-type: text/html; charset=UTF-8
location: https://static.shareasale.com/image/47979/logo-125x125.jpg
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 789bdbcb990f0afa-OSL
X-Firefox-Spdy: h2
sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
69.166.1.10302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
IP 69.166.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag== HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 15 Jan 2023 04:27:24 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-35
X-Xss-Protection: 0
Location: https://ssp.disqus.com/match?bidder=18&buyeruid=83a62ac6-0a36-4338-9f90-5831c8f001da&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
Server: sonobi-go
Set-Cookie: __uis=83a62ac6-0a36-4338-9f90-5831c8f001da; expires=Tue, 14 Feb 2023 04:27:23 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8535|Y8OAr; path=/; domain=.go.sonobi.com; SameSite=None; secure
ssp.disqus.com/match?bidder=18&buyeruid=83a62ac6-0a36-4338-9f90-5831c8f001da&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
34.236.103.226302 Found 0 B URL HTTP/2 ssp.disqus.com/match?bidder=18&buyeruid=83a62ac6-0a36-4338-9f90-5831c8f001da&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
IP 34.236.103.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder=18&buyeruid=83a62ac6-0a36-4338-9f90-5831c8f001da&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag== HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:24 GMT
content-length: 0
location: https://router.infolinks.com/dyn/disus?uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
router.infolinks.com/dyn/disus?uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/disus?uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/disus?uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:25 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: DISUSERCOOKIE=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Domain=infolinks.com; Expires=Sat, 15-Apr-2023 04:27:24 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 15 Jan 2022 04:27:24 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789bdbd8db32fac8-OSL
X-Firefox-Spdy: h2
log.pinterest.com/?type=pidget&guid=XXUVpiHx85MD&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012
151.101.128.84200 OK 0 B URL HTTP/2 log.pinterest.com/?type=pidget&guid=XXUVpiHx85MD&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012
IP 151.101.128.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=pidget&guid=XXUVpiHx85MD&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012 HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 3
server: envoy
x-pinterest-rid: 1590671973863545
accept-ranges: bytes
date: Sun, 15 Jan 2023 04:27:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673756845.012115,VS0,VE43
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc715115d3d54cf1b08c665c03c19d7e
78f390517b89a9de3e4607cf2a0afca67c3f15a5
84703f8544d9ed6e06966bc810ad23ad0e5d756c3ac02584d25d1844ccdc56ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
216.58.211.6200 OK 38 kB URL HTTP/2 s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (32006)
Hash ed2a2650c245bec521e52d81d3d9959b
2b15b38e998a4b6b55945d1bb5b769eb9b28809b
c085a6c54d522fa8a619cd2a28294022d9b3651d9f0b8234009b1138c1993c03
GET /ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 04:27:26 GMT
expires: Sun, 15 Jan 2023 04:27:26 GMT
cache-control: public, max-age=0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc715115d3d54cf1b08c665c03c19d7e
78f390517b89a9de3e4607cf2a0afca67c3f15a5
84703f8544d9ed6e06966bc810ad23ad0e5d756c3ac02584d25d1844ccdc56ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.triflesntreasures.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 10 Jan 2023 10:03:03 GMT
Expires: Wed, 10 Jan 2024 10:03:03 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Content-Type: font/woff2
Age: 411863
resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/bubble.js
172.66.42.247200 OK 50 kB URL HTTP/2 resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/bubble.js
IP 172.66.42.247:0
Hash 68578e9eff9e00134c13b4e19f148540
9980a28b6a7dd67d1881ed67961119c05978a487
13478a65d9e0948ecd384763c74432f897029fe777d3fcded1f49a8ec3b20ce0
GET /js/1840.014-3.025.ab.1842.015-3.025/bubble.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:26 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 19:01:41 GMT
etag: W/"26f1b-5f215bf48e2ab"
cache-control: max-age=2592000
expires: Tue, 14 Feb 2023 03:56:23 GMT
via: 1.1 google
cf-cache-status: HIT
age: 1863
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bdbe29d69fac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
platform.twitter.com/js/button.94bfed7557dd68e20db6633c9bba0c38.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/js/button.94bfed7557dd68e20db6633c9bba0c38.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7891), with no line terminators
Hash a934b214caf690cc245a59c8f011c074
aff579a1f56c52be240b3fbb01ed6d739b1d64d1
754d06103a44d3861f3c32d96c8388ec4e1529a192b5d748052187124410c6b5
GET /js/button.94bfed7557dd68e20db6633c9bba0c38.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 95900
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sun, 15 Jan 2023 04:27:26 GMT
Etag: "235a7099f96de798c812f6028e24157c+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:22 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2621
resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/in_text.js
172.66.42.247200 OK 18 kB URL HTTP/2 resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/in_text.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (32034)
Hash 78e7fc8beb3f38e467406b46e40c42aa
077350dc3fca75ff2dff25f5b44d9a14d485c49e
437a01e50b45448a4c3b7f65ebd1a97817019ba5ba835f752fe34d9230af2b6d
GET /js/1840.014-3.025.ab.1842.015-3.025/in_text.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:26 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 19:01:40 GMT
etag: W/"2950-5f215bf484e37"
cache-control: max-age=2592000
expires: Tue, 14 Feb 2023 04:27:26 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bdbe3eda0fac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32034)
Hash 6ce90adc3dc35ae671e7d4d9dd43c205
f5e68c395bc7c59905d217267116a1694e261551
304540f1753f8f1d9c7d646f3d69e65646d966687d66b35efec96cefd3d65c5c
GET /widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 95898
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Jan 2023 04:27:26 GMT
Etag: "16fd6c3350b2c85cc790d536a19582da+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13752
platform.twitter.com/widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32034)
Hash 6ce90adc3dc35ae671e7d4d9dd43c205
f5e68c395bc7c59905d217267116a1694e261551
304540f1753f8f1d9c7d646f3d69e65646d966687d66b35efec96cefd3d65c5c
GET /widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 95882
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Jan 2023 04:27:26 GMT
Etag: "16fd6c3350b2c85cc790d536a19582da+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13752
resources.infolinks.com/static/skins/loader.gif
172.66.42.247200 OK 962 B URL HTTP/1.1 resources.infolinks.com/static/skins/loader.gif
IP 172.66.42.247:0
File type GIF image data, version 89a, 30 x 30\012- data
Hash d817e8fd864b84f7d546807d800588ea
6a66609f160ee1640b0d0eddd5fdd96a95a1c4ef
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
GET /static/skins/loader.gif HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:26 GMT
Content-Type: image/gif
Content-Length: 962
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: origSize=1631, status=webp_bigger
ETag: "65f-54142035d0066"
Expires: Tue, 14 Feb 2023 04:26:34 GMT
Last-Modified: Mon, 14 Nov 2016 12:31:03 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 52
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789bdbe5696ffac4-OSL
resources.infolinks.com/static/skins/loader-bg.png
172.66.42.247200 OK 902 B URL HTTP/1.1 resources.infolinks.com/static/skins/loader-bg.png
IP 172.66.42.247:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1b84dbcd389398158f5932c35a24936f
6348c5732765e6fb6a8b743fb422f862573c8a67
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
GET /static/skins/loader-bg.png HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:26 GMT
Content-Type: image/webp
Content-Length: 902
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: origFmt=png, origSize=1488
Content-Disposition: inline; filename="loader-bg.webp"
ETag: "5d0-541420359b4a6"
Expires: Tue, 14 Feb 2023 04:26:34 GMT
Last-Modified: Mon, 14 Nov 2016 12:31:03 GMT
Vary: Accept
Via: 1.1 google
CF-Cache-Status: HIT
Age: 52
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 789bdbe56cd00af6-OSL
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1673756847273%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222b959255e8896%3A1673658205745%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7684b6f9ecb4e08d92f9d0f2448425f82c0f8ba0
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1673756847273%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222b959255e8896%3A1673658205745%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7684b6f9ecb4e08d92f9d0f2448425f82c0f8ba0
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.triflesntreasures.com%2Fmy-attempt-at-blogging%2Fnovember-23rd-2012%23.Y8OAqUzLeiA%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1673756847273%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222b959255e8896%3A1673658205745%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7684b6f9ecb4e08d92f9d0f2448425f82c0f8ba0 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:26 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 15 Jan 2023 04:27:26 GMT
content-length: 43
x-transaction-id: eaf2ed70fc49f2c7
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: f0e5af39616ab4d56eeac9e53198f7dd02d02ad70cfcd6d0161ae74ad6e791e8
X-Firefox-Spdy: h2
rt3051.infolinks.com/action/dcl.htm?rid=cb540855-d4bc-4829-a2e6-a36b31b277f4&jsv=1840.014-3.025.ab.1842.015-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
172.66.41.9200 OK 0 B URL HTTP/1.1 rt3051.infolinks.com/action/dcl.htm?rid=cb540855-d4bc-4829-a2e6-a36b31b277f4&jsv=1840.014-3.025.ab.1842.015-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
IP 172.66.41.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/dcl.htm?rid=cb540855-d4bc-4829-a2e6-a36b31b277f4&jsv=1840.014-3.025.ab.1842.015-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D HTTP/1.1
Host: rt3051.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:27 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Application-Context: application:prod
Cache-Control: no-cache,no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbe56b27b51d-OSL
rt3051.infolinks.com/action/dcl.htm?rid=cb540855-d4bc-4829-a2e6-a36b31b277f4&jsv=1840.014-3.025.ab.1842.015-3.025&capara=%7B%22intag_markers%22%3A0%2C%22mode%22%3A%22default%22%2C%22clObj%22%3A%7B%7D%7D
172.66.41.9200 OK 0 B URL HTTP/1.1 rt3051.infolinks.com/action/dcl.htm?rid=cb540855-d4bc-4829-a2e6-a36b31b277f4&jsv=1840.014-3.025.ab.1842.015-3.025&capara=%7B%22intag_markers%22%3A0%2C%22mode%22%3A%22default%22%2C%22clObj%22%3A%7B%7D%7D
IP 172.66.41.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/dcl.htm?rid=cb540855-d4bc-4829-a2e6-a36b31b277f4&jsv=1840.014-3.025.ab.1842.015-3.025&capara=%7B%22intag_markers%22%3A0%2C%22mode%22%3A%22default%22%2C%22clObj%22%3A%7B%7D%7D HTTP/1.1
Host: rt3051.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 04:27:27 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Application-Context: application:prod
Cache-Control: no-cache,no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789bdbe56862b4ed-OSL
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1673386455
151.101.1.46200 OK 0 B URL HTTP/1.1 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1673386455
IP 151.101.1.46:0
GET /js/site/main-customer-accounts-site.js?buildTime=1673386455 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 159020
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 21:19:49 GMT
ETag: "63bdd675-82588"
Expires: Tue, 24 Jan 2023 21:37:07 GMT
Cache-Control: max-age=1209600
X-Host: grn9.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 04:27:20 GMT
Age: 370212
X-Served-By: cache-sjc10023-SJC, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 37, 1
X-Timer: S1673756840.132800,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
sync.1rx.io/usersync2/infolinks?zcc=1&cb=1673756842817
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/infolinks?zcc=1&cb=1673756842817
IP 213.19.147.44:0
GET /usersync2/infolinks?zcc=1&cb=1673756842817 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
52.85.49.25403 Forbidden 0 B URL HTTP/2 www.lijit.com/blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1
IP 52.85.49.25:0
GET /blog_wijits?json=0&id=trakr&uri=http%3A%2F%2Fwww.lijit.com%2Fusers%2Ftkulling&js=1 HTTP/1.1
Host: www.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 15 Jan 2023 04:27:20 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 50f8df1bd48d77c6aa66214d7e928e72.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: 0NRCYEbDiJQ_QOEFoghT0bdgJliAZw3YelO8LO7ggOpXf7e065e_Xw==
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673756842876
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673756842876
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673756842876 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
IP 31.13.72.36:0
GET /plugins/likebox.php?href=https://www.facebook.com/TriflesNTreasures&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: CPeoe7cYvDmw0wv/3dzdARN/kYahmwfTLR9lGzBfn+TyChFp7LTJW/u5abzik+eVBRG9ng+YRodq2pZhlmKIbA==
date: Sun, 15 Jan 2023 04:27:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 15 Jan 2023 04:27:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-16716ebc-22dd-4f85-9e92-74f7e61a2ce1-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Mon, 15 Jan 2024 04:27:22 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1673756842876
etag: RX16716ebc22dd4f859e9274f7e61a2ce1003
X-Firefox-Spdy: h2
developers.google.com/
142.250.74.174200 OK 0 B IP 142.250.74.174:0
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.triflesntreasures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 05 Jan 2023 21:14:48 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.535184826.1673756842; Expires=Tue, 14 Jan 2025 04:27:22 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-AGWcVo61Tp8ZDq/yIkN1zMQWqTkKnq' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: cba519e108ae800fffea9558e2226b48
vary: Accept-Encoding
date: Sun, 15 Jan 2023 04:27:22 GMT
server: Google Frontend
content-length: 25384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/intag_incontent.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/1840.014-3.025.ab.1842.015-3.025/intag_incontent.js
IP 172.66.42.247:0
GET /js/1840.014-3.025.ab.1842.015-3.025/intag_incontent.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.triflesntreasures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:27:26 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 19:01:40 GMT
etag: W/"31bf3-5f215bf485607"
cache-control: max-age=2592000
expires: Tue, 14 Feb 2023 04:17:07 GMT
via: 1.1 google
cf-cache-status: HIT
age: 619
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bdbe3eda2fac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.106:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 04:27:23 GMT
date: Sun, 15 Jan 2023 04:27:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2