Overview

URLmelvita.com.my
IP 165.160.15.20 (United States)
ASN#19574 CSC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 09:11:55 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts No alerts detected
Tags None

Domain Summary (39)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-11-30 05:44:45 UTC 142.250.74.162
stats.g.doubleclick.net (2) 96 2013-06-10 20:21:11 UTC 2022-11-30 05:00:30 UTC 74.125.131.155
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
conversionx.s3.amazonaws.com (1) 0 2014-11-29 00:16:39 UTC 2015-10-17 01:02:48 UTC 52.219.36.8 Unknown ranking
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
cdn-asset.optimonk.com (1) 52961 No data No data 194.242.11.186
youtube.com (1) 29 2016-02-25 14:52:39 UTC 2022-11-30 07:23:51 UTC 142.250.74.142
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
my.melvita.com (12) 0 2013-11-07 16:15:51 UTC 2022-08-14 09:24:39 UTC 52.157.232.11 Domain (melvita.com) ranked at: 204613
jfapiprod.optimonk.com (1) 26843 2021-03-12 18:47:28 UTC 2022-11-29 22:43:51 UTC 34.117.177.207
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
bam.eu01.nr-data.net (2) 9782 2018-05-17 12:36:00 UTC 2021-06-09 22:36:16 UTC 185.221.85.3
editor-upload-cdn.optimonk.com (1) 70645 No data No data 194.242.11.186
c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2020-05-07 03:37:17 UTC 204.79.197.200
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.38.240
platform.twitter.com (2) 597 2012-05-21 03:34:05 UTC 2020-05-03 05:23:23 UTC 151.101.244.157
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-30 04:48:28 UTC 216.58.207.228
ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.21.226
connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
apis.google.com (1) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 216.58.207.238
log.pinterest.com (1) 3464 2015-02-16 23:42:31 UTC 2020-04-15 21:05:05 UTC 151.101.192.84
c.clarity.ms (2) 803 No data No data 20.234.93.27
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
melvita.com.my (1) 0 2015-02-18 01:07:32 UTC 2021-02-02 19:53:47 UTC 165.160.15.20 Unknown ranking
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-30 04:53:34 UTC 142.250.74.40
b.clarity.ms (3) 3462 No data No data 20.75.32.255
img.melvita.com (36) 0 2012-11-12 03:02:40 UTC 2015-10-08 09:57:34 UTC 96.6.18.205 Domain (melvita.com) ranked at: 204613
assets.pinterest.com (1) 2560 2014-11-19 16:42:27 UTC 2020-05-14 16:33:09 UTC 151.101.244.84
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-30 05:08:52 UTC 142.250.74.163
js-agent.newrelic.com (1) 378 2018-06-22 04:15:37 UTC 2020-05-01 11:44:04 UTC 151.101.2.137
www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2020-02-17 10:26:03 UTC 13.107.219.53
fast.fonts.net (1) 2905 2013-07-13 04:08:03 UTC 2022-11-29 17:12:22 UTC 104.17.224.78
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
syndication.twitter.com (1) 833 2013-09-20 01:46:47 UTC 2022-11-30 04:10:19 UTC 104.244.42.8
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
front.optimonk.com (8) 24882 2014-02-26 06:47:05 UTC 2022-11-29 22:43:50 UTC 157.245.25.14
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-30 05:03:07 UTC 142.250.74.14

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 165.160.15.20
Date UQ / IDS / BL URL IP
2023-01-30 08:29:26 +0000 0 - 0 - 1 www-discovercard-com.com/ 165.160.15.20
2023-01-29 22:02:28 +0000 0 - 2 - 5 myups.biz/lgsjdhsq 165.160.15.20
2023-01-29 20:29:04 +0000 0 - 2 - 5 myups.biz/wtpo 165.160.15.20
2023-01-28 02:34:45 +0000 0 - 2 - 5 myups.biz/pfdjisnnld 165.160.15.20
2023-01-27 08:26:36 +0000 0 - 2 - 0 justanswer.cc/ 165.160.15.20


Last 5 reports on ASN: CSC
Date UQ / IDS / BL URL IP
2023-01-30 08:29:26 +0000 0 - 0 - 1 www-discovercard-com.com/ 165.160.15.20
2023-01-29 22:19:41 +0000 0 - 0 - 1 resultview.com/ 165.160.13.20
2023-01-29 22:02:28 +0000 0 - 2 - 5 myups.biz/lgsjdhsq 165.160.15.20
2023-01-29 21:27:03 +0000 0 - 2 - 5 myups.biz/jfyd 165.160.13.20
2023-01-29 20:29:04 +0000 0 - 2 - 5 myups.biz/wtpo 165.160.15.20


Last 1 reports on domain: melvita.com.my
Date UQ / IDS / BL URL IP
2022-11-30 09:11:55 +0000 0 - 0 - 0 melvita.com.my 165.160.15.20


No other reports with similar screenshot

JavaScript

Executed Scripts (67)

Executed Evals (6)
#1 JavaScript::Eval (size: 66) - SHA256: 9cc715451293c92a40fa5be14b5294f4f13f82e4f2f24c7066ba762758372263
(function() {
    var a = "2a60e4b2e74f44e08e1c735df24107c5";
    return a
})();
#2 JavaScript::Eval (size: 5) - SHA256: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
false
#3 JavaScript::Eval (size: 2604) - SHA256: 1c091a53780451a5f0b17305fcdacfb6392a17013b3b2e42dc4ee6523418efa7
;
(function(factory) {
    var registeredInModuleLoader = false;
    if (typeof define === 'function' && define.amd) {
        define(factory);
        registeredInModuleLoader = true
    }
    if (typeof exports === 'object') {
        module.exports = factory();
        registeredInModuleLoader = true
    }
    if (!registeredInModuleLoader) {
        var OldCookies = window.Cookies;
        var api = window.Cookies = factory();
        api.noConflict = function() {
            window.Cookies = OldCookies;
            return api
        }
    }
}(function() {
    function extend() {
        var i = 0;
        var result = {};
        for (; i < arguments.length; i++) {
            var attributes = arguments[i];
            for (var key in attributes) {
                result[key] = attributes[key]
            }
        }
        return result
    }

    function init(converter) {
        function api(key, value, attributes) {
            var result;
            if (typeof document === 'undefined') {
                return
            }
            if (arguments.length > 1) {
                attributes = extend({
                    path: '/'
                }, api.defaults, attributes);
                if (typeof attributes.expires === 'number') {
                    var expires = new Date();
                    expires.setMilliseconds(expires.getMilliseconds() + attributes.expires * 864e+5);
                    attributes.expires = expires
                }
                attributes.expires = attributes.expires ? attributes.expires.toUTCString() : '';
                try {
                    result = JSON.stringify(value);
                    if (/^[\{\[]/.test(result)) {
                        value = result
                    }
                } catch (e) {}
                if (!converter.write) {
                    value = encodeURIComponent(String(value)).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g, decodeURIComponent)
                } else {
                    value = converter.write(value, key)
                }
                key = encodeURIComponent(String(key));
                key = key.replace(/%(23|24|26|2B|5E|60|7C)/g, decodeURIComponent);
                key = key.replace(/[\(\)]/g, escape);
                var stringifiedAttributes = '';
                for (var attributeName in attributes) {
                    if (!attributes[attributeName]) {
                        continue
                    }
                    stringifiedAttributes += '; ' + attributeName;
                    if (attributes[attributeName] === true) {
                        continue
                    }
                    stringifiedAttributes += '=' + attributes[attributeName]
                }
                return (document.cookie = key + '=' + value + stringifiedAttributes)
            }
            if (!key) {
                result = {}
            }
            var cookies = document.cookie ? document.cookie.split('; ') : [];
            var rdecode = /(%[0-9A-Z]{2})+/g;
            var i = 0;
            for (; i < cookies.length; i++) {
                var parts = cookies[i].split('=');
                var cookie = parts.slice(1).join('=');
                if (!this.json && cookie.charAt(0) === '"') {
                    cookie = cookie.slice(1, -1)
                }
                try {
                    var name = parts[0].replace(rdecode, decodeURIComponent);
                    cookie = converter.read ? converter.read(cookie, name) : converter(cookie, name) || cookie.replace(rdecode, decodeURIComponent);
                    if (this.json) {
                        try {
                            cookie = JSON.parse(cookie)
                        } catch (e) {}
                    }
                    if (key === name) {
                        result = cookie;
                        break
                    }
                    if (!key) {
                        result[name] = cookie
                    }
                } catch (e) {}
            }
            return result
        }
        api.set = api;
        api.get = function(key) {
            return api.call(api, key)
        };
        api.getJSON = function() {
            return api.apply({
                json: true
            }, [].slice.call(arguments))
        };
        api.defaults = {};
        api.remove = function(key, attributes) {
            api(key, '', extend(attributes, {
                expires: -1
            }))
        };
        api.withConverter = init;
        return api
    }
    return init(function() {})
}));
#4 JavaScript::Eval (size: 185) - SHA256: d34d2fd63a032b8f4d9a9c06845f8bd0f8c8f77eb624faf4bb6271a6af28a381
OCMS.controls.searchform.moreResultsTranslation = "MORE RESULTS >",
    OCMS.controls.searchform.searchTranslation = "Search";
OCMS.controls.searchform.init();
#5 JavaScript::Eval (size: 30) - SHA256: 0a5254afb16848d77dcc330553243b42c06e7ddcb5d5a95ccd411ead43c40110
OCMS.ui.applyLazyLoadImages();
#6 JavaScript::Eval (size: 441) - SHA256: b16b3d744ef03c49f6d4831c8f3201b30e2f9f524fa24c2c9217b8190713c501
(function() {
    switch (document.location.hostname) {
        case "fr.melvita.com":
        case "ch.melvita.com":
        case "de.melvita.com":
        case "si.melvita.com":
        case "uk.melvita.com":
        case "hr.melvita.com":
        case "www.melvita.ru":
            var a = "UA-53198978-1";
            break;
        case "ca.melvita.com":
            a = "UA-53198978-2";
            break;
        case "jp.melvita.com":
        case "hk.melvita.com":
        case "kr.melvita.com":
        case "my.melvita.com":
        case "tw.melvita.com":
            a = "UA-53198978-3";
            break;
        default:
            a = "UA-1-1"
    }
    return a
})();

Executed Writes (0)


HTTP Transactions (131)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14464
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 09:11:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4197
Cache-Control: max-age=95365
Date: Wed, 30 Nov 2022 09:11:43 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:41:08 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 08:19:41 GMT
cache-control: public,max-age=3600
age: 3122
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12344
Expires: Wed, 30 Nov 2022 12:37:27 GMT
Date: Wed, 30 Nov 2022 09:11:43 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: jJs8YwsR744O1h4iScOfxgVeZXKb4Te/jT5HcLMP3ZbTrxg1Hr/2xreBD9NGUw/QzYwJscD8Ofo=
x-amz-request-id: 1WY2Y0XSECWXGCJ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:48 GMT
age: 1555
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: melvita.com.my
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         165.160.15.20
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 30 Nov 2022 09:11:43 GMT
Location: https://my.melvita.com
Content-Length: 0

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 09:08:56 GMT
cache-control: public,max-age=3600
age: 168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 30 Nov 2022 09:11:44 GMT
Content-Length: 96630
Connection: keep-alive
Set-Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; Path=/; SameSite=None; Secure LbStickyVm=825ce0453cad9e2beeaf3041636532f2; Path=/ datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; Max-Age=31536000; Domain=.melvita.com; Path=/; Secure; SameSite=Lax ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; path=/; HttpOnly; SameSite=Lax Webcode=; expires=Fri, 30-Dec-2022 09:11:44 GMT; path=/; secure __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d; path=/; HttpOnly
Cache-Control: private
Last-Modified: Wed, 30 Nov 2022 09:11:44 GMT
Vary: User-Agent
Server: Microsoft-IIS/10.0
X-DataDome: protected
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
access-control-allow-headers: content-type
X-Front: webxcmsprd-vm05
Content-Security-Policy: frame-ancestors 'self' *.loccitane.com *.erborian.com *.melvita.com *.loccitane.ru


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32223), with CRLF, LF line terminators
Size:   96630
Md5:    c4e77e57b1db499f602a83b7af6eb4c6
Sha1:   01b9674484cef5574e17e0c9a0085e8d1f4fada2
Sha256: a916c76c6aebcf10e0ae63223c02d1eb57bb7df3d0a915a8b01b79555a1ae1ef
                                        
                                            GET /css/fonts/Neutra/Neutra.css HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 30 Nov 2022 09:11:44 GMT
Content-Length: 297
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Fri, 14 Oct 2022 10:21:00 GMT
Accept-Ranges: bytes
ETag: "08ed1a7b6dfd81:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
access-control-allow-headers: content-type
X-Front: webxcmsprd-vm05
Content-Security-Policy: frame-ancestors 'self' *.loccitane.com *.erborian.com *.melvita.com *.loccitane.ru


--- Additional Info ---
Magic:  ASCII text
Size:   297
Md5:    c951f50e3349b05ed423dfe407bb9bbf
Sha1:   41a1c152aabb8a78244ee0b6074f6ebfcf587322
Sha256: 44be2d873eddf599a46fa35d17177c886c9394fcce064d77670e200883fc44a2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4197
Cache-Control: max-age=90300
Date: Wed, 30 Nov 2022 09:11:44 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:16:44 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/fonts/Belle/Belle.css HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 30 Nov 2022 09:11:44 GMT
Content-Length: 288
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Fri, 14 Oct 2022 10:20:56 GMT
Accept-Ranges: bytes
ETag: "0346fa5b6dfd81:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
access-control-allow-headers: content-type
X-Front: webxcmsprd-vm05
Content-Security-Policy: frame-ancestors 'self' *.loccitane.com *.erborian.com *.melvita.com *.loccitane.ru


--- Additional Info ---
Magic:  ASCII text
Size:   288
Md5:    b2ee5144eb1c2380c4b895ead3baac27
Sha1:   b8352dc4b0a62107ed36a764d2edb6630e27cb2b
Sha256: c98bb8b27ae3d5191d2bce626df1adf2299baf9f60251db584dfe258d1c458ed
                                        
                                            GET /ocms/Scripts/v1/891/js/_min/OCMS.footer.min.js?20190504001 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Fri, 14 Oct 2022 10:22:44 GMT
Accept-Ranges: bytes
ETag: "0b2cee5b6dfd81:0"
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Content-Encoding: gzip
Content-Length: 5789
MPULSE_ORIGIN_TIME: 24
MPULSE_CDN_CACHE: MISS
Cache-Control: max-age=169220
Expires: Fri, 02 Dec 2022 08:12:04 GMT
Date: Wed, 30 Nov 2022 09:11:44 GMT
Connection: keep-alive
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (24530), with no line terminators
Size:   5789
Md5:    66ebccd83a63a08b22c5806c91932686
Sha1:   a57b8d561b9eb2ffe434156a9f908765cbf9cdaa
Sha256: ee17777c92e14270f96a1218a7d4044f32d1ad17729675ad5e73fbd39157b4ef
                                        
                                            GET /ocms/Scripts/v1/891/js/OCMS.ui.floatingbag.js?20190504001 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Fri, 14 Oct 2022 10:22:44 GMT
Accept-Ranges: bytes
ETag: "0b2cee5b6dfd81:0"
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=262248
Expires: Sat, 03 Dec 2022 10:02:32 GMT
Date: Wed, 30 Nov 2022 09:11:44 GMT
Content-Length: 4564
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text
Size:   4564
Md5:    9894c386ace17da0345f8744b5a90038
Sha1:   3bd5bf9fb422902c13e1e475585968215c279c5c
Sha256: 4a731f176b1c97ea26f558def8fe29ed8702d1699bec187d1c34e009d00b0285
                                        
                                            GET /ocms/Scripts/v1/891/js/_min/OCMS.min.js?20190504001 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Fri, 14 Oct 2022 10:22:44 GMT
Accept-Ranges: bytes
ETag: "0b2cee5b6dfd81:0"
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Content-Encoding: gzip
Content-Length: 71187
Cache-Control: max-age=190698
Expires: Fri, 02 Dec 2022 14:10:02 GMT
Date: Wed, 30 Nov 2022 09:11:44 GMT
Connection: keep-alive
Vary: Accept-Encoding


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32026)
Size:   71187
Md5:    75588eabe926187180aeb2045665ca15
Sha1:   fca2fecd36d474ce1cc0696e1bd09f48cd46d134
Sha256: 8704dc1d2249f6412b1bcbeeb2cf677d4453c9efc8af63aa05249cde4b6e6b30
                                        
                                            GET /ocms/img/OCC/redesign/design/home_load.gif HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Last-Modified: Thu, 22 Sep 2022 14:11:50 GMT
Access-Control-Allow-Headers: content-type
ETag: "71a75d9fdaccd81:0"
Server: Akamai Image Manager
Content-Length: 1083
Cache-Control: private, no-transform, max-age=1315493
Expires: Thu, 15 Dec 2022 14:36:37 GMT
Date: Wed, 30 Nov 2022 09:11:44 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 31 x 31\012- data
Size:   1083
Md5:    30f42d344aadc86c7e324471982c28af
Sha1:   4357ec14a3e3cd83ff74b350bd0862d79be18aff
Sha256: 10bdc871f7db687819d0f92bbf09284d77458e20139c60817499e4c19bac2daf
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BvV3chSvgFSXi10CH1b1hA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.38.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2V8N231XMpT80xnibO0cI5/hcuk=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 09:11:44 GMT
Last-Modified: Wed, 30 Nov 2022 08:06:18 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /t/1.css?apiType=css&projectid=2045c812-79fb-4664-869b-8d8319966ea4 HTTP/1.1 
Host: fast.fonts.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.224.78
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 30 Nov 2022 09:11:44 GMT
content-length: 0
x-amz-id-2: izZWQc+SQ6/eQzfIdL6DyRmO6cIzeWEWTtA3kr81SXQLHhErasqC51RnQQlE46VqU0MOpczpuOI=
x-amz-request-id: EBAJPTQJBADK7BQV
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 381893
accept-ranges: bytes
set-cookie: __cf_bm=HUX_xCYxDtpnNSHi5Wqxy9MZ1NZ_aR0k77Fx_FMlRy0-1669799504-0-Adv85jx/X8DmfzXdT0GXl6HsEsEsZv0tKx1z4Dz1sFUkW4TnBFVcfEW6ZvBZ8PXi9eLKgBBUxydboYn3HfI9m9E=; path=/; expires=Wed, 30-Nov-22 09:41:44 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 77227519ef61b4fd-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /img/OCC/new/moreBTN.png HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 30 Nov 2022 09:11:44 GMT
Content-Length: 856
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Tue, 20 Sep 2022 10:20:41 GMT
Accept-Ranges: bytes
ETag: "dcc4eba2daccd81:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *, *
access-control-allow-headers: content-type


--- Additional Info ---
Magic:  PNG image data, 20 x 20, 8-bit/color RGBA, interlaced\012- data
Size:   856
Md5:    d00ee10150325e1b471548fc73a4c695
Sha1:   bcd1eff2ad53e0e7803501c8f2a8a77cd6dfbff3
Sha256: f93fd3bbf73fc68bc3c62fcd1e7ad931403078f70ae0dc29ffaecb8bc2a7f5b6
                                        
                                            GET /img/OCC/new/lessBTN.png HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 30 Nov 2022 09:11:44 GMT
Content-Length: 844
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Tue, 20 Sep 2022 10:20:44 GMT
Accept-Ranges: bytes
ETag: "f2706da4daccd81:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *, *
access-control-allow-headers: content-type


--- Additional Info ---
Magic:  PNG image data, 20 x 20, 8-bit/color RGBA, interlaced\012- data
Size:   844
Md5:    b9ac0274539aac11b525f0a7730e67dc
Sha1:   8bd8ed2bb1b4c7934dc17059b91780a3dfa7e63c
Sha256: 018d4cc2d80cc4b9ec7519fcaf0b9130eb92284ce77ac572594324c6aa76c47c
                                        
                                            GET /img/spacer.gif HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Tue, 20 Sep 2022 10:20:58 GMT
Accept-Ranges: bytes
ETag: "9d4cd4acdaccd81:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *, *
access-control-allow-headers: content-type


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /img/lib/mel/modules/MEL_81371.png HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 19118
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Mon, 19 Jul 2021 13:50:11 GMT
Accept-Ranges: bytes
ETag: "aaae66fea47cd71:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *, *
access-control-allow-headers: content-type


--- Additional Info ---
Magic:  PNG image data, 160 x 118, 8-bit/color RGBA, non-interlaced\012- data
Size:   19118
Md5:    b13bc47f71a14b58d666e8b400b0282a
Sha1:   874775b0e46ee022a6b968c8228271cdfc6d0d7b
Sha256: f46d896d6c264187efb3fd703fb6c88f81b6cba0958b85d82933636a5a2eee1e
                                        
                                            GET /OCMS/css/fonts/Gotham/Gotham-Book.woff HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://img.melvita.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: font/x-woff
                                        
Content-Length: 30308
Last-Modified: Fri, 14 Oct 2022 10:20:58 GMT
Accept-Ranges: bytes
ETag: "061a0a6b6dfd81:0"
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Cache-Control: max-age=166786
Expires: Fri, 02 Dec 2022 07:31:31 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 30308, version 0.0\012- data
Size:   30308
Md5:    5054121f87895e0ff5b9f5867ba926e5
Sha1:   e53e251850395eb3e535bd95b0e545b0c188feea
Sha256: 8d9a990bff5148ac02464016c7942851b3c0fb13bd4a3e67b55c27adbd976b16
                                        
                                            GET /img/lib/mel/_2013_homepage/MEL_43919.jpg HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 21412
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Wed, 15 Jul 2020 12:43:39 GMT
Accept-Ranges: bytes
ETag: "71606290a55ad61:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *, *
access-control-allow-headers: content-type


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 228x240, components 3\012- data
Size:   21412
Md5:    b7e453d832d68bebf081c5bcdf6d8a48
Sha1:   7af7a898427dde430d2de48c1e4dc88ec320b021
Sha256: 41218b0cea75112a9bb2f5ae0bdf05cca1112d5a881476e450e14aad1a42b59f
                                        
                                            GET /img/lib/mel/_2013_homepage/MEL_47660.jpg HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 53278
Connection: keep-alive
Cache-Control: max-age=604800
Last-Modified: Wed, 15 Jul 2020 12:43:03 GMT
Accept-Ranges: bytes
ETag: "a7e6247ba55ad61:0"
Server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *, *
access-control-allow-headers: content-type


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 250x240, components 3\012- data
Size:   53278
Md5:    cb9131bfc8a497ce70c0b44ac6ffb0dc
Sha1:   bc2ede0e9b7ea4e49c61de66c13f10b42d88c275
Sha256: 886626cf0768ce919f563c828133590498e362d680df5a3f3eff43107f7746d1
                                        
                                            POST /ajax/ecomBag_Ajax.aspx HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwIFV1FQARADVlFRAAEGUVc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MjY3MzkiLCJhcCI6IjMyODAxMTM0MSIsImlkIjoiMmNhMmNkMmU2YmJkNmRiMiIsInRyIjoiZTJkNGYwMGRmZjY2NDA0NTVjOWM5YTQ2ODM5Y2QxM2EiLCJ0aSI6MTY2OTc5OTUwMzk4Nn19
traceparent: 00-e2d4f00dff6640455c9c9a46839cd13a-2ca2cd2e6bbd6db2-01
tracestate: 3426739@nr=0-1-3426739-328011341-2ca2cd2e6bbd6db2----1669799503986
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 64
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 2
Connection: keep-alive
Cache-Control: private
Vary: User-Agent
Server: Microsoft-IIS/10.0
X-DataDome: protected
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://my.melvita.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
Set-Cookie: datadome=67Bk8Y-HYRioMvG1JJVAncWyBoQSdE-huk9TiyAvLaAZ3uCU1g8Wmvvkz6zfKO-SOp-5E2IwMmj3xgr-prhbVApaucWCtfRZJbk5lZkw47PQSrr8XKyPBYMpRLNknVu5; Max-Age=31536000; Domain=.melvita.com; Path=/; Secure; SameSite=Lax Webcode=; expires=Fri, 30-Dec-2022 09:11:45 GMT; path=/; secure
X-NewRelic-App-Data: PxQEVVRVDwAJR1JQBwIAVlUGBRFORDQHUjZKA1ZLVVFHDFYPHiBgMktXXQAeTF1QXwkDA1BuVgwFSRhSERYbQBxSFlIUCBoCAFUIVwhUH09VGhVSVgFbBQIHWAMCBwNfBwdVEU4AAg5DB2U=
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
access-control-allow-headers: content-type
X-Front: webxcmsprd-vm05
Content-Security-Policy: frame-ancestors 'self' *.loccitane.com *.erborian.com *.melvita.com *.loccitane.ru


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /OCMS/css/fonts/Gotham/Gotham-Bold.woff HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://img.melvita.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: font/x-woff
                                        
Content-Length: 29676
Last-Modified: Fri, 14 Oct 2022 10:20:58 GMT
Accept-Ranges: bytes
ETag: "061a0a6b6dfd81:0"
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Cache-Control: max-age=90428
Expires: Thu, 01 Dec 2022 10:18:53 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 29676, version 0.0\012- data
Size:   29676
Md5:    f9e7f330ca52e6c2234d4052ddc7b5a2
Sha1:   45f9d1cfe211d94272bb4119e6e6c47389770b33
Sha256: 410fbf303f57503df8cb8b278d623a16a46a2876e6c4e81cd0f3c9f7175f9877
                                        
                                            GET /gtm.js?id=GTM-JNSR HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 09:11:45 GMT
expires: Wed, 30 Nov 2022 09:11:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20199)
Size:   86827
Md5:    897d93d61bdf812546263db10f6095c9
Sha1:   7b920fcabb3d9eb9fe515adaf874302056fe9600
Sha256: 35d4f33199473bd9cf672d5ff00940b71e1f79bb2bec3cbee582633a7ede5b9a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/UtilsAjax.aspx?task=getCrmPeronnalisation HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwIFV1FQARADVlFRAAEGUVc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MjY3MzkiLCJhcCI6IjMyODAxMTM0MSIsImlkIjoiN2FlOTgwM2RhZjc2ZTNjMCIsInRyIjoiYjVhZGNhN2Y2YjFlYzk3YjZkNzNiNGE3MjhlZmU2ZmYiLCJ0aSI6MTY2OTc5OTUwNDEwN319
traceparent: 00-b5adca7f6b1ec97b6d73b4a728efe6ff-7ae9803daf76e3c0-01
tracestate: 3426739@nr=0-1-3426739-328011341-7ae9803daf76e3c0----1669799504107
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=67Bk8Y-HYRioMvG1JJVAncWyBoQSdE-huk9TiyAvLaAZ3uCU1g8Wmvvkz6zfKO-SOp-5E2IwMmj3xgr-prhbVApaucWCtfRZJbk5lZkw47PQSrr8XKyPBYMpRLNknVu5; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 28
Connection: keep-alive
Cache-Control: private
Vary: User-Agent
Server: Microsoft-IIS/10.0
X-DataDome: protected
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~; Max-Age=31536000; Domain=.melvita.com; Path=/; Secure; SameSite=Lax
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-NewRelic-App-Data: PxQEVVRVDwAJR1JQBwIAVlUGBRFORDQHUjZKA1ZLVVFHDFYPHiBgMktXXQAeTE1HWQgSA11QT0gFQkZLQEpTTABOCEwICwcDAlcLTRxQH0ABBlEDUFoJVVVXUFtTVwZQRh1QUg4VBj8=
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
access-control-allow-headers: content-type
X-Front: webxcmsprd-vm05
Content-Security-Policy: frame-ancestors 'self' *.loccitane.com *.erborian.com *.melvita.com *.loccitane.ru


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   28
Md5:    6b276dc227d8bfa181a107dd01cf9ecb
Sha1:   9e0d6228e412370da86c1ef2272202e910d433a8
Sha256: a0105373ab767c8218f320cae796022d67ac31e971b75d2f4cb5360f858395cb
                                        
                                            GET /ocms/img/MEL/2016/reskin/logo/logo_Malaysia.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Tue, 18 Oct 2022 07:53:48 GMT
Access-Control-Allow-Headers: content-type
ETag: "f97bafa1daccd81:0"
Server: Akamai Image Manager
X-Serial: 110
X-Check-Cacheable: YES
Content-Length: 6892
Cache-Control: private, no-transform, max-age=1216473
Expires: Wed, 14 Dec 2022 11:06:18 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 247x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6892
Md5:    56e15c36db5903f76ba35f95908544e0
Sha1:   b723bdf1fdfb1f1640f8e3afc954679502a8c612
Sha256: 5598b938509e5f8ee4286c495f3ea94d3a487bdcc315c1d002d9bf5dde2becf7
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_86287.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "e095de60b995d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 12 Jul 2022 06:34:09 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
Content-Length: 25440
Cache-Control: private, no-transform, max-age=2074465
Expires: Sat, 24 Dec 2022 09:26:10 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   25440
Md5:    02947c026a4c1eff22722fd1b7fd0c67
Sha1:   5c7500a890e620673155510ae3561b7fd4d68ebe
Sha256: aa85b9e3c2b533730f55bea47104b0032cc58527d455aea9d76b473b32d18384
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_86227.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: W/"9e74f182a58cd81:0"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 30 Jun 2022 17:19:14 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
Content-Length: 27348
Cache-Control: private, no-transform, max-age=932297
Expires: Sun, 11 Dec 2022 04:10:02 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   27348
Md5:    59b88b609290cafc9467849c00e58f82
Sha1:   65d1eaaf18c39096778bd13321101b79316633f2
Sha256: 53723b34dd9a7d799b9f5e65ea7071723314ead29dd47964b83ce51e600216dc
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_86628.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Wed, 31 Aug 2022 16:32:00 GMT
Access-Control-Allow-Headers: content-type
ETag: "6cbb9d1b57bdd81:0"
Server: Akamai Image Manager
X-Serial: 1641
X-Check-Cacheable: YES
Content-Length: 27700
Cache-Control: private, no-transform, max-age=1786620
Expires: Wed, 21 Dec 2022 01:28:45 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   27700
Md5:    9bef1e60a868636f0f59334301b71181
Sha1:   0609845942dafca950f28244ff1412adc7a11cce
Sha256: e3288c201c38aaf36006c26333478ce3f3927d18163d135a80f90c22e83a29ac
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_87150.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Tue, 01 Nov 2022 02:32:59 GMT
Access-Control-Allow-Headers: content-type
ETag: "4875277799edd81:0"
Server: Akamai Image Manager
Content-Length: 61846
Cache-Control: private, no-transform, max-age=2401926
Expires: Wed, 28 Dec 2022 04:23:51 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 2048x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   61846
Md5:    d62c0f07812a76bd693a8ab1d6a53789
Sha1:   b204e4377c89c695c31c80db2eb7c5c25faf978e
Sha256: d0bf44d792358f12ff11d55e4f469fa1f0be0b79d5d76544741fe8aff81a418c
                                        
                                            GET /OCMS/img/_ZERO/design/close_icon.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Wed, 21 Sep 2022 07:13:49 GMT
Access-Control-Allow-Headers: content-type
ETag: "40c62ea1daccd81:0"
Server: Akamai Image Manager
X-Serial: 663
X-Check-Cacheable: YES
Content-Length: 430
Cache-Control: private, no-transform, max-age=1203507
Expires: Wed, 14 Dec 2022 07:30:12 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   430
Md5:    82754e7140fb27fdd8f1da6921a213f7
Sha1:   e2328b7903c1957024de060327d5064aff3905f2
Sha256: 5390d94264b8ed3dee82eebc1f00eed0e5a202c5c2de46119fb3aab567480549
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_86225.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: W/"c95d3a70a58cd81:0"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 30 Jun 2022 17:18:43 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 830
X-Check-Cacheable: YES
Content-Length: 25998
Cache-Control: private, no-transform, max-age=1103912
Expires: Tue, 13 Dec 2022 03:50:17 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   25998
Md5:    22c66e795a9926537960a796e630ca28
Sha1:   582c839412f2a9cb7b37bd8d17d59e66554e64dd
Sha256: 678fb75945d20b70554da65b2aa03d98a62894ca9e39b17dfb15789447f9b2c6
                                        
                                            GET /OCMS/img/MEL/2016/sprite/reskin/rsk.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Tue, 20 Sep 2022 20:10:18 GMT
Access-Control-Allow-Headers: content-type
ETag: "dc73919edaccd81:0"
Server: Akamai Image Manager
Content-Length: 14528
Cache-Control: private, no-transform, max-age=1117771
Expires: Tue, 13 Dec 2022 07:41:16 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   14528
Md5:    b06659568beb46f7102095132ebbc771
Sha1:   09cad849439acd52a7652690eab1a0735efffd2f
Sha256: e540ade7c5296f1de16e5f96b5b2190ddc6797c08a9bc2f05c6e7cd67f2327c2
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:45 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 05:58:09 GMT
ETag: "87b45c98000e661aed9e9220d76e65d1a98b614e"
Last-Modified: Wed, 30 Nov 2022 05:58:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3123
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7722751eda7bb505-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    94263c5cf7bc8f8e201be776ef7c9ecc
Sha1:   87b45c98000e661aed9e9220d76e65d1a98b614e
Sha256: 211ac2fd7a45154dc2564365bae21dafbe6eaef274831e2de9e91b4cde73055b
                                        
                                            GET /mcms/img/lib/mel/_homepage/MEL_19265.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "e2cb42d2a55ad61:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:54 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
Content-Length: 114488
Cache-Control: private, no-transform, max-age=1185925
Expires: Wed, 14 Dec 2022 02:37:10 GMT
Date: Wed, 30 Nov 2022 09:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 2000x1122, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   114488
Md5:    91bb1b6a3636ee504f82556319d0fe72
Sha1:   7369cffa642699b6221139a69934ad33d55ef250
Sha256: 2deb28eda4e71d481bb7a410e5d6d412470d8d713f4a5a79ba2efc3404000dc4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "482CE9E2255DC3D66B3AAA995B6C16A3058358C82A20918C5A3F424905F057EA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14882
Expires: Wed, 30 Nov 2022 13:19:48 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive

                                        
                                            GET /OCMS/img/MEL/spacer.gif HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Last-Modified: Wed, 28 Sep 2022 03:02:27 GMT
Access-Control-Allow-Headers: content-type
ETag: "31eb2a7daccd81:0"
Server: Akamai Image Manager
X-Serial: 433
X-Check-Cacheable: YES
Content-Length: 43
Cache-Control: private, no-transform, max-age=1518894
Expires: Sat, 17 Dec 2022 23:06:40 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /ocms/img/P.aspx?l=en-MY&s=215&e=jpg&name=organic-detox-gentle-cleansing-jelly-melvita-malaysia&id=8FZ0036&v=1 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Thu, 01 Sep 2022 17:57:59 GMT
Access-Control-Allow-Headers: content-type
ETag: 8FZ0036
Server: Akamai Image Manager
Content-Length: 3794
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 07 Dec 2022 09:11:46 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 215x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   3794
Md5:    dec3f3c78e53d0505d190f3134393223
Sha1:   d3c43e47d3c9c3eb015ef2f9bba514968b2325a3
Sha256: 64bdb45c9a3bc792333b942c8dfc551693b984177542f79235ad3b2c8271db68
                                        
                                            GET /ocms/img/lib/mel/modules/MEL_79746.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "76497d366415d71:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:57 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 402
X-Check-Cacheable: YES
Content-Length: 22878
Cache-Control: private, no-transform, max-age=1226284
Expires: Wed, 14 Dec 2022 13:49:50 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   22878
Md5:    7828da6a634a88d1622a9ac3a6437725
Sha1:   bfc008e145f6bd45d9edba6f05b7c698e42f1e2e
Sha256: 93e2c1e21ecfbf805c4ba5808b70d000e184230e19e0c2bfdf0279c828929c5a
                                        
                                            POST /s/gts1d4/fCpB2InHKSU HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ocms/img/P.aspx?l=en-MY&s=215&e=jpg&name=organic-rose-extraordinary-water-melvita-malaysia&id=80H0023&v=1 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:56 GMT
Access-Control-Allow-Headers: content-type
ETag: 80H0023
Server: Akamai Image Manager
X-Serial: 1000
X-Check-Cacheable: YES
Content-Length: 3464
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 07 Dec 2022 09:11:46 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 215x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   3464
Md5:    e344eae189018b9e4f615c4e045a18e0
Sha1:   32956f6ef647e64639a357607aee1406c8f6f34d
Sha256: 6fa2890afe146ccfbe0d2b548b25b60b385742f282f5a499b174eb47526b6ad2
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_84396.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "43df45fe95d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:54 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 802
X-Check-Cacheable: YES
Content-Length: 37746
Cache-Control: private, no-transform, max-age=1103969
Expires: Tue, 13 Dec 2022 03:51:15 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   37746
Md5:    875cebdca056fbec31de2d790d156659
Sha1:   c80773827d1fd7e7d992c794835248ff4eff76b3
Sha256: 96f46dbf993affd2865d6384a0dcba52013289c49a55a13a74c11b5ffb07a429
                                        
                                            GET /ocms/img/P.aspx?l=en-MY&s=215&e=jpg&name=organic-organic-rose-scented-argan-oil-melvita-malaysia&id=82Z0069&v=1 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Tue, 02 Aug 2022 01:40:54 GMT
Access-Control-Allow-Headers: content-type
ETag: 82Z0069
Server: Akamai Image Manager
Content-Length: 7502
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 07 Dec 2022 09:11:46 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 215x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7502
Md5:    fd483f7ab2742a7819fa206b87cf9a8d
Sha1:   5bd4c3c3020a0073c3dee59de58388b2931b83f7
Sha256: a983d057979fef0d21a495fc57148e1fa4125415755191930aba566fe654225b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11526
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11526
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11526
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11526
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 39614
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    9e135c29a8769eb12ef8c26f99097400
Sha1:   87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
Sha256: ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
age: 41220
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KpgPP5VdjjU4rHaunbn3Yf-F5vLzZC7PhWu_QCF4WfuDHTqw3ufoyw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
age: 41231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3719
Md5:    ceb8e975fb408de32c43f55febaa6414
Sha1:   453067f6ab356aa87a3ad3b56e33545376597852
Sha256: e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ec2HkhHmHE2ddGBpLsJ5Rn7SCMjyR5kzaTyrguDoI9xOohgsCi08CQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 41240
etag: "639165dc66d171b8266f22cd495181427112bc80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10068
Md5:    f621857774e4b4adda95f58081644859
Sha1:   639165dc66d171b8266f22cd495181427112bc80
Sha256: 341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 23:32:45 GMT
age: 34741
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 41219
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            POST /v2/ HTTP/1.1 
Host: jfapiprod.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.melvita.com/
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Origin: https://my.melvita.com
Content-Length: 1523
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.177.207
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
access-control-allow-origin: *
content-length: 26
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
date: Wed, 30 Nov 2022 09:11:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   26
Md5:    67e51c7e14d033aa06ad22778c9c54c5
Sha1:   a0393a441dfe48b57deacba58f95ae498ae842da
Sha256: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_87465.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Thu, 24 Nov 2022 16:23:19 GMT
Access-Control-Allow-Headers: content-type
ETag: W/"1a1fcae210d91:0"
Server: Akamai Image Manager
X-Serial: 966
X-Check-Cacheable: YES
Content-Length: 42926
Cache-Control: private, no-transform, max-age=2099424
Expires: Sat, 24 Dec 2022 16:22:10 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 2048x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   42926
Md5:    37ac3408f86c6440a23f948b07fa7ba5
Sha1:   66ccde75e0ab5b883c1430a6b888995034ad8009
Sha256: 447d8368402cdb68a9839fe71a9c456382202cee9dbaa864964404c2124963b6
                                        
                                            POST /s/gts1d4/fCpB2InHKSU HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107297
Date: Wed, 30 Nov 2022 09:11:46 GMT
Etag: "63860dd6-1d7"
Expires: Thu, 01 Dec 2022 15:00:03 GMT
Last-Modified: Tue, 29 Nov 2022 13:49:10 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MZnm4hGKmHe6n5J_s-yS2NUiHD8BoHxJQAmc-PPA5eq8V-m_5aIs7w==
Age: 4253

                                        
                                            GET /ocms/img/lib/mel/modules/MEL_84906.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "d39ae1a7a2dd81:0"
Access-Control-Allow-Origin: *
Last-Modified: Mon, 23 May 2022 06:37:48 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 1444
X-Check-Cacheable: YES
Content-Length: 18622
Cache-Control: private, no-transform, max-age=2319251
Expires: Tue, 27 Dec 2022 05:25:57 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   18622
Md5:    a0a947ad41eb5be7d4812765c0facc07
Sha1:   06a9c315ab5c96c6ebb0f875531c7841f870f0a0
Sha256: 24426e9f246389f79f8bf3297ce8f39b58e89aff60585a569e58fc486288512e
                                        
                                            GET /ocms/img/P.aspx?l=en-MY&s=215&e=jpg&name=organic-nectar-pur-purifying-sos-roll-on-melvita-malaysia&id=8XZ0009&v=1 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:57 GMT
Access-Control-Allow-Headers: content-type
ETag: 8XZ0009
Server: Akamai Image Manager
X-Serial: 1849
X-Check-Cacheable: YES
Content-Length: 9136
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 07 Dec 2022 09:11:46 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 215x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   9136
Md5:    072f33a1ea9facc0821e6d45902f4fa3
Sha1:   449281f4f6c904c286247446323dcffac1ad5252
Sha256: e9544f296a2b8420834a29d00f23d217516473d9cf50a48d3e02a62d23f52371
                                        
                                            GET /ocms/img/lib/mel/modules/MEL_86234.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "baca13d91c8dd81:0"
Access-Control-Allow-Origin: *
Last-Modified: Fri, 01 Jul 2022 08:03:04 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
Content-Length: 46404
Cache-Control: private, no-transform, max-age=1145021
Expires: Tue, 13 Dec 2022 15:15:27 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   46404
Md5:    d4f5447b775300559fabdc3ee6f6f1e8
Sha1:   cc97ef61d815f946fc64e6fbe2e4bca786ca7985
Sha256: 5b7deee209d550d9aa4a70f3c1e1e0e7fa29dabe197e5ae955aa42988dfed88c
                                        
                                            GET /OCMS/img/_ZERO/design/sprite_social_media.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "0b6f6a4b019d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:54:00 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
Content-Length: 6778
Cache-Control: private, no-transform, max-age=1100046
Expires: Tue, 13 Dec 2022 02:45:52 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6778
Md5:    9b32a66fac26ac2a93254a2beea4f513
Sha1:   d265186e7618b6e6dc03b0fd64192d41723a3eed
Sha256: 5f14dbbbb871493df265fb8f7ee30511049801868255834c2e79d31395c55702
                                        
                                            GET /OCMS/img/MEL/redesign/design/pipe.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Thu, 22 Sep 2022 14:15:19 GMT
Access-Control-Allow-Headers: content-type
ETag: "d6952a5daccd81:0"
Server: Akamai Image Manager
Content-Length: 58
Cache-Control: private, no-transform, max-age=1263598
Expires: Thu, 15 Dec 2022 00:11:44 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   58
Md5:    d1640d604e547c68b6202177018e6b81
Sha1:   f31f1421b70a1524544d797d3776509b9c1072a5
Sha256: 96ae1b53315229a95230ab103ed373600059fb270d21a99cdcd09b26848d61e0
                                        
                                            GET /ocms/img/lib/mel/modules/MEL_78905.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Sat, 27 Aug 2022 01:30:57 GMT
Access-Control-Allow-Headers: content-type
ETag: "c31b656ed8dfd61:0"
Server: Akamai Image Manager
Content-Length: 19822
Cache-Control: private, no-transform, max-age=1192296
Expires: Wed, 14 Dec 2022 04:23:22 GMT
Date: Wed, 30 Nov 2022 09:11:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   19822
Md5:    bd75d696eb870adc349156aafeec00e7
Sha1:   cbe07c2b3b0b0ca78f18d541687c6049199726b0
Sha256: 369a591d7cb079882a8ef8a546d02bc8615bfb4511a63471b62ab7784276358a
                                        
                                            GET /53b6804e168e292783000001.js?1669799504514 HTTP/1.1 
Host: conversionx.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.219.36.8
HTTP/1.1 403 Forbidden
Content-Type: application/xml
                                        
x-amz-request-id: DVTQN5AQWSGE8MNB
x-amz-id-2: f3xJlzSBl9/EpADtnckb4YEDTTj5luFwFYQvEfnkas0RRV84NgpIsOwYlB9pO8Lf+eZPIxnS57k=
Transfer-Encoding: chunked
Date: Wed, 30 Nov 2022 09:11:46 GMT
Server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   243
Md5:    75b9a14c22d9a1bc1fb862096dc02ef0
Sha1:   d7617ab3ccdb7fe07f34b24eb6feb387d7ffe8b1
Sha256: ad8e6e78b170897ae86be91e7325df0d8897e1141ad989755997c72965cb5c74
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2985FA76D3071BA0B2A036245BF7EE2E9B62B0260F06573642EE53BE2971D350"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1876
Expires: Wed, 30 Nov 2022 09:43:03 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive

                                        
                                            GET /public/125015/js/preload.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:45 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: public, max-age=1350
etag: W/"12b7-iT1mZaigpsbV5c2P/HGwEHy5HyU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   52000
Md5:    76fa3465e9f2819fa0426b7a04906c7d
Sha1:   dace68637b51cea6171b23017d089f7788f1f8ee
Sha256: 7ce91532fd1923b02b4aa9f9c6c13531a42c16342c94a0cf7a9634680391dfa9
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_85541.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "8a701e961c56d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 17 May 2022 07:04:21 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 344
X-Check-Cacheable: YES
Content-Length: 10028
Cache-Control: private, no-transform, max-age=1798382
Expires: Wed, 21 Dec 2022 04:44:49 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 228x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   10028
Md5:    be93b5c5503d1e5a670f494e10e702aa
Sha1:   25718ad706bb5851186450b6241623a4b8cdd737
Sha256: 10b0f6549b7ad4e1e33c215f32e33e4c2a235d042158d8a8ea769216923aac16
                                        
                                            GET /OCMS/img/MEL/2016/reskin/rate_sprite.png HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.melvita.com/ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Last-Modified: Sun, 16 Oct 2022 04:11:08 GMT
Access-Control-Allow-Headers: content-type
ETag: "c15e2aadaccd81:0"
Server: Akamai Image Manager
X-Serial: 1254
X-Check-Cacheable: YES
Content-Length: 3705
Cache-Control: private, no-transform, max-age=1018976
Expires: Mon, 12 Dec 2022 04:14:43 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 75 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size:   3705
Md5:    1c87de630f8a3878834c428ecf968d80
Sha1:   be3ab9ebfd874f8b8e60b137a7e5419933169e57
Sha256: 6b40b7298b19597b239c4a273ba33dbd132486fb9bb1650e2f9790e910561254
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_85540.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "43659841c56d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:52 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 974
X-Check-Cacheable: YES
Content-Length: 13988
Cache-Control: private, no-transform, max-age=1247053
Expires: Wed, 14 Dec 2022 19:36:00 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 228x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   13988
Md5:    bc73ad9c426ba4edf5216b22ff1537c0
Sha1:   dea9ff0e4686842a0162812591d47fc73b26fb9d
Sha256: 529f02a1cb3e5e5db97a5f754da0dbc6a86d083413918cf1a74dc7a419fd697c
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_85542.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "93f4519f1c56d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:52 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 1943
X-Check-Cacheable: YES
Content-Length: 16908
Cache-Control: private, no-transform, max-age=1227087
Expires: Wed, 14 Dec 2022 14:03:14 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 228x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   16908
Md5:    61930813ce9621300e72358a5875a994
Sha1:   6d2b115de6bfbc3cea01e31ec87ed978862c254d
Sha256: 8b533f1f9f7d8da167af1a0ed3b64f7b582c6a443e478c1489935dd9dff64768
                                        
                                            GET /mcms/img/lib/mel/modules/MEL_85543.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
ETag: "4d2750a61c56d81:0"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 10 May 2022 13:53:53 GMT
Access-Control-Allow-Headers: content-type
Server: Akamai Image Manager
X-Serial: 362
X-Check-Cacheable: YES
Content-Length: 19084
Cache-Control: private, no-transform, max-age=1293284
Expires: Thu, 15 Dec 2022 08:26:31 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 228x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   19084
Md5:    858eb8e14765f97b3b3aed4521fb1beb
Sha1:   58031e1a40da5fd3dda10b3a655180cf43cfd04a
Sha256: 3fab9439287be07b000e3b4221f3c2e4d785df591481ccb08b0c746dcc1b5084
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4215
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 09:11:47 GMT
Last-Modified: Wed, 30 Nov 2022 08:01:32 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4215
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 09:11:47 GMT
Last-Modified: Wed, 30 Nov 2022 08:01:32 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: my.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: LbStickyVmCORS=825ce0453cad9e2beeaf3041636532f2; LbStickyVm=825ce0453cad9e2beeaf3041636532f2; datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~; ASP.NET_SessionId=kgpaldbbpb2zoo5h1sbpqyyf; Webcode=; __AntiXsrfToken=8ccb02a7f7a6475ca20d986c8e4bb61d; optiMonkClientId=c56eefa2-2566-16ef-6b4f-059a507da3c2; ua55customVars={}; optiMonkClient=N4IgjATArADGUgFygMYEMmghTI0oBckYAaPAB3OLJQCckQA2AZigDNmAjCNKAUwAmfNMxgwIAFjAAOGIxR8QZAHYB7AcQC+msmwBuSMI0YBOAOwmTsRmQA2BxEdMWrclavIOw2oA; optiMonkSession=1669799505
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.157.232.11
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Content-Length: 894
Connection: keep-alive
Cache-Control: private
Expires: Sat, 29 Apr 2023 09:11:47 GMT
Server: Microsoft-IIS/10.0
X-DataDome: protected
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=3kfQqc8fGtmM2V~4GdZIXGY7G-kU95yqop1C_YnqjPO1On9dBbI5H2XeKW_IcwIaBxDTvScQnkQgGXpIq2wQ74Q-KJP6mVmNYZblYZ0oX5L7EROwm21zErv6tZxqPNBO; Max-Age=31536000; Domain=.melvita.com; Path=/; Secure; SameSite=Lax
p3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
access-control-allow-headers: content-type
X-Front: webxcmsprd-vm05
Content-Security-Policy: frame-ancestors 'self' *.loccitane.com *.erborian.com *.melvita.com *.loccitane.ru


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size:   894
Md5:    512df6af19060acac7aa7409ad237e74
Sha1:   c2c22fda479f686d4d45dde25427319ddb21a5c9
Sha256: 03ae3f5351f48b59dbcf7c5c2f188f9f471c8d39e7a7963d3420371273d19212
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.14
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 08:46:55 GMT
expires: Wed, 30 Nov 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 1492
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /en_US/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b8245c48499f8cfb0bce743e37500a41
etag: "dd12d2f8da85ce350bb2d5d60216ccab"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Nov 2022 09:26:16 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 11VVv3ZiR5FyYpUU+1Zy3Q==
x-fb-debug: JUm8OV6NrHsoOZdg/4xJAkOFkDVcki0KyEQ86pb3D9pXV3mb7/5vkJ+UQuwgbLPtw2v+aSIPSwrhgI2j2+ul6A==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 09:11:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1685
Md5:    d75555bf7662479172629514fb5672dd
Sha1:   57b5245e9daaa573ed67ecbc075001ff1a2212c1
Sha256: 6088126c364cacef21a84980b4e8a70ca408d88a22aadddec7e57b3397b49324
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/pinit.js HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.244.84
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
etag: "62d32c28f14783b94192cd8d35bc010d"
content-encoding: br
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Wed, 30 Nov 2022 09:11:47 GMT
content-length: 203
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (361), with no line terminators
Size:   203
Md5:    62d32c28f14783b94192cd8d35bc010d
Sha1:   78c1ba11e104bbd01a07225d0f8c41d7712094d4
Sha256: e823b68f75484d37c74ebb652e2a5b183a1b65c43f1592985e519a8cabc44b2e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.244.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Wed, 02 Nov 2022 19:43:37 GMT
cache-control: public, max-age=1800
etag: "6633f9603c759c40d9b200995454f17c+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Wed, 30 Nov 2022 09:11:47 GMT
x-served-by: cache-iad-kcgs7200106-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 29221
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33915)
Size:   29221
Md5:    2df2f01e0c50f93a363cd2121f336b8e
Sha1:   f2c4d94859575123d0b1056f0338982eb094c60f
Sha256: 2cf6d15fc44a8c4387114a5a20174ae75515d43840cde361e64bf1a75e676585
                                        
                                            GET /pagead/viewthroughconversion/967744467/?random=1669799504498&cv=11&fst=1669799504498&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmy.melvita.com%2F&tiba=Organic%20and%20clean%20beauty%20care%20from%20France%7CMelvita%20Malaysia&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 09:11:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 893
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 09:26:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1883), with no line terminators
Size:   893
Md5:    40dbcfdd7076dc4777a0bf0977b2047e
Sha1:   2f8b98fe3004b4dc16a327c77fd10ab4980cb362
Sha256: aa9d4ba435235db216d6d7a67ac6a362cfa9263ba69fae5897180ec3c3fa1bd4
                                        
                                            GET /load.esm/load.361a3f06.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:46 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"38072-PZqfvf0nI8Ilxwx/gU8vWaF1t+0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.238
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 30 Nov 2022 09:11:47 GMT
expires: Wed, 30 Nov 2022 09:11:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3143
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 09:11:47 GMT
Last-Modified: Wed, 30 Nov 2022 08:19:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ocms/img/lib/mel/modules/MEL_85654.jpg HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=5NHIQ8BNrxklmyKyincyVJvAHMu7Wz4WAZEbZw63dhWiSwFecWN7dNX2-r2yCblfySLSbRrjv9vpsv_GTV-PHNpA8bks3exz9kpvF64bY1BJct~G_E7boI7vZzX2oQe~
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Access-Control-Allow-Origin: *
Last-Modified: Sat, 15 Oct 2022 14:48:42 GMT
Access-Control-Allow-Headers: content-type
ETag: "92f445886b5cd81:0"
Server: Akamai Image Manager
Content-Length: 26338
Cache-Control: private, no-transform, max-age=1000705
Expires: Sun, 11 Dec 2022 23:10:12 GMT
Date: Wed, 30 Nov 2022 09:11:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   26338
Md5:    f5c9a15c7fc3322d91c41b51f45cc41a
Sha1:   e5a7bb1226508172d7910760c59f2ea7f7c27e31
Sha256: a16c78472fe5a619bcd591264572e217561e984684d5e63d25ab31efb0d23446
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62825739-1&cid=909145918.1669799506&jid=772570790&gjid=390157802&_gid=1331053577.1669799506&_u=YGBAgAABAAAAAE~&z=2088105842 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         74.125.131.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://my.melvita.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 09:11:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53198978-3&cid=909145918.1669799506&jid=113900304&gjid=1892115807&_gid=883772534.1669799506&_u=YGhAgAABAAAAAEAAM~&z=35301429 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         74.125.131.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://my.melvita.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 09:11:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fmy.melvita.com HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.244.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
last-modified: Wed, 02 Nov 2022 19:36:59 GMT
cache-control: public, max-age=315360000
etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Wed, 30 Nov 2022 09:11:47 GMT
x-served-by: cache-iad-kiad7000167-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105445
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size:   105445
Md5:    2c908e4df66c813c91eb41dd02376079
Sha1:   29df916bd525b6e273f6a62adb7d6df80789edfb
Sha256: 767b670476dae60cf2ddfda9bf3695fd9be641e1a338564b0d23b80cedaed567
                                        
                                            GET /en_US/sdk.js?hash=04eccbf61bd6ab3521ec97dd49d2141b HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ebe6510c5ec7781db1dce3845d7370dc
etag: "59ce2f71bbd66586f586ea340eb75aa7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 30 Nov 2023 05:31:12 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Iq7guIaH3wBTXPgMZNmcgg==
x-fb-debug: ozRaOOFaTh9YUuVpEDzcPPjBaymfjMS76MLFty6PtRMCI+xs/2mhChLbu5m11N0AYpk44EKGP2DQN1+p2YOBLQ==
content-length: 88354
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 09:11:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18530)
Size:   88354
Md5:    22aee0b88687df00535cf80c64d99c82
Sha1:   319256ad5de7d46697ff5f58fe8a63c858f299c7
Sha256: 4dc4465346ffecdafa83f690b1a8c1e0c0214898ce37217507a1ad3f6938e786
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/967744467/?random=1669799504498&cv=11&fst=1669798800000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmy.melvita.com%2F&tiba=Organic%20and%20clean%20beauty%20care%20from%20France%7CMelvita%20Malaysia&fmt=3&is_vtc=1&random=1611852930&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 09:11:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/967744467/?random=1669799504498&cv=11&fst=1669798800000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmy.melvita.com%2F&tiba=Organic%20and%20clean%20beauty%20care%20from%20France%7CMelvita%20Malaysia&fmt=3&is_vtc=1&random=1611852930&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.228
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 09:11:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4192
Cache-Control: max-age=162270
Date: Wed, 30 Nov 2022 09:11:47 GMT
Etag: "6386e4d1-139"
Expires: Fri, 02 Dec 2022 06:16:17 GMT
Last-Modified: Wed, 30 Nov 2022 05:06:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /x/oauth/status?client_id=384812148242929&input_token&origin=1&redirect_uri=https%3A%2F%2Fmy.melvita.com%2F&sdk=joey&wants_cookie_data=true HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.melvita.com/
Origin: https://my.melvita.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://my.melvita.com
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: nozWu87W/2pzdNiJb8qDp9xTChMoYIlQ9wQj/8wCZ/n5uhQ5sJe5MhW/PLpmRF9CveIfnsCx/bfbnFWGD59RNA==
content-length: 0
date: Wed, 30 Nov 2022 09:11:48 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /load.esm/videoFactory.d9b6d53e.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://front.optimonk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:46 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"ab-7+puoeInCgrrEYILjxVDJpCdVEA"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9180
Md5:    f58fbceb31a26c3f1ec96d5ece39f23b
Sha1:   6c7b5e9c16deb7c3d002ce2cb1598b55c32a0774
Sha256: 768605dbad737f3b3c5ce0811f236d22c49dd7245137eb7515bb7f39fb9aa51f
                                        
                                            GET /settings?session_id=50969500a76dad36a60fc48c3fc2d2741d5feac4 HTTP/1.1 
Host: syndication.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         104.244.42.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 30 Nov 2022 09:11:47 GMT
perf: 7626143928
vary: Origin
server: tsa_o
cache-control: must-revalidate, max-age=600
last-modified: Wed, 30 Nov 2022 09:11:47 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: 705b9fccc78809a0
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: 24bafff30fe6b4fdd3b4867256165a2fcfdf8df2af42e328e60593eee8a2ba7f
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Size:   374
Md5:    925c2a7587f39436ea29513221652474
Sha1:   695b7f2f3d99f407bcdfd0b372db0e28193cc60c
Sha256: 62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
                                        
                                            GET /vendor/jquery.min-1.11.3.js HTTP/1.1 
Host: cdn-asset.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         194.242.11.186
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 09:11:48 GMT
server: BunnyCDN-NO1-830
cdn-pullzone: 580384
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"176fb-2scev5RBeC7wlWTeBrWzanN+QSc"
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/24/2022 19:27:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 32694f64d1af6337e9707eb6ef87e3c1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32038)
Size:   36504
Md5:    f9a7723c63722417032bd6ebc38898d5
Sha1:   6947b9a0f103e60660261ab4127f213aa74d38f2
Sha256: 08d3d1eb42496c5a2df4e8b345b06ea5098b9551aada75cc3f370fd4bccd9767
                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 681
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         20.75.32.255
HTTP/2 204 No Content
                                        
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://my.melvita.com
access-control-allow-credentials: true
date: Wed, 30 Nov 2022 09:11:47 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /load.esm/ScratchCard.43b9d2fa.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://front.optimonk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:48 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"269c-/92Tv2PSHMPfTdvUJEYwHYWqHxg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13953
Md5:    60c61e0922903646819c37116482a867
Sha1:   15113c9a2e0e52e2d7ddd44216089cda09bad2b6
Sha256: 9cfce0380217a788a0ba6870a64decd6ad6e190e056f3945abfda839d03c122b
                                        
                                            GET /userImages/125015/62bdb6a1e26c980023ab7647/GiftB%20Box%20Close_1657008736170.png HTTP/1.1 
Host: editor-upload-cdn.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 30 Nov 2022 09:11:48 GMT
content-length: 97512
server: BunnyCDN-NO1-830
cdn-pullzone: 573677
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
last-modified: Wed, 30 Nov 2022 09:11:48 GMT
x-bo-server: DE-186
x-downloadsize: 294191
x-bo-origindownloadtime: 294
x-bo-processingtime: 10
x-bo-compressionratio: 66.85%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/30/2022 09:11:48
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6e0b736545c53cd26fd0676a0784ebb9
cdn-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   97512
Md5:    522a4dbe2d7cfb439976b7b4e7eff5e3
Sha1:   2f2e39a83e13634b839f14e25959fa8495ae41f6
Sha256: 8cc7cbcb1099f03b86431d7b195cf3ae7f8552e2bf9a6dd008af9d88a2fb9578
                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 184115
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         20.75.32.255
HTTP/2 204 No Content
                                        
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://my.melvita.com
access-control-allow-credentials: true
date: Wed, 30 Nov 2022 09:11:48 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /?type=pidget&guid=KQz_kS2kAY0c&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fmy.melvita.com%2F&viaSrc=canonical HTTP/1.1 
Host: log.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.192.84
HTTP/2 200 OK
                                        
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 0
server: envoy
x-pinterest-rid: 4787591958542782
accept-ranges: bytes
date: Wed, 30 Nov 2022 09:11:48 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669799509.880700,VS0,VE41
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.2.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 09:11:48 GMT
via: 1.1 varnish
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 1216
x-timer: S1669799509.970378,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 09:11:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /iframe_api HTTP/1.1 
Host: youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.142
HTTP/2 301 Moved Permanently
content-type: application/binary
                                        
x-content-type-options: nosniff
expires: Wed, 30 Nov 2022 09:11:49 GMT
date: Wed, 30 Nov 2022 09:11:49 GMT
cache-control: private, max-age=31536000
location: https://www.youtube.com/iframe_api
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
set-cookie: CONSENT=PENDING+960; expires=Fri, 29-Nov-2024 09:11:49 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         20.234.93.27
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=F490CC1D3EAE4E13AB8A299D07CE637E&RedC=c.clarity.ms&MXFR=0F4E15554A9E6C68244007394E9E6224
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=0F4E15554A9E6C68244007394E9E6224; domain=.clarity.ms; expires=Mon, 25-Dec-2023 09:11:49 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 30 Nov 2022 09:11:48 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=F490CC1D3EAE4E13AB8A299D07CE637E&RedC=c.clarity.ms&MXFR=0F4E15554A9E6C68244007394E9E6224 HTTP/1.1 
Host: c.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.melvita.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         204.79.197.200
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=F490CC1D3EAE4E13AB8A299D07CE637E&MUID=1AE915ABB70E66CC203307C7B6FB678F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1AE915ABB70E66CC203307C7B6FB678F; domain=c.bing.com; expires=Mon, 25-Dec-2023 09:11:49 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A453AB40AE0E41019CBB574B78CB4C6E Ref B: OSL30EDGE0512 Ref C: 2022-11-30T09:11:49Z
date: Wed, 30 Nov 2022 09:11:49 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=F490CC1D3EAE4E13AB8A299D07CE637E&MUID=1AE915ABB70E66CC203307C7B6FB678F HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.melvita.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 30-Nov-2022 09:21:49 GMT; path=/; SameSite=None; Secure;
date: Wed, 30 Nov 2022 09:11:48 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4088
Cache-Control: max-age=121886
Date: Wed, 30 Nov 2022 09:11:50 GMT
Etag: "6386477c-1d7"
Expires: Thu, 01 Dec 2022 19:03:16 GMT
Last-Modified: Tue, 29 Nov 2022 17:55:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1/NRJS-9f2b2437a322bd9d57d?a=320370173&v=1216.487a282&to=MhBSZQoZWRYDBUAPDgtacWIoV1MABAdBChVLFENBAA%3D%3D&rst=5472&ck=1&ref=https://my.melvita.com/&ap=53&be=918&fe=5399&dc=1671&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669799502412,%22n%22:0,%22f%22:539,%22dn%22:541,%22dne%22:605,%22c%22:606,%22s%22:633,%22ce%22:698,%22rq%22:698,%22rp%22:825,%22rpe%22:877,%22dl%22:895,%22di%22:1601,%22ds%22:1671,%22de%22:1714,%22dc%22:5394,%22l%22:5397,%22le%22:5429%7D,%22navigation%22:%7B%7D%7D&fcp=1661&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.eu01.nr-data.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.221.85.3
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 30 Nov 2022 09:11:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7722753a3d400a18-ARN
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=6553f4b8cd990fd8; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhCD1qCbeRga24%2Bp%2FKnEws%2Fqy8TSYmRxEqWqz8XJ%2FYOw6%2FdWjv%2BOj1s%2F8Ujv8EqeXjjUNQrZh8vOyYK%2FXXNIibL2xLWfekFXUBYLUL3tTjhPKUiqZMn4Ya6Tm4CMLXuZkGIK0R47"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST /events/1/NRJS-9f2b2437a322bd9d57d?a=320370173&v=1216.487a282&to=MhBSZQoZWRYDBUAPDgtacWIoV1MABAdBChVLFENBAA%3D%3D&rst=6651&ck=1&ref=https://my.melvita.com/ HTTP/1.1 
Host: bam.eu01.nr-data.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 774
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.221.85.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 30 Nov 2022 09:11:50 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 7722753abdb00a18-ARN
Access-Control-Allow-Origin: https://my.melvita.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
x-envoy-upstream-service-time: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrnVwsf%2BJ5a2F1eAMcU05DPmd1mTzkHBJZ8Q48TfdrPKrc39p503oxwXXoL2hjhpgF3H1p5e4Fo2zF53aJ16A%2B%2FrLo2eDhLGtUq2JwfETvMDg2U0NgORWZsdE7b9oJfPTct%2BbYwf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 14901
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         20.75.32.255
HTTP/2 204 No Content
                                        
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://my.melvita.com
access-control-allow-credentials: true
date: Wed, 30 Nov 2022 09:11:50 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /eus2/s/0.6.43/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.219.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0GmSGYwAAAACHRRFoD7tZTpidn8SozRtNQU1TMDRFREdFMTkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0Ux6HYwAAAACxY+IcWggVSadirj91GqUgT1NMMjMxMDUwMjAzMDA3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 30 Nov 2022 09:11:47 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /load.esm/subscriptionFactory.87bab6a9.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://front.optimonk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:46 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"2e6-8D7hzFx4B1uplmFCdiBxehqiL4k"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /load.esm/canvasConfetti.min.e617b372.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://front.optimonk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:48 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"f72-I8hAvSMD4NXuwmXaX7VngPy/kGs"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ocms/Scripts/v1/891/css/cdn/MEL/MCMS.css?20190504001 HTTP/1.1 
Host: img.melvita.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Cookie: datadome=7irmmM9sfjqP7fDN_R~tevvYFpiuk7sSnBwtzV5O__Ak_D9TlYURBcb1FYXrftVbqY7SGVEvBSPvQaT~pxsNPfL8AYFxGDMXBi-8yc9uB6PAG7pJCyMlVK-jpINOhIt_
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         96.6.18.205
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Fri, 14 Oct 2022 10:22:42 GMT
Accept-Ranges: bytes
ETag: "0859de4b6dfd81:0"
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=90395
Expires: Thu, 01 Dec 2022 10:18:19 GMT
Date: Wed, 30 Nov 2022 09:11:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding


--- Additional Info ---
                                        
                                            GET /tag/btmedq21vt?ref=gtm HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.melvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.219.53
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=9255f3ebf4084b018300dc39fde361d6.20221130.20231130; expires=Thu, 30 Nov 2023 09:11:47 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0Ux6HYwAAAABXdOGgKyuYSaQZDz4F2WxPT1NMMjMxMDUwMjAzMDA3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 30 Nov 2022 09:11:47 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /load.esm/Teaser.a37f02c5.js HTTP/1.1 
Host: front.optimonk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.melvita.com
Connection: keep-alive
Referer: https://front.optimonk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.245.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 09:11:48 GMT