click.setpointsolution.com/7ad529f1-17ea-419b-8417-5bce2937d1bc?email=sanders@slurpmail.net&subscriber_id=830999&message_id=1258&version_id=1662
18.193.209.105302 0 B URL HTTP/1.1 click.setpointsolution.com/7ad529f1-17ea-419b-8417-5bce2937d1bc?email=sanders@slurpmail.net&subscriber_id=830999&message_id=1258&version_id=1662
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7ad529f1-17ea-419b-8417-5bce2937d1bc?email=sanders@slurpmail.net&subscriber_id=830999&message_id=1258&version_id=1662 HTTP/1.1
Host: click.setpointsolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Tue, 31 Jan 2023 14:30:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://hop.clickbank.net/?affiliate=sane42&vendor=slimcrysta&op=vsl&tid=wcpk1hcaas2u9u9mi8tjps6m
Pragma: no-cache
Set-Cookie: 7ad529f1-17ea-419b-8417-5bce2937d1bc-v4=L1tA-aq8RnC3Aiw9zkYEI5aC7AH54jibTeh6ybrY3wo; Max-Age=86400; Expires=Wed, 01-Feb-2023 14:30:30 GMT; Domain=click.setpointsolution.com; Path=/; HttpOnly
cc-v4=qHTRKMRsaYAoQiFTO%2BVXXiTdTq2%2B7wtacY7Q7fd0cdmwziZOhuOFPiOUrNJdaIXi3AK5ufI8e1xufWJTXsA4pUlexv%2FmOgs2Ebx2tXmYKeGF5Dpbz%2B86NTmqup%2FryQmJ%2FxxNnN%2BTSjaNB%2BkCEaPEpg%3D%3D; Max-Age=31536000; Expires=Wed, 31-Jan-2024 14:30:30 GMT; Domain=click.setpointsolution.com; Path=/; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4356
Expires: Tue, 31 Jan 2023 15:43:06 GMT
Date: Tue, 31 Jan 2023 14:30:30 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2309
Expires: Tue, 31 Jan 2023 15:08:59 GMT
Date: Tue, 31 Jan 2023 14:30:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 13:43:17 GMT
content-type: application/json
age: 2833
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7969
Expires: Tue, 31 Jan 2023 16:43:19 GMT
Date: Tue, 31 Jan 2023 14:30:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p5U4FsZaJu45K1qX5XtgaDtz0Mb/wF3aioxVFr1HoOoonF0ZbR0jp7qPN3xTgpw+oov4bI+4Mb0HYPF+4NBcWQ==
x-amz-request-id: KDJXVBC2MVDN7NNE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 13:51:11 GMT
age: 2359
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 14:30:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 13:41:42 GMT
age: 2928
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 6a1ca27f89feb8270287477c0f7b382e
3271349b895ab8db78db2ca54ef4aaf2991fd38d
1a00915b6821abe8ef347eeb9e9d43765e698c7de89dc9a385b88bbfeae395ad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 14:30:30 GMT
Last-Modified: Tue, 31 Jan 2023 12:50:23 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9wt9Lcp8VutYqIR6YQ37z9el4cQ2sNsIGP_rTZL-Q9TRKsJDWfnlWg==
Age: 6007
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3015
Expires: Tue, 31 Jan 2023 15:20:45 GMT
Date: Tue, 31 Jan 2023 14:30:30 GMT
Connection: keep-alive
hop.clickbank.net/?affiliate=sane42&vendor=slimcrysta&op=vsl&tid=wcpk1hcaas2u9u9mi8tjps6m
44.240.101.13307 Temporary Redirect 0 B URL HTTP/2 hop.clickbank.net/?affiliate=sane42&vendor=slimcrysta&op=vsl&tid=wcpk1hcaas2u9u9mi8tjps6m
IP 44.240.101.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?affiliate=sane42&vendor=slimcrysta&op=vsl&tid=wcpk1hcaas2u9u9mi8tjps6m HTTP/1.1
Host: hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Tue, 31 Jan 2023 14:30:30 GMT
content-length: 0
location: https://slimcrystal.com/?hop=sane42&op=vsl
set-cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Wed, 31 Jan 2024 14:30:30 GMT
p=DqfOUyfm7Sme2fMy039xyDPFCHyzWobw0PHN2mAkdcJCIx6ZZHnjG4Sx15Y5xuygumMAAsG5BKQeWXiBYeCGbzHrbmY89xpMxA7vVDGZa0NNNaRjW2n261rV_CxXVQRcSF0OH5UfVOrTI3AsLivqfFL5DoxZWUeswnJcxjmlCJjBmURgGqfDXd8WfnapYl5Y-37MyxbZ2oCxPl8As1yzT5SKEzXrQ3ekg8RLfTXXq_hZfTJ1; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Sun, 30 Jul 2023 14:30:30 GMT
server-timing: traceparent;desc="00-56162771c4f746b616df7627b1069259-91d50e8be40c4728-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/5A3qGcj55uY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/5A3qGcj55uY
IP 142.250.74.131:0
Hash e18c4089497619d2eaa8ec66f5f61d02
20b06851b0ca63c7ff3f574443d768f67c335ca4
078897717b6df5c41b048095e25ed75bd72e22a5a07270721956924f950d5bd3
POST /s/gts1p5/5A3qGcj55uY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.209.122.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.209.122.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZXuifaQhfOJL9VxDmONM6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zcguhic8lwlaApv2/5OYzlFvhJM=
ocsp.pki.goog/s/gts1p5/5A3qGcj55uY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/5A3qGcj55uY
IP 142.250.74.131:0
Hash e18c4089497619d2eaa8ec66f5f61d02
20b06851b0ca63c7ff3f574443d768f67c335ca4
078897717b6df5c41b048095e25ed75bd72e22a5a07270721956924f950d5bd3
POST /s/gts1p5/5A3qGcj55uY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10901425749
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10901425749
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 63eb040bac9a58b574f1f57aa7aa5917
fc98780abff2fc9c1370569c677fdb250dc248f1
c469a874bdf71d97b156565547b7f15c30cc84634b96f56091c36d942d5b2550
GET /gtag/js?id=AW-10901425749 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 14:30:31 GMT
expires: Tue, 31 Jan 2023 14:30:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-645944073
142.250.74.168200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-645944073
IP 142.250.74.168:0
File type ASCII text, with very long lines (2917)
Hash dda44e94f3bae67fbfec01c48c9c3ffe
580a60b8782e97f2220c4a95d6e0fc751f7c019e
4a661c774c742015fb7f4e4a61a399a832559dd669f37ff1ae4deb425fe03cdc
GET /gtag/js?id=AW-645944073 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 14:30:31 GMT
expires: Tue, 31 Jan 2023 14:30:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP 142.250.74.131:0
Hash 95200e559e18885c0ec7a0388c201b5e
581a22771fbf0de9b402d26a5468e2baea3016ab
78f667d5dfe885d6db71027a8736151388ecba9633c6454fefa69afa097b99dc
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Lato:300,400,500,700|Roboto:300,400,500,700
142.250.74.106200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,500,700|Roboto:300,400,500,700
IP 142.250.74.106:0
Hash b500a986e71a069cc5b25cc55fad2ec3
01cfa562d29bdf1235b3fd6257e843ae25f7d623
efc94d2dde26c991c4c41f4635e93f792b9f52a5483bd3256592eec54d16bfbf
GET /css?family=Lato:300,400,500,700|Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 14:30:31 GMT
date: Tue, 31 Jan 2023 14:30:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
34.107.203.240200 OK 15 kB URL HTTP/2 static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP 34.107.203.240:0
File type ASCII text, with very long lines (58749)
Hash f42272a0f636e716204c0bec503ba28c
2dfd630f7b31d442fb25aca978b26c0efe377481
3ede591eca234ade8e54d107d4b391129bdedff614876fd513ab94aaa0b7e7d4
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: dd8f98e0d0027c334bb00a2c35d7520a
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Sun, 08 Jan 2023 08:11:06 GMT
expires: Mon, 08 Jan 2024 08:11:06 GMT
cache-control: public, max-age=31536000
age: 2009965
etag: "rvb96Q"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js
104.17.24.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (58823)
Hash 862e774816525509d8b88f3f21174dcb
afdc27eac7b24332916978b1aeea648019026601
cc7743974a19a6d642e2ed50fa235d4c40e142c030ceb5d8f64a4c43504f8ed1
GET /ajax/libs/moment.js/2.26.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 14:30:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 16963
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ec4d334-e5ee"
last-modified: Wed, 20 May 2020 06:50:28 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 983274
expires: Sun, 21 Jan 2024 14:30:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9a1vrJHZrnAp%2BzJNWg8W0ezU8nclEe8Bfo61PgG%2FIeSFvE3QHeFvOMbcbneXoN7JeKo8mQ8rSydMIKP%2FmlZ3fyNHO%2BigDCFedjUKly6XMS0u208cvy7RKS71vaWjYPXIEEPb9cwA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792325520a47b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP 142.250.74.131:0
Hash 95200e559e18885c0ec7a0388c201b5e
581a22771fbf0de9b402d26a5468e2baea3016ab
78f667d5dfe885d6db71027a8736151388ecba9633c6454fefa69afa097b99dc
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k
IP 142.250.74.131:0
Hash 27939646fb41b0e21f4acb820b5be3b4
73b2c31a93e270bdc2e27dc894cd225314a16363
4603a8ee155f5730d30fc6b9d002bad8e18afb9316b857ba95350b99e73009d3
POST /s/gts1d4/WT_FO6-f4_k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.center.io/center.js
216.239.38.21200 OK 5.4 kB IP 216.239.38.21:0
File type ASCII text, with very long lines (566)
Hash 276609e3cfacad7622ab02bcd80a5f75
26fbc873773aada776b4cb2120a63130754f79ee
2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: 85fdd43d0a478ace69dd30db0b3b3e77
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Tue, 31 Jan 2023 14:28:04 GMT
expires: Tue, 31 Jan 2023 14:33:04 GMT
cache-control: public, max-age=300
age: 148
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
js.center.io/identify.html
216.239.38.21200 OK 2.0 kB URL HTTP/2 js.center.io/identify.html
IP 216.239.38.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Hash c16ca7cb44a55621b5a53b8d3066ef99
9d19d037b0f6c1c12aa6cc3e378e13093272b0d3
9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 97900f442ffb216f8c9dbfc1793fa6fb
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Tue, 31 Jan 2023 14:29:20 GMT
expires: Tue, 31 Jan 2023 14:34:20 GMT
cache-control: public, max-age=300
age: 72
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e6e98858e07e37acdb64c79e30e1a6ae
7c1426571afcb99328204792576a9b3814ea3bba
6577b4538febd004f85dac52e2f300c9d8b2a7e8fbbb2f4dd4ae6732dfea88ed
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164538
Date: Tue, 31 Jan 2023 14:30:32 GMT
Etag: "63d8f902-1d7"
Expires: Thu, 02 Feb 2023 12:12:50 GMT
Last-Modified: Tue, 31 Jan 2023 11:18:26 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ElWIPsiID8sGyD2gwbIvrXURQ-Cb1nm7jNGcVEvlNR3Dm6Ik4NF6AA==
Age: 3265
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15630
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 14:30:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15630
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 14:30:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15630
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 14:30:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15630
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 14:30:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 45136
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b43468b05cd1fd11c398263a80e4edb2
02e964ea5a88c866267ac6c5601bfcde26ffd42b
19783f05297f7ed5d7ca8cec0fc0e1676831275ac48f1510a4f410dbe2802314
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4634
x-amzn-requestid: 2941da94-203c-47d1-99ee-d864bdbf6993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCAHF9kIAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e39a-78bb7189351d830a7ef70c67;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hWONP8eVA6h5VMyREx_CgRY2zeb9KUxipWiXdx9dHBtU2YDV07lGXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:46:51 GMT
age: 35021
etag: "02e964ea5a88c866267ac6c5601bfcde26ffd42b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 39015
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:05:29 GMT
age: 5103
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:15 GMT
age: 59237
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:47:13 GMT
age: 60199
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 00db3717d3cbf79c5f1f16423910a1e9
0edbda1a001cc959d00a8756ee23a9ea1b7547d8
4c13de23351e9e7ed51ce3ef3e856dd031ec8c45c0f346a747ac1d214354282f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 14:30:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 03:11:31 GMT
Expires: Wed, 01 Feb 2023 03:11:31 GMT
ETag: "0edbda1a001cc959d00a8756ee23a9ea1b7547d8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cbtb.clickbank.net/?vendor=slimcrysta
52.32.168.94200 OK 942 B URL HTTP/2 cbtb.clickbank.net/?vendor=slimcrysta
IP 52.32.168.94:0
File type ASCII text, with very long lines (942), with no line terminators
Hash 8b0141f7ca626083801c7c3de45997ca
a2969f752bf6b5cc3333f8af23d157671a034f66
152019e7e912b8d039de736f5ca51e317fd7eb29d1afb92c948b0ca1e2fde2b8
GET /?vendor=slimcrysta HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 14:30:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 942
set-cookie: AWSALB=4KY25f+dXhOzNAfDJTHBchljSjOYulRbpcMizaCfg6Hcm4PBU+kGYH92xBIxQsKLNUXO5eI0Dff0O54h6zs0ZrK8gGUH5lIJAOQZQmNeaWz4QY6erzzRTb2FEhBa; Expires=Tue, 07 Feb 2023 14:30:32 GMT; Path=/
AWSALBCORS=4KY25f+dXhOzNAfDJTHBchljSjOYulRbpcMizaCfg6Hcm4PBU+kGYH92xBIxQsKLNUXO5eI0Dff0O54h6zs0ZrK8gGUH5lIJAOQZQmNeaWz4QY6erzzRTb2FEhBa; Expires=Tue, 07 Feb 2023 14:30:32 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=3VemY48gJunzW3JHqSMsr2&v=&e=&st=&lc=en-US&pid=AMqA5Xc4viGAJmSGWCRhnT-default-prop&uid=U2ikevCaTzpUzjAScicuU9&sid=vi2dmw5YDEa6kjyw9EpGQt&cid=lp-3VemY48gJunzW3JHqSMsr2&uri=https%3A%2F%2Fslimcrystal.com%2Fvsl&rf=&rx=1280&ry=939&tz=%2B00%3A00
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=3VemY48gJunzW3JHqSMsr2&v=&e=&st=&lc=en-US&pid=AMqA5Xc4viGAJmSGWCRhnT-default-prop&uid=U2ikevCaTzpUzjAScicuU9&sid=vi2dmw5YDEa6kjyw9EpGQt&cid=lp-3VemY48gJunzW3JHqSMsr2&uri=https%3A%2F%2Fslimcrystal.com%2Fvsl&rf=&rx=1280&ry=939&tz=%2B00%3A00
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=3VemY48gJunzW3JHqSMsr2&v=&e=&st=&lc=en-US&pid=AMqA5Xc4viGAJmSGWCRhnT-default-prop&uid=U2ikevCaTzpUzjAScicuU9&sid=vi2dmw5YDEa6kjyw9EpGQt&cid=lp-3VemY48gJunzW3JHqSMsr2&uri=https%3A%2F%2Fslimcrystal.com%2Fvsl&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 31 Jan 2023 14:30:32 GMT
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://slimcrystal.com
x-request-id: 06mv5jtihskoti08m3d0
access-control-expose-headers: LP-Security-Token
set-cookie: view.AMqA5Xc4viGAJmSGWCRhnT-default-prop.3VemY48gJunzW3JHqSMsr2=1675175433000; Domain=api.leadpages.io; expires=Wed, 01 Feb 2023 14:30:32 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
Server: Stargate
X-Forwarded-For: 91.90.42.154
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b68d4e6e4d0a88620588831e010103b4
075b8e406ea12d9c3a65ff024fbf08be532e7471
400cc1735d8f03257076c7f54d7f921ed718636cd22105c4fd9ea2d23b70917e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135131
Date: Tue, 31 Jan 2023 14:30:32 GMT
Etag: "63d89114-1d7"
Expires: Thu, 02 Feb 2023 04:02:43 GMT
Last-Modified: Tue, 31 Jan 2023 03:55:00 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 63IxhmcULBsbTwE6Lkcs5lBVRiOoi8X_SFJaMv-3iz6b7kNVa1lWQw==
Age: 463
www.ssmbtrk.com/scripts/sdk/everflow.js
35.227.247.224200 OK 19 kB URL HTTP/2 www.ssmbtrk.com/scripts/sdk/everflow.js
IP 35.227.247.224:0
Hash c9845e96a837227d4beedec204cd8971
388d1310c52b8effce91119639e4cb915dd6ce20
fe49a2616bd12cb1e2c1ca53ea6fed3cdbc57337aec10ed4fc85557ef4452259
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.ssmbtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 14:30:33 GMT
content-type: text/javascript
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: 162441cd-a7f3-4c2a-ba01-61fb3899e8f5
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a545dfaddf088c67c8aee3720f8751ff
779cd15fe645904a18046cc9499ca80fc9acc184
f3876edd5c39ee73600b454f14da530e5783c8d864425f3acde6917e059feb23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5098
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Last-Modified: Tue, 31 Jan 2023 13:05:36 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a545dfaddf088c67c8aee3720f8751ff
779cd15fe645904a18046cc9499ca80fc9acc184
f3876edd5c39ee73600b454f14da530e5783c8d864425f3acde6917e059feb23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4553
Cache-Control: max-age=98214
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Etag: "63d7f0e6-117"
Expires: Wed, 01 Feb 2023 17:47:27 GMT
Last-Modified: Mon, 30 Jan 2023 16:31:34 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
54.230.111.43200 OK 4.3 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
IP 54.230.111.43:0
File type PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash c06ae1ecaaf7e0610c68af117658a7e0
337cc86d38734fd76333c063366ec36e7a7d343a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
GET /dist/assets/logo-tab-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4341
date: Tue, 31 Jan 2023 02:31:36 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
server: AmazonS3
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QK47ygHqyldlBYMou1VkF7kMadVUgA6yWJUkjKEIO-kv1Q9hF7WJdA==
age: 43138
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
54.230.111.43200 OK 3.5 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
IP 54.230.111.43:0
File type PNG image data, 472 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 47cdefc96f75be3d978d4b444737b00e
c9d8540c17ed48b72be610bb5795120e4d560d6f
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
GET /dist/assets/logo-header-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3472
date: Tue, 31 Jan 2023 02:31:36 GMT
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
server: AmazonS3
etag: "47cdefc96f75be3d978d4b444737b00e"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Jb85r1VSnmiZqrUt7BufYhhp00GdzvNmQxFb8-Egi6aVn9WmoliHA==
age: 43138
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/i18n/app-strings-en.json
54.230.111.43200 OK 9 B URL HTTP/2 prod.cbstatic.net/dist/i18n/app-strings-en.json
IP 54.230.111.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cdfca8b09e61ae7324e48f01984c9b34
874b413675711909229ca228efea613383d6a9a4
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
GET /dist/i18n/app-strings-en.json HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 9
date: Tue, 31 Jan 2023 02:31:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
server: AmazonS3
etag: "cdfca8b09e61ae7324e48f01984c9b34"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ba5GvTx3O7ZwVv8O4fq2y2Nhbrnwdlsd4BKQnl_hIwUNNVOVBJLYeA==
age: 43138
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b73f1569d657503327db4f8cd0cb4c23
01727bcda5957713d42665cd33f139abca1817fc
0fe3bd62c50c1a6b82c50ee07e8fa1ebc148305adb30826e12387606a01b6776
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5071
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Etag: "63d813d6-117"
Last-Modified: Tue, 31 Jan 2023 13:06:02 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:08 GMT
expires: Wed, 31 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 36085
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 145713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
82.102.27.18200 OK 4.4 kB URL HTTP/2 seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
IP 82.102.27.18:0
File type PNG image data, 153 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e1bae45c56b7d21a7ac325790f8acd0e
c61a206bce2c120fe77de6058877e4bb1dd02ff3
f9bc6b60cdb2bee77a6f9ec4b48c1df9c8780dc1f81c0fb1693856f580186b72
GET /seals/blue-seal-153-100-clickbank-5004291.png HTTP/1.1
Host: seal-boise.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Tue, 31 Jan 2023 14:30:33 GMT
content-type: image/png
content-length: 4394
cache-control: max-age=14400
expires: Tue, 31 Jan 2023 18:30:33 GMT
last-modified: Mon, 30 Jan 2023 19:47:45 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/video/618776684?h=51805eacce
162.159.128.61200 OK 6.2 kB URL HTTP/1.1 player.vimeo.com/video/618776684?h=51805eacce
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21224), with no line terminators
Hash 5321f0dc7f1ed4e8ca7cae31a5adccd2
2a35bc2f82f922100d3f3ababcf76018e8bbaa2e
d4db3dd4687dfcc477817b5976177f5f68afd9067f4ec6167b2d2489b11dab3c
GET /video/618776684?h=51805eacce HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 14:30:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 31 Jan 2023 14:33:56 GMT
x-host: player-868955557-dpqkp
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-868955557-dpqkp
Age: 0
X-Served-By: cache-bma1621-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675175433.165184,VS0,VE120
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=44XGsChnU73BZeP0koau1TbOmVyvw__Ulh98N3c48vg-1675175433-0-ARm0hl7/9C62s21RX4f/2FQr6VEPQMIszNsyr/T0Qih/y6mkzuJ3m3q+y1dXrky89rPxePQs3FoGUzDrFRF6Xxs=; path=/; expires=Tue, 31-Jan-23 15:00:33 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 7923255939f5b527-OSL
Content-Encoding: gzip
player.vimeo.com/video/618776372?h=c7c22c9f8a
162.159.128.61200 OK 6.0 kB URL HTTP/1.1 player.vimeo.com/video/618776372?h=c7c22c9f8a
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19738), with no line terminators
Hash 427784ce926e7afc65991405aee3ee09
d3b31158416238ee22276e2112a89cd10f0ba23d
12aa622613c413fd6bcd276adc5218eeefa44cd5a5326ecfccb932888b101b16
GET /video/618776372?h=c7c22c9f8a HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 14:30:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 31 Jan 2023 14:36:11 GMT
x-host: player-868955557-2gszj
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-8
x-backend-proxy: playproxy9
x-bapp-server: player-868955557-2gszj
Age: 0
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675175433.159755,VS0,VE131
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=q4xCTN7gxubpCjObj5GB6_niHosrRx6udjbOyDeRY6I-1675175433-0-AZCxAbMSwEkelROxV1ED9DRjTQDy4tmra2VXt996mQmzkxXkYuwdRQydG+oLdvS1S5r66xPsjgh9intAhnV4BIk=; path=/; expires=Tue, 31-Jan-23 15:00:33 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 792325592e6cb50f-OSL
Content-Encoding: gzip
player.vimeo.com/video/647253107?h=db3e20d96e
162.159.128.61200 OK 17 kB URL HTTP/1.1 player.vimeo.com/video/647253107?h=db3e20d96e
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51071), with no line terminators
Hash bb3ede61ed3d539a70c4cfdb9a871d01
2f2d28f73c81ff6eab9f3bc78c2d7792861a3ea6
f3d7c11bdc12fbd9c48a601b347486c939061fa18a3655c6951d4f5996863f41
GET /video/647253107?h=db3e20d96e HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 14:30:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 31 Jan 2023 14:35:36 GMT
x-host: player-868955557-v2552
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-7
x-backend-proxy: playproxy8
x-bapp-server: player-868955557-v2552
Age: 0
X-Served-By: cache-bma1622-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675175433.161398,VS0,VE135
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=_IsEMN07..p4oohslEEYE7_PE8WIVxMIw7bkbAfRCTM-1675175433-0-Adqe9NYsyYx9KES5+9QEtl+iktM3Cmp3lEgXp61I5iYizoePnYMCHhkwjQ6kqgl7QXQUeDL0n37lH8ykumDeuNo=; path=/; expires=Tue, 31-Jan-23 15:00:33 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 7923255929291c06-OSL
Content-Encoding: gzip
f.vimeocdn.com/p/4.19.1/css/player.css
151.101.246.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.19.1/css/player.css
IP 151.101.246.109:0
File type ASCII text, with very long lines (65495)
Hash bd4414b5df79926925445d3a703dc1c1
9f4c58e0bd6449707fdaf695ae4f7b57ae0b6570
9be032e4a1bea654519821a773a433936855aa9898b9b26253494ed747e15ecb
GET /p/4.19.1/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 79492
x-served-by: cache-iad-kiad7000056-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 21, 60669
x-timer: S1675175433.359625,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20068
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05.jpg?mw=80&q=85
151.101.246.109200 OK 1.6 kB URL HTTP/2 i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05.jpg?mw=80&q=85
IP 151.101.246.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 44c5ae72c99c7d625ab37018c7449368
68f187faabb2e388c7487aa7f1a10f2c2bdfa925
36be892f37e89b933c89cd12ec8365985377db47ab13ff782d68eb5706d50d88
GET /video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 44c5ae72c99c7d625ab37018c7449368
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-r9k8
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 1233222
x-served-by: cache-dfw-kdfw8210094-DFW, cache-hel1410030-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 2675, 1
x-timer: S1675175433.381670,VS0,VE2
content-length: 1639
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780.jpg?mw=80&q=85
151.101.246.109200 OK 1.3 kB URL HTTP/2 i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780.jpg?mw=80&q=85
IP 151.101.246.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 74c5294890686cdc359655ae8724f349
55be140180e664ab3af00a334357f8ee88f89222
ccd1df36434ca443eb8f1d66ce73e54a86e0cb1a3bab81bdba2afe0555b04641
GET /video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: 74c5294890686cdc359655ae8724f349
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-ml9s
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 1143875
x-served-by: cache-dfw-kdfw8210101-DFW, cache-hel1410030-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 37, 1
x-timer: S1675175433.399754,VS0,VE1
content-length: 1269
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9.jpg?mw=80&q=85
151.101.246.109200 OK 1.7 kB URL HTTP/2 i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9.jpg?mw=80&q=85
IP 151.101.246.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x37, components 3\012- data
Hash 9d1349763522973851db4bc425ec591a
7b3a0cdecae38e7380b7a1fb1103193b860b628d
97531786f8ea720d003150fbc4f8beecdf0132b06d7bdf33bddf29113f1bf846
GET /video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: 9d1349763522973851db4bc425ec591a
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-0qm5
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 1907762
x-served-by: cache-dfw-kdfw8210031-DFW, cache-hel1410030-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 5072, 1
x-timer: S1675175433.415116,VS0,VE1
content-length: 1690
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.19.1/js/player.module.js
151.101.246.109200 OK 118 kB URL HTTP/2 f.vimeocdn.com/p/4.19.1/js/player.module.js
IP 151.101.246.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 118 kB (117883 bytes)
Hash 0e847fbe1f05b570c118f0d6d64267c4
c9f197fee1ce775cd25d590dcd0fe4e4dfc1d2a9
fd6fd54f4e945388ddb1b4804018d937b898777aa8eb0ac21c65ba27d46a7480
GET /p/4.19.1/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 79492
x-served-by: cache-iad-kiad7000053-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 18, 43126
x-timer: S1675175433.395179,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 117883
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/K7kinBes30FDzGamXV_9-gmSOpxdJ5s3h38KJ6un1uulCU7Fdtwv2imdYUlsjppnenNik6vEU2goEI-StZSBe8_FomSurESudBI=w16
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/K7kinBes30FDzGamXV_9-gmSOpxdJ5s3h38KJ6un1uulCU7Fdtwv2imdYUlsjppnenNik6vEU2goEI-StZSBe8_FomSurESudBI=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x20, components 3\012- data
Hash c177d67fa204a015de390bb54c4673a6
5cc4d09b12b1480b29bc696a8e180a9d2fffd1c0
76badb85155c8e3d20a9cfd890815765e8067a7cf350fe7896afcb6f58d3a193
GET /K7kinBes30FDzGamXV_9-gmSOpxdJ5s3h38KJ6un1uulCU7Fdtwv2imdYUlsjppnenNik6vEU2goEI-StZSBe8_FomSurESudBI=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3767
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Thu, 26 Jan 2023 08:03:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/rdm9g_M1IuMzi3Yys8LWtTS1cohePS51HGhnbVKXLqJ7i5XdJ-tu4jiJOMvLtLFRcEVuSJlc4BxpWFoX1cR_wfDgdYaJ4DhaHg=w16
142.250.74.97200 OK 474 B URL HTTP/2 lh3.googleusercontent.com/rdm9g_M1IuMzi3Yys8LWtTS1cohePS51HGhnbVKXLqJ7i5XdJ-tu4jiJOMvLtLFRcEVuSJlc4BxpWFoX1cR_wfDgdYaJ4DhaHg=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x13, components 3\012- data
Hash 915c56553b6bd1237a3f8d096d3d98e5
9aba501dee47efa7c6ac0e2b4ae545f7c20ae145
d7d0499da9d7f86db028a84b9515be45c1cca512200a3e119a9cfe4409f9337f
GET /rdm9g_M1IuMzi3Yys8LWtTS1cohePS51HGhnbVKXLqJ7i5XdJ-tu4jiJOMvLtLFRcEVuSJlc4BxpWFoX1cR_wfDgdYaJ4DhaHg=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 474
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Mon, 23 Jan 2023 13:30:10 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/ljfQZ8EYi5TACtI92SBlSA51CL4ugLOQoKGPUB4q4KSdVoBcm76mveJYCy3Fo7aQj9cIEs3a9FA9rjhQn38Bknpn_wW4Pphdp-s=w16
142.250.74.97200 OK 951 B URL HTTP/2 lh3.googleusercontent.com/ljfQZ8EYi5TACtI92SBlSA51CL4ugLOQoKGPUB4q4KSdVoBcm76mveJYCy3Fo7aQj9cIEs3a9FA9rjhQn38Bknpn_wW4Pphdp-s=w16
IP 142.250.74.97:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 86e36652f148fe88c1c327bf18baa3d1
47547729f358a8444bf5222d24f962952114e7ea
c5140fa21bf583db84a55e3b1512a27d5fe864073be0fc61b572f0a56ebd17f4
GET /ljfQZ8EYi5TACtI92SBlSA51CL4ugLOQoKGPUB4q4KSdVoBcm76mveJYCy3Fo7aQj9cIEs3a9FA9rjhQn38Bknpn_wW4Pphdp-s=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 951
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Sat, 28 Jan 2023 23:16:36 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/x2BVhiGNZH1GCUXrB7Pju0uYhNAvLO5YM2kjVv4pIYv0UqcyYrF_GtSm8yMcmwMhQVZKbQvJ9qdYJnozGm12JYjzO_J7kmz6LCI=w16
142.250.74.97200 OK 443 B URL HTTP/2 lh3.googleusercontent.com/x2BVhiGNZH1GCUXrB7Pju0uYhNAvLO5YM2kjVv4pIYv0UqcyYrF_GtSm8yMcmwMhQVZKbQvJ9qdYJnozGm12JYjzO_J7kmz6LCI=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x14, components 3\012- data
Hash 7b994da19641dd540d1e53f5d2eef47b
39a0a3742476b988c1d992da8f8259f4ffed92cd
88df2d0b1df1058223bf38bfd5f88670dc563f4d749e99a7828ae6067fbdf31e
GET /x2BVhiGNZH1GCUXrB7Pju0uYhNAvLO5YM2kjVv4pIYv0UqcyYrF_GtSm8yMcmwMhQVZKbQvJ9qdYJnozGm12JYjzO_J7kmz6LCI=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 443
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Sat, 28 Jan 2023 23:16:36 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/0t9HIE7OHP69Ob2YjWdzht34hQkVKEoYetjUNe-zLKYlAy-I39njty74sDeK32TZrLE2SWd5LfHyLZLPAFf8GmsG4w2yhQrpisVb=w16
142.250.74.97200 OK 419 B URL HTTP/2 lh3.googleusercontent.com/0t9HIE7OHP69Ob2YjWdzht34hQkVKEoYetjUNe-zLKYlAy-I39njty74sDeK32TZrLE2SWd5LfHyLZLPAFf8GmsG4w2yhQrpisVb=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x10, components 3\012- data
Hash 4b1adba926abf23b09d9554d3663f630
22c0596485c9b4da950537fe5785bcc5a4e3014e
53ffedc9d58bbab67909271b53315fd37dee3a15c4e87802913bf35810b7aa2c
GET /0t9HIE7OHP69Ob2YjWdzht34hQkVKEoYetjUNe-zLKYlAy-I39njty74sDeK32TZrLE2SWd5LfHyLZLPAFf8GmsG4w2yhQrpisVb=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 419
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Sat, 28 Jan 2023 23:16:36 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 403245b72f4a949d2133dd84f16291dd
e357d21db37a95ea7586c85cee76ee8fc7851d89
cfc952564db03567db2d8846119eb2ac6fa850902b1bced80ab04bbaf2d2a05b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/JjvqHjEulJg6nccPdkwGmjFWBUZdynZXiSyp7qgkCod56iBRrOWjqKviji-5SdtVG-vtJ8pHvH9M6ROfzp7K1ZHjNIDvQefqDIs=w16
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/JjvqHjEulJg6nccPdkwGmjFWBUZdynZXiSyp7qgkCod56iBRrOWjqKviji-5SdtVG-vtJ8pHvH9M6ROfzp7K1ZHjNIDvQefqDIs=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x20, components 3\012- data
Hash 25bc76a2e6dca33253ec0b69f871b885
d3b9698720de13cc73f6eb34ebe8546998fd6136
9c14e923780ada8b817933572fbc85794a6bff340dc915878c4b26992ca0775c
GET /JjvqHjEulJg6nccPdkwGmjFWBUZdynZXiSyp7qgkCod56iBRrOWjqKviji-5SdtVG-vtJ8pHvH9M6ROfzp7K1ZHjNIDvQefqDIs=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3759
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Wed, 01 Feb 2023 02:31:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/Nsq9pdE28j1wiZhThJfNbUUNOAKY9d0y21ez41ztAHt2x1R4zbrQHob1so0mdSykpb1caf_4vd-gf7t7RwtJzyJQq7rGDU2g2iw=w16
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/Nsq9pdE28j1wiZhThJfNbUUNOAKY9d0y21ez41ztAHt2x1R4zbrQHob1so0mdSykpb1caf_4vd-gf7t7RwtJzyJQq7rGDU2g2iw=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x20, components 3\012- data
Hash c53093e3ae735deecb8de8e4ca835916
bd53ca0d1d0099032225d76ff069726868814e66
c0f958615bcf6c9351b2cb51b92ecf1e7c00c4fd7524d82a264af5c84ed4b8ba
GET /Nsq9pdE28j1wiZhThJfNbUUNOAKY9d0y21ez41ztAHt2x1R4zbrQHob1so0mdSykpb1caf_4vd-gf7t7RwtJzyJQq7rGDU2g2iw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3781
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Thu, 26 Jan 2023 08:03:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/p/4.19.1/js/vendor.module.js
151.101.246.109200 OK 92 kB URL HTTP/2 f.vimeocdn.com/p/4.19.1/js/vendor.module.js
IP 151.101.246.109:0
File type ASCII text, with very long lines (65457)
Hash 762c16dcea84fefed6c4a09106f141a3
073e1bfde865b6155e4b5e5b35f83bf79e25bb52
4ab638766a138a95792c477c4d842be53b06c0b86749e4aa9b74071b3f59df70
GET /p/4.19.1/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 79492
x-served-by: cache-iad-kcgs7200105-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 13, 55694
x-timer: S1675175434.557736,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 92409
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10901425749/?random=1675175449805&cv=11&fst=1675175449805&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 926 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10901425749/?random=1675175449805&cv=11&fst=1675175449805&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1969), with no line terminators
Hash 4818b31c5c22e6e6be7d2b0fcf399833
6c3064df62591a89cb6431ce7bce615eff823a53
a9f478ddb08986a1a6e5f4449eb2f034b30583e274bc3bd33d6543984bbf61f0
GET /pagead/viewthroughconversion/10901425749/?random=1675175449805&cv=11&fst=1675175449805&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 926
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 14:45:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Last-Modified: Tue, 31 Jan 2023 12:51:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.34200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 14:45:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1675175449841&cv=11&fst=1675175449841&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.34200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1675175449841&cv=11&fst=1675175449841&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/645944073/?random=1675175449841&cv=11&fst=1675175449841&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 14:45:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: MW+kBytB1/nb9Ggpx+JqzWlaBqaQb3FIkdmEbj9mGGskydPYroi6lAwxL0uFPam/oWb+GrlJ4rXeWuWklUityA==
content-length: 27843
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 14:30:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Last-Modified: Tue, 31 Jan 2023 12:51:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w16
142.250.74.97200 OK 335 B URL HTTP/2 lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x9, components 3\012- data
Hash 538c07eebc163c4b619b4f8e513e440e
b49f6112cec424d571f8cf3c1ad98f4732d854c7
82eb31993198ab11e3f063f2fa7349c4d2315522e7946ed0be5c477ecd9a3a6c
GET /-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 335
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Mon, 30 Jan 2023 17:35:05 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w1268
142.250.74.97200 OK 23 kB URL HTTP/2 lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w1268
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1268x713, components 3\012- data
Hash 9d4f5c8754f0a673d63d6ae0602ec0e5
1aab35880376b54d74f0759e9da24896483d5eb4
1e75e296e01aa8d8a3e8c0f4a5a1366e8abfa1d6cf613ecc2cf425339e6a7804
GET /-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 22683
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:30:33 GMT
expires: Mon, 30 Jan 2023 21:48:45 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.246.109200 OK 985 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.246.109:0
File type ASCII text, with very long lines (1839)
Hash 0541e0ff8702adadfd34ee8c298afbdf
c10da432fdb8736622c8c1fb7708b2599cae882c
967903be4f14e85fe685577417cf83d53b5363e5f02baa3b2242c19a7030b652
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 1237999
x-served-by: cache-iad-kiad7000106-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 4491, 374346
x-timer: S1675175434.718129,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 985
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780
151.101.246.109200 OK 252 kB URL HTTP/2 i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Size 252 kB (252480 bytes)
Hash 40772623d450175a0229045dd3b8d667
94fce2f1de3b74ea5265c994b0c60c340c645009
ded4a1927e88e6fa5b2d982adc4ac9e6b130b35ba1d53844f74014a701166e1b
GET /video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 40772623d450175a0229045dd3b8d667
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-f2r9
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 96554
x-served-by: cache-dfw-kdfw8210060-DFW, cache-hel1410030-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 803, 1
x-timer: S1675175434.726992,VS0,VE1
vary: Accept
content-length: 252480
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1484887/tfa.js
151.101.129.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1484887/tfa.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (59654)
Hash 9e6e258b2e4cf707175c5ca10141fdc6
e7ec4c1320c8a57ddf75b8a499db7ee942b6bd52
8f1015bdd9d5c540e1cf8439ae5b3f36b64b95c0dbcb227691b19f348e095e91
GET /libtrc/unip/1484887/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /OipqfX1YUF+/fHJuO0z4zAQdx3MVequW3u1glEK3UgUtZZotnPUi58my8+h4lYWXzWwr20sac8=
x-amz-request-id: W2AY40WK4A49R030
x-amz-replication-status: COMPLETED
last-modified: Sun, 29 Jan 2023 11:09:43 GMT
etag: "cfb7b6492f688609ea9393dae8fd02cd"
x-amz-version-id: HvfISCBy04wxf5VDZNPAzIr8LQCbgvpJ
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675175434.568062,VS0,VE192
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 12
content-length: 18347
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 670f8c8ae0445f87b7d9a9a6c7a6486a
f5dd74b4c683630bf5ca600108188fc8a5e3aac5
d95d82eb224a923e70f3a2308ca6f7106b3d4a7ff9876a27da3f7252fd2e4167
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 14:30:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 01:41:36 GMT
Expires: Sun, 05 Feb 2023 01:41:35 GMT
Etag: "f5dd74b4c683630bf5ca600108188fc8a5e3aac5"
Cache-Control: max-age=385261,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923255d2febb527-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9
151.101.246.109200 OK 113 kB URL HTTP/2 i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Size 113 kB (113158 bytes)
Hash 081b2ec8660f830e574494b6fa4af909
83d9c3ef2bdccfca820a4d85be6e6f4784e55292
514ed54eebebfdf03c1791df94b7f53a982007539933c7dbcc8fdbef48ffde84
GET /video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 081b2ec8660f830e574494b6fa4af909
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-east1-n8rd
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 1898145
x-served-by: cache-dfw-kdfw8210131-DFW, cache-hel1410030-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 626, 1
x-timer: S1675175434.838532,VS0,VE1
vary: Accept
content-length: 113158
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.35200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.35:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1675175449838&cv=11&fst=1675175449838&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slimcrystal.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/645944073/?random=1675175449832&cv=11&fst=1675173600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3002549981&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/645944073/?random=1675175449832&cv=11&fst=1675173600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3002549981&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/645944073/?random=1675175449832&cv=11&fst=1675173600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3002549981&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10901425749/?random=1675175449805&cv=11&fst=1675173600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2536454507&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10901425749/?random=1675175449805&cv=11&fst=1675173600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2536454507&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10901425749/?random=1675175449805&cv=11&fst=1675173600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2536454507&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/645944073/?random=1675175449841&cv=11&fst=1675175449841&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.35200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/645944073/?random=1675175449841&cv=11&fst=1675175449841&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.35:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1675175449841&cv=11&fst=1675175449841&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1229480508.1675175450&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slimcrystal.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:30:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/player-dash-mse.min.js?hash=zqztsqiwa
192.229.220.49200 OK 510 kB URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/player-dash-mse.min.js?hash=zqztsqiwa
IP 192.229.220.49:0
File type Unicode text, UTF-8 text, with very long lines (65399)
Size 510 kB (509479 bytes)
Hash 0c3b104188dacd4b36687e5575d311d5
6b4c7f2813dad8ca92cf39091bba54e983a3af64
f47c76ec282efd807519868a42916179fde58a868c1888b8137e908f8a9b399b
GET /embeds/J51TWYBN/Edo8pIoz2E0zOOkv/player-dash-mse.min.js?hash=zqztsqiwa HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
age: 1649071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Tue, 31 Jan 2023 14:30:33 GMT
etag: "0c3b104188dacd4b36687e5575d311d5"
expires: Thu, 02 Mar 2023 14:30:33 GMT
last-modified: Thu, 12 Jan 2023 06:39:36 GMT
server: ECAcc (ska/F79F)
vary: Accept-Encoding
x-cache: HIT
x-cdn: 3
x-goog-generation: 1673505576196455
x-goog-hash: crc32c=R/4dtw==, md5=DDsQQYjazUs2aH5VddMR1Q==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 509479
x-guploader-uploadid: ADPycdtpenktKG9uvUFJBLyifs6TgC5w3-BA860m017ZxtQ0o94vluw8oMv1ms0MEGxk5RTX6FRcGFyYpgxk5ssxNK1omuW2VG8v
content-length: 509479
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05
151.101.246.109200 OK 197 kB URL HTTP/2 i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Size 197 kB (197054 bytes)
Hash 1bee7bf9f85ce0bc4ffd349c074d2889
9372aba4ede8ac2498fea794eb7561df59c0ddb7
41acc0e2d090e7f3f5339857b0c1a5f32394d871a8171ba1bc12e88b847af624
GET /video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 1bee7bf9f85ce0bc4ffd349c074d2889
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-86r8
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:33 GMT
age: 2149609
x-served-by: cache-dfw-kdfw8210053-DFW, cache-hel1410030-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 1518, 1
x-timer: S1675175434.964991,VS0,VE2
vary: Accept
content-length: 197054
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/player-dash-mse.min.js?hash=ajsgechzd
192.229.220.49200 OK 510 kB URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/player-dash-mse.min.js?hash=ajsgechzd
IP 192.229.220.49:0
File type Unicode text, UTF-8 text, with very long lines (65399)
Size 510 kB (509478 bytes)
Hash 556eceaa34edb1c7fdedf43cc6b8caf4
3127d032dfcfd7a14534e5089c9a1aa16d04f531
1148c30ac7faa02faf15a236d05b9d8d691627de5106d3322acd40645bc87d91
GET /embeds/J51TWYBN/vlE5cBmfKA6NJAb7/player-dash-mse.min.js?hash=ajsgechzd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
age: 1649072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Tue, 31 Jan 2023 14:30:34 GMT
etag: "556eceaa34edb1c7fdedf43cc6b8caf4"
expires: Thu, 02 Mar 2023 14:30:34 GMT
last-modified: Thu, 12 Jan 2023 06:39:40 GMT
server: ECAcc (ska/F76B)
vary: Accept-Encoding
x-cache: HIT
x-cdn: 3
x-goog-generation: 1673505580153871
x-goog-hash: crc32c=UgphLg==, md5=VW7OqjTtscf97fQ8xrjK9A==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 509478
x-guploader-uploadid: ADPycdv6474ByMBUM0otCObhTVDGIQPpYpNG_JzcpVjx2PlhydDiE-StsWl6L4yJQeVUGgyf71sRc7MkIBmJ_OP1-qu6sXqBQDqp
content-length: 509478
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash a3d6ebef426c693c25fe07aef25109fa
b89bc440ac2f16e9decd1cc0370780b51b4ffb58
491d63669bb1180865525b5582b2c8c08c8a954c1ba77202f497bb9164dc0736
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 14:30:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 17:45:53 GMT
Expires: Tue, 31 Jan 2023 17:45:53 GMT
ETag: "b89bc440ac2f16e9decd1cc0370780b51b4ffb58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.194.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: emAkzc02wDoi/4j+kNkFMQFgRL5PN5RT68FVYAmgTzQXT7TFZy0VlLzQFV0kvFgsR9Av3cedyZ4=
x-amz-request-id: 33WCNDX1WCTE0BBA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1674-BMA
x-cache: HIT
x-cache-hits: 444
x-timer: S1675175434.146197,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=483679769569150&ev=Lead&dl=https%3A%2F%2Fslimcrystal.com%2Fvsl&rl=&if=false&ts=1675175451357&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675175451356.1910342704&it=1675175450976&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=483679769569150&ev=Lead&dl=https%3A%2F%2Fslimcrystal.com%2Fvsl&rl=&if=false&ts=1675175451357&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675175451356.1910342704&it=1675175450976&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=483679769569150&ev=Lead&dl=https%3A%2F%2Fslimcrystal.com%2Fvsl&rl=&if=false&ts=1675175451357&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675175451356.1910342704&it=1675175450976&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 31 Jan 2023 14:30:34 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d55c421d2d5b383621aeacc606b79709
ab469d1cc7db8be484edfa83dd73e291c3c2ab89
7e5b7dde4f0b69c63b3b0b2ce1ee95d8d3b64606613bc576f50fdf07ea760bb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6191
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:34 GMT
Last-Modified: Tue, 31 Jan 2023 12:47:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.131:0
Hash d16b933f66c95657f919de237a5cadca
316eb812f05e2b952b0a40711ae4319f905eb45c
ef60ba70e9ed9b676e815f5a299b02f039fac41f67a1ac3dfc78b87fb4b6f097
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.131:0
Hash d16b933f66c95657f919de237a5cadca
316eb812f05e2b952b0a40711ae4319f905eb45c
ef60ba70e9ed9b676e815f5a299b02f039fac41f67a1ac3dfc78b87fb4b6f097
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prod.cbstatic.net/dist/injectable.js
54.230.111.43200 OK 58 kB URL HTTP/2 prod.cbstatic.net/dist/injectable.js
IP 54.230.111.43:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash cc45d5cd06a0725cf09abbed98b8f322
30a731690e9f1be35312adf6fe478285f150ad34
6231a41bbf4f4a44cd0fad8b558e4abcd802778cedf826f0b42032057b2e5cc9
GET /dist/injectable.js HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 31 Jan 2023 02:31:34 GMT
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
server: AmazonS3
content-encoding: gzip
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iDHQgmrQwNHVqQPWSJAn0TFN8LJN6WHM0csGaFX5YXeh7vo_RQIoCw==
age: 43139
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 31 Jan 2023 14:30:34 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.131:0
Hash d16b933f66c95657f919de237a5cadca
316eb812f05e2b952b0a40711ae4319f905eb45c
ef60ba70e9ed9b676e815f5a299b02f039fac41f67a1ac3dfc78b87fb4b6f097
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:30:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 31 Jan 2023 14:30:34 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=167161c3f156afdabbc9fd5d4c5a52bca1428b161675175433
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=167161c3f156afdabbc9fd5d4c5a52bca1428b161675175433
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=167161c3f156afdabbc9fd5d4c5a52bca1428b161675175433 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1422
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 31 Jan 2023 14:30:34 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=4f6528132f416d5ce5ffd5336d1bfad3d108623e1675175433
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=4f6528132f416d5ce5ffd5336d1bfad3d108623e1675175433
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=4f6528132f416d5ce5ffd5336d1bfad3d108623e1675175433 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1422
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 31 Jan 2023 14:30:34 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d00ecfdd56711ecb45433ba262f8f21b
ba0698fb4771469650368b1def491eb95a004e12
08f35baff86086349afc1ba9e28c2222b8ee0a5a27e149197b1943f1ab690375
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 14:30:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 01:55:28 GMT
Expires: Wed, 01 Feb 2023 01:55:28 GMT
ETag: "ba0698fb4771469650368b1def491eb95a004e12"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
analytics-ingress-global.bitmovin.com/licensing
35.190.27.197200 OK 117 B URL HTTP/2 analytics-ingress-global.bitmovin.com/licensing
IP 35.190.27.197:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 102
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: v1.55.1
date: Tue, 31 Jan 2023 14:30:33 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eacc5895745c1d0e2561d630db526178
77331ece53cccf7a6a219fae33105550fca037a9
4e97ef071c169acbce4919dafc1e49342c9b0698422e0b82288e2d2238c7ac88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 14:30:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 00:15:19 GMT
Expires: Sun, 05 Feb 2023 00:15:18 GMT
Etag: "77331ece53cccf7a6a219fae33105550fca037a9"
Cache-Control: max-age=380083,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792325646a49b527-OSL
analytics-ingress-global.bitmovin.com/licensing
35.190.27.197200 OK 117 B URL HTTP/2 analytics-ingress-global.bitmovin.com/licensing
IP 35.190.27.197:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 102
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: v1.55.1
date: Tue, 31 Jan 2023 14:30:34 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1245
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 14:30:34 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/awesome-log?cid=J51TWYBN
107.178.211.97200 OK 43 B URL HTTP/2 stats.vidalytics.com/awesome-log?cid=J51TWYBN
IP 107.178.211.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=J51TWYBN HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "J51TWYBN/SFUCbWJOOOIBNhYu"
date: Tue, 31 Jan 2023 14:30:35 GMT
x-envoy-upstream-service-time: 16
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1241
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 14:30:35 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/awesome-log?cid=J51TWYBN
107.178.211.97200 OK 43 B URL HTTP/2 stats.vidalytics.com/awesome-log?cid=J51TWYBN
IP 107.178.211.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=J51TWYBN HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "J51TWYBN/HXgeGoekzykmCBqc"
date: Tue, 31 Jan 2023 14:30:35 GMT
x-envoy-upstream-service-time: 14
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash a3d6ebef426c693c25fe07aef25109fa
b89bc440ac2f16e9decd1cc0370780b51b4ffb58
491d63669bb1180865525b5582b2c8c08c8a954c1ba77202f497bb9164dc0736
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 14:30:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 17:45:53 GMT
Expires: Tue, 31 Jan 2023 17:45:53 GMT
ETag: "b89bc440ac2f16e9decd1cc0370780b51b4ffb58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,0,180,183,345,191,1512,1538,2706,2707
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,0,180,183,345,191,1512,1538,2706,2707
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,0,180,183,345,191,1512,1538,2706,2707 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
Date: Tue, 31 Jan 2023 14:30:35 GMT
access-control-expose-headers: LP-Security-Token
x-request-id: 06mv5kh7nmhivusv084g
access-control-allow-credentials: true
X-Forwarded-For: 91.90.42.154
licensing.bitmovin.com/licensing
35.227.229.24200 OK 165 B URL HTTP/2 licensing.bitmovin.com/licensing
IP 35.227.229.24:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Tue, 31 Jan 2023 14:30:35 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
licensing.bitmovin.com/licensing
35.227.229.24200 OK 165 B URL HTTP/2 licensing.bitmovin.com/licensing
IP 35.227.229.24:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Tue, 31 Jan 2023 14:30:35 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trc-events.taboola.com/1484887/log/3/unip?en=pre_d_eng_tb&tos=2512&scd=0&ssd=1&est=1675175451145&ver=36&isls=true&src=i&invt=1500&msa=1308&rv=1&tim=1675175453659&vi=1675175451141&ri=719fd7fd1ce2c0842ef4ed8160fd0104&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fslimcrystal.com%2Fvsl
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484887/log/3/unip?en=pre_d_eng_tb&tos=2512&scd=0&ssd=1&est=1675175451145&ver=36&isls=true&src=i&invt=1500&msa=1308&rv=1&tim=1675175453659&vi=1675175451141&ri=719fd7fd1ce2c0842ef4ed8160fd0104&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fslimcrystal.com%2Fvsl
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484887/log/3/unip?en=pre_d_eng_tb&tos=2512&scd=0&ssd=1&est=1675175451145&ver=36&isls=true&src=i&invt=1500&msa=1308&rv=1&tim=1675175453659&vi=1675175451141&ri=719fd7fd1ce2c0842ef4ed8160fd0104&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fslimcrystal.com%2Fvsl HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 31 Jan 2023 14:30:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://slimcrystal.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=3m7en9yCeBT7xTZSyqRyNE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=103,49,1,544
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=3m7en9yCeBT7xTZSyqRyNE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=103,49,1,544
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=3m7en9yCeBT7xTZSyqRyNE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=103,49,1,544 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 31 Jan 2023 14:30:36 GMT
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://slimcrystal.com
Server: Stargate
access-control-expose-headers: LP-Security-Token
x-request-id: 06mv5ku5e33sr0na6rjg
X-Forwarded-For: 91.90.42.154
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d00ecfdd56711ecb45433ba262f8f21b
ba0698fb4771469650368b1def491eb95a004e12
08f35baff86086349afc1ba9e28c2222b8ee0a5a27e149197b1943f1ab690375
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 14:30:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 01:55:28 GMT
Expires: Wed, 01 Feb 2023 01:55:28 GMT
ETag: "ba0698fb4771469650368b1def491eb95a004e12"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
bam.nr-data.net/events/1/689d5b4562?a=2815207&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5510&ck=1&ref=https://player.vimeo.com/video/647253107
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/689d5b4562?a=2815207&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5510&ck=1&ref=https://player.vimeo.com/video/647253107
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/689d5b4562?a=2815207&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5510&ck=1&ref=https://player.vimeo.com/video/647253107 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 622
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 14:30:38 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7923257b5f72b4ee-OSL
Access-Control-Allow-Origin: https://player.vimeo.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
slimcrystal.com/?hop=sane42&op=vsl
188.114.97.1302 Found 0 B URL HTTP/2 slimcrystal.com/?hop=sane42&op=vsl
IP 188.114.97.1:0
GET /?hop=sane42&op=vsl HTTP/1.1
Host: slimcrystal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 31 Jan 2023 14:30:31 GMT
content-type: text/html; charset=UTF-8
location: vsl
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Tue, 31 Jan 2023 14:30:31 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OAqRehmhY9MwcVPBvVuILgrM1CMSQBgfDNDeaHkyuIYi9bgeYAqQF8njZkllR%2FjvF6fV6nudmKTZewIPtbuE2GvpzL6Rc19%2BXtFPQJD4EGxPJCg1zZPIiQiYuv%2FwOCWiys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7923254d39e6b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/loader.min.js
192.229.220.49200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/loader.min.js
IP 192.229.220.49:0
GET /embeds/J51TWYBN/vlE5cBmfKA6NJAb7/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-store, private, max-age=0, s-max-age=0
content-type: application/javascript
date: Tue, 31 Jan 2023 14:30:33 GMT
etag: "35629e0a56da38a5037aec85f4788bc5"
expires: Tue, 31 Jan 2023 14:30:33 GMT
last-modified: Thu, 12 Jan 2023 06:39:39 GMT
server: UploadServer
vary: Accept-Encoding
x-cdn: 3
x-cdn-info: loader
x-goog-generation: 1673505579777203
x-goog-hash: crc32c=6dfVow==, md5=NWKeClbaOKUDeuyF9HiLxQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10530
x-guploader-uploadid: ADPycdsimnx-TxhnlfYD5BzueEzUde7CsR_PrzhPpJxKqofXaSaGEvulaOA0ixL7NtAT-Z54coiqjk63rFnBA3BNRqo4hCYXlK64
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/loader.min.js
192.229.220.49200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/loader.min.js
IP 192.229.220.49:0
GET /embeds/J51TWYBN/Edo8pIoz2E0zOOkv/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-store, private, max-age=0, s-max-age=0
content-type: application/javascript
date: Tue, 31 Jan 2023 14:30:33 GMT
etag: "0c93b5117bd2de562e7ac1ed7d364e73"
expires: Tue, 31 Jan 2023 14:30:33 GMT
last-modified: Thu, 12 Jan 2023 06:39:35 GMT
server: UploadServer
vary: Accept-Encoding
x-cdn: 3
x-cdn-info: loader
x-goog-generation: 1673505575797978
x-goog-hash: crc32c=OB+aug==, md5=DJO1EXvS3lYuesHtfTZOcw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10530
x-guploader-uploadid: ADPycdvwJHVvLr7TJ9CVHuYsA7rl5dU22F8ejb9kSkuBvFAmRorJ7kdve415SrFgQydS6tXtYAC-G9MJAxJDublXK-ive8oLBmHD
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=7650&token=7fea23d8dd71c3b45c9df27ce0f56342
172.66.40.143200 OK 0 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=7650&token=7fea23d8dd71c3b45c9df27ce0f56342
IP 172.66.40.143:0
GET /conversion/iframe/?a=7650&token=7fea23d8dd71c3b45c9df27ce0f56342 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 14:30:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 31 Jan 2023 15:30:33 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792325598ab8fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
trc.taboola.com/1484887/trc/3/json?tim=1675175451154&data=%7B%22id%22%3A699%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675175451141%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpinha-cbslimcrystal%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675175451153%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.129.44200 OK 0 B URL HTTP/2 trc.taboola.com/1484887/trc/3/json?tim=1675175451154&data=%7B%22id%22%3A699%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675175451141%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpinha-cbslimcrystal%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675175451153%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.129.44:0
GET /1484887/trc/3/json?tim=1675175451154&data=%7B%22id%22%3A699%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675175451141%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpinha-cbslimcrystal%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675175451153%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:30:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675175434.086874,VS0,VE109
vary: Accept-Encoding
x-vcl-time-ms: 109
X-Firefox-Spdy: h2