rankjerryrounion.com/3ae6d0ae-a8e8-4c50-b258-2853fc90ad0f
302 0 B URL HTTP/1.1 rankjerryrounion.com/3ae6d0ae-a8e8-4c50-b258-2853fc90ad0f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /3ae6d0ae-a8e8-4c50-b258-2853fc90ad0f HTTP/1.1
Host: rankjerryrounion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sun, 19 Mar 2023 12:55:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://mcw18.com/af/Xj9AgKFs/rllrdspubdwl?utm_campaign=paidmed
Pragma: no-cache
Set-Cookie: 3ae6d0ae-a8e8-4c50-b258-2853fc90ad0f-v4=AmwI_cFlHTI5B-gOmJQhmuSa51QEj7wOgJnlmqv-Ntc; Max-Age=86400; Expires=Mon, 20-Mar-2023 12:55:34 GMT; Domain=rankjerryrounion.com; Path=/; HttpOnly
cc-v4=gdYNk9L77ZNrjXQAqz56EFihqVrNta3FCt1FezhTGo2R8ih7VmrPxMfad5gKUEUG43PZRBYcDh2MoUmxMUGrnBg%2BRcK%2F97d%2Ba8Z8NNR6df185hCHmbpcPDsMoRFd8nf11UECmz03j3WHSYYQKivYdQ%3D%3D; Max-Age=31536000; Expires=Mon, 18-Mar-2024 12:55:34 GMT; Domain=rankjerryrounion.com; Path=/; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Sun, 19 Mar 2023 14:26:12 GMT
Date: Sun, 19 Mar 2023 12:55:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4800
Expires: Sun, 19 Mar 2023 14:15:34 GMT
Date: Sun, 19 Mar 2023 12:55:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 12:27:05 GMT
content-type: application/json
age: 1709
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12cdbcb1b0785dc0423386448ac68c9c
08cff6b76fd708f0cef3c5bdb8fc72570c4536bd
bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6671
Expires: Sun, 19 Mar 2023 14:46:45 GMT
Date: Sun, 19 Mar 2023 12:55:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AN6ZLb8PcM2KwkX/2DrNfevsmL21rMMqC9EArqa+QLTruuuEu+BsGtnVRKxla0FW5LrbSbJYNSc=
x-amz-request-id: D9WMY4Y41CSZ0625
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 11:58:16 GMT
age: 3438
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 12:55:34 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Mar 2023 12:17:21 GMT
age: 2293
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
200 OK 9.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
IP
File type ASCII text, with very long lines (42862)
Hash 42a2ee3da19d236df26093c57cc4cf2f
2e8d1e1f5304113684417d85b0c22f73d0773a55
a78adc4dc908508947a6f8551e0f85372655de2280bdae263a399b1068517ecf
GET /ajax/libs/slick-carousel/1.8.1/slick.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 12:55:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9283
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-a76f"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 827414
expires: Fri, 08 Mar 2024 12:55:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8uzC7m2cX%2BXdklE5ss8PFmln%2BaN4QLBTV7JliSlhEeBs7XF48G2%2F85WBJfJHFyYeWlHlv5YVd%2FWE5mJ5lYPvTh2GWqZxgxDPcMeOMI5k6QpG2uhllq250oRjj5x4taftQmuZhmt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aa5dedc4b4fb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
IP
File type ASCII text, with very long lines (60805)
Hash 3a9ac5b693abccb6ff1f7cbc1cdb3e7a
f3d0b8e789ff9600708834a210e90ad51cceb4dd
ebb6e07ed703530e814c3288cb93b60da2a03a040edef85edc88789cc175aac2
GET /ajax/libs/gsap/3.5.1/gsap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 12:55:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 21845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f46ecc0-eeae"
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3263739
expires: Fri, 08 Mar 2024 12:55:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0HVEvtSm%2FN91RKfhZAOhQDIV%2F9FEKjSCELUYUN6UG18S533VPpfl4rryvtvdcyGJ%2BYl%2FF8YAROH4y8ad74nJFlwkLULezXXNkDfp7ZXqGFRznSw2YIbFPn2yTzBSYvj8gFBi%2BIE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aa5dedc5b58b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fullPage.js/3.0.2/fullpage.min.css
200 OK 1.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fullPage.js/3.0.2/fullpage.min.css
IP
File type ASCII text, with very long lines (3536), with CRLF line terminators
Hash bccae9a53426e0fbdf1a1aa506e52b64
b42252b279cde2cae1651c639dff2245073aa87f
56a39765bc064c467c94a5d89f1c291d22fd6d4288b5ebb140ad997e10e016f1
GET /ajax/libs/fullPage.js/3.0.2/fullpage.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 12:55:35 GMT
content-type: text/css; charset=utf-8
content-length: 1007
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6b-f31"
last-modified: Mon, 04 May 2020 16:10:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17792472
expires: Fri, 08 Mar 2024 12:55:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyvR9LrngizmxXOkczQoLhk%2B5s9ExqEeAVsG%2FOPywMvpc03MXPnoVXTdDBHUtooWXPX1wC3EQSUZpdTNzQBFyue0ygEao%2B4sUBgjLKeST7UCYbpl2EwdZiJO1Vb%2Bv4eRDUQjC4PM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aa5dedc4b45b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-noty/2.1.0/jquery.noty.js
200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-noty/2.1.0/jquery.noty.js
IP
Hash f7753f78e3cd5f86198786814598e8cc
a1e7b90ba1e4c4c041a25bc316758febb4fb19ed
c32cc887c7f921230d301afc362c319f81428967b5d996550652b4949e71486b
GET /ajax/libs/jquery-noty/2.1.0/jquery.noty.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 12:55:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 3291
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-4421"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1451893
expires: Fri, 08 Mar 2024 12:55:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FvNp18qWVsu53IuO9AWDXWNdgKPDknseiczWetbkUW8UX%2BfwtblumLGKluQCWgVUKXsNxdt02n5FpmAdztpbCB2AJpUsvEmTClSK5OUf%2F1m8f%2B4H%2FVVaGgrj416HRThI3r2k10p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aa5dedc5b5eb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash db7a51fe853d91ea7990bb3c41ba3cb4
f416e7ea87e2ac443e81afac853a3d05071d88e4
a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 37cad346bf9c7582600ca9e3cd8f9252
9021fcfa670921097bb9e71b10e07e8ae42443ae
fd83195c6e32d99ad1c76db3d4431ee060bd077ac738f090851138c5a8986340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-QH00L0BVFE
200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-QH00L0BVFE
IP
File type ASCII text, with very long lines (21772)
Hash 3ea5f21713b744fffa10e3092a3e7288
cba62c690aaf58475b3f2926938d8698c0ce6703
c84317cef8c12f04740e4295f82dee6241eb6ef5bef649b06c07738235677bb7
GET /gtag/js?id=G-QH00L0BVFE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 19 Mar 2023 12:55:35 GMT
expires: Sun, 19 Mar 2023 12:55:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5661
Expires: Sun, 19 Mar 2023 14:29:56 GMT
Date: Sun, 19 Mar 2023 12:55:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 37cad346bf9c7582600ca9e3cd8f9252
9021fcfa670921097bb9e71b10e07e8ae42443ae
fd83195c6e32d99ad1c76db3d4431ee060bd077ac738f090851138c5a8986340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash db7a51fe853d91ea7990bb3c41ba3cb4
f416e7ea87e2ac443e81afac853a3d05071d88e4
a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aSc1L4pOUGYztiNoQYT5+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fslH4KaMsgp9/kfMSYwjU6UuNeQ=
mcw18.com/af/Xj9AgKFs/rllrdspubdwl?utm_campaign=paidmed
200 OK 57 kB URL HTTP/2 mcw18.com/af/Xj9AgKFs/rllrdspubdwl?utm_campaign=paidmed
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2569)
Hash ec8bdb93912aeb7bf5f2be14a4b408ef
212fcde7897aa1602fed8c9ffab02e938a46b24f
cea4ee360d65ee924d91e97a44c4ef42a375d973248f6c96c868854f1bd82053
GET /af/Xj9AgKFs/rllrdspubdwl?utm_campaign=paidmed HTTP/1.1
Host: mcw18.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 19 Mar 2023 12:55:34 GMT
content-type: text/html;charset=UTF-8
cache-control: NO-CACHE
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
pragma: NO-CACHE
expires: Thu, 01 Jan 1970 00:00:00 UTC
vary: Accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22JfTgXzB8EBOCJHh%2FqsOlce%2FcyexWcAZh7ShPTkAKo8M%2F5uWodx3xsfxWjGrCMcJDVrsUI8wHvk5TQEVkFnBXCajGxogE6CCeC58iftJ1Efb9dVz90wX%2F6P84o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: affCodeCookie=Xj9AgKFs; Max-Age=86400; Expires=Mon, 20-Mar-2023 12:55:34 GMT; Domain=mcw18.com; Path=/; HttpOnly
affLinkCookie=rllrdspubdwl; Max-Age=86400; Expires=Mon, 20-Mar-2023 12:55:34 GMT; Domain=mcw18.com; Path=/; HttpOnly
affInternalCookie=true; Max-Age=86400; Expires=Mon, 20-Mar-2023 12:55:34 GMT; Domain=mcw18.com; Path=/; HttpOnly
affDomainCookie=mcw18.com; Max-Age=86400; Expires=Mon, 20-Mar-2023 12:55:34 GMT; Domain=mcw18.com; Path=/; HttpOnly
route=inhouseweb01; Path=/
JSESSIONID=8612F83AA2A4D3F6D987FDAE1729E490; Domain=mcw18.com; Path=/; HttpOnly
__cflb=02DiuGPt8FWwejnoGG4JTHH4hUsG3t8VTMg2QqaBzep3W; SameSite=None; Secure; path=/; expires=Mon, 20-Mar-23 11:55:34 GMT; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aa5ded85cf4067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-QH00L0BVFE>m=45je33f0&_p=182344924&_gaz=1&cid=828442345.1679230547&ul=en-us&sr=1280x1024&_s=1&sid=1679230547&sct=1&seg=0&dl=https%3A%2F%2Fmcw18.com%2Faf%2FXj9AgKFs%2Frllrdspubdwl%3Futm_campaign%3Dpaidmed&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
204 No Content 221 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-QH00L0BVFE>m=45je33f0&_p=182344924&_gaz=1&cid=828442345.1679230547&ul=en-us&sr=1280x1024&_s=1&sid=1679230547&sct=1&seg=0&dl=https%3A%2F%2Fmcw18.com%2Faf%2FXj9AgKFs%2Frllrdspubdwl%3Futm_campaign%3Dpaidmed&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
IP
Hash cd458ce9e0cb6a07327a81881b7cf240
4929c76eda81c309c85cd2faa1d0c73fca555b05
278ef576d82db6a4699eabcdc2e7c34d05a442e136c1273adb4cf747763f6046
POST /g/collect?v=2&tid=G-QH00L0BVFE>m=45je33f0&_p=182344924&_gaz=1&cid=828442345.1679230547&ul=en-us&sr=1280x1024&_s=1&sid=1679230547&sct=1&seg=0&dl=https%3A%2F%2Fmcw18.com%2Faf%2FXj9AgKFs%2Frllrdspubdwl%3Futm_campaign%3Dpaidmed&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mcw18.com
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mcw18.com
date: Sun, 19 Mar 2023 12:55:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c8dfa805163cbe39595d31e72da716e
34a2c4ac208f5f9d77302b67f556203d539388d7
874fcb1c9736686213758fa8009b9569d1d068ccd760461476c37d7e01fcebaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-QH00L0BVFE&cid=828442345.1679230547>m=45je33f0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-QH00L0BVFE&cid=828442345.1679230547>m=45je33f0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-QH00L0BVFE&cid=828442345.1679230547>m=45je33f0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mcw18.com
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mcw18.com
date: Sun, 19 Mar 2023 12:55:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c8dfa805163cbe39595d31e72da716e
34a2c4ac208f5f9d77302b67f556203d539388d7
874fcb1c9736686213758fa8009b9569d1d068ccd760461476c37d7e01fcebaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8639
Expires: Sun, 19 Mar 2023 15:19:35 GMT
Date: Sun, 19 Mar 2023 12:55:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8639
Expires: Sun, 19 Mar 2023 15:19:35 GMT
Date: Sun, 19 Mar 2023 12:55:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 504 B IP
ASN #20940 Akamai International B.V.
Hash cdb042d489d15e1325859864a9566e32
f060535638fcd48804dbedd24925d9124c60f8ef
43877faec05fbd0cfc1f76582ecafd1666834382049dd23be2d02771de732c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8639
Expires: Sun, 19 Mar 2023 15:19:35 GMT
Date: Sun, 19 Mar 2023 12:55:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
IP
Hash 66ba69a39c11ae2acb63bd171dc9e201
2714c75c60a91986cee36965b921130d5474371f
d728d5f06a031131b15e21816534390cf4d2753adafe9ea39ede328f4abc2d94
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8189
x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqgGsdIAMFi6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: n-Dbnb07Rsh0y_T4UW0VQSyRcV96MehdMiFlhdUtcrCiqZVL5ZVJxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:14:54 GMT
age: 52842
etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg
IP
Hash 7534afe47e94c91c9f7ddb781441b01d
7b1bf9e99adcf1d4584246ba2ecae663b918eb13
958b779850f83da61a106e1face8bc57ea99bf44f7512dc30100d51901314725
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6219
x-amzn-requestid: 61b80920-2ba3-4688-80ee-848d68031908
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BwlmnG0KoAMFd0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64101c90-17c159767df548c4672b7365;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 07:04:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ACswRkub0RlODaxJHJGsGkACkMQKk85qY3VxYPscNccAMYdpkQ9evA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 23:47:26 GMT
age: 47290
etag: "75dd9bdbaf7f19102036d27e69a011f4c37942a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
200 OK 34 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
Hash 258dc281348f48963d3a7c71ced712d7
c83c990b4f842ab49890fc715be0f3bf2a6fe24c
94e7d69874f098331d6b5b1d90c3630f5de022c0a8f24627659baa319d66303d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: K19FG80YIBs-7NnPFJQEodETe4DpifB_BA2FpyYtB0W-sXXjNlLKxw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 07:04:47 GMT
age: 21049
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae7f77f1-adab-464f-87e7-4a15dcd322ba.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae7f77f1-adab-464f-87e7-4a15dcd322ba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c70e6317e3ccd8783db05f712ab8b319
ae05abedca84094ff077fdfb6b5ea0e6148a086b
9d3edfaeab32dfa522cd0eac659b93eb561b33a91149428e7a5d7ec84431bb72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae7f77f1-adab-464f-87e7-4a15dcd322ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6265
x-amzn-requestid: a40c18f5-e26f-48d0-982a-ebfc9fa92b9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wYuEa7IAMFneQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162dd1-42b70f637dc3b2d222d98f9b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UI-PcxN2YSytmygeVp4WBCSbtLH9egiAhP5vyJI7xN7iN1QAe1mqEA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:44:34 GMT
age: 54662
etag: "ae05abedca84094ff077fdfb6b5ea0e6148a086b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53761c38e423f6990a84c2b59ed352eb
974780a01c5fe24e092b4d8bd08a3a13a17485e1
527145dd60d8944f77d0187e2286fa1ddd12646efbc8e080eefa04825e212c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 9d2de887-7fa9-4a32-88f7-95d73447537c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wZMGd1IAMFqoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162dd4-1a4e78b86a7075e632de4bf5;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ofXGNAvEmGsCA3lg3SeqkQvsgERe8Shqnsx1pGLs_e3w7uTHO0JcMw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:15:50 GMT
age: 52786
etag: "974780a01c5fe24e092b4d8bd08a3a13a17485e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c54a5cee763815a2d2d335a0dc51bab6
80d3672c8a1db24dedba20a8b04edbc67cff14f2
ce00f0d0fee5cbf89b31106b2d696d04ba12d94f4edbd512a2dc1100ab0ef5d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7541
x-amzn-requestid: 00d990c9-d6de-4aea-8022-2d0df93ca184
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqWGezIAMF9kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e41-5a9c056956af56fd1b81973e;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Rx2FCojyGMn9suaqPQysZg2b7avBWk4eF99tkK7JG5cVXjsbY7GrDQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:48:16 GMT
age: 54440
etag: "80d3672c8a1db24dedba20a8b04edbc67cff14f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73af20327f0f4938b7c375ac8a34466a
e108c5c8cd69ca4d7c3441bc2806e2a44eea6056
d23a6378cdd4c7f9ba0924e4d11fdb96267bdfacd7faa4c060d0a6cd2eefcff5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH00L0BVFE&cid=828442345.1679230547>m=45je33f0&aip=1&z=1054957163
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH00L0BVFE&cid=828442345.1679230547>m=45je33f0&aip=1&z=1054957163
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH00L0BVFE&cid=828442345.1679230547>m=45je33f0&aip=1&z=1054957163 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 12:55:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73af20327f0f4938b7c375ac8a34466a
e108c5c8cd69ca4d7c3441bc2806e2a44eea6056
d23a6378cdd4c7f9ba0924e4d11fdb96267bdfacd7faa4c060d0a6cd2eefcff5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 12:55:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash eb0d6752e00e21564e6cdb61cd7b7b4a
d3cec7fc116407fd92a9fc26c78e53da2884b3cc
023096e5ae044d00a37b2dae8aa5d8bf5214e7930c1efc582d178eb4ac254b21
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165932
Date: Sun, 19 Mar 2023 12:55:39 GMT
Etag: "6416deb7-1d7"
Expires: Tue, 21 Mar 2023 11:01:11 GMT
Last-Modified: Sun, 19 Mar 2023 10:06:47 GMT
Server: ECAcc (bsa/EB2A)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EIusjE_zURab5ntKQKpfXfBR8OVkgfEWgcGVRDG0HoUtem_MrB9yCQ==
Age: 3264
d313lzv9559yp9.cloudfront.net/6f6c7faae0e50a098198441f725d8616.js
200 OK 45 kB URL HTTP/2 d313lzv9559yp9.cloudfront.net/6f6c7faae0e50a098198441f725d8616.js
IP
Hash 4e556e0cc9941f4e5ba3378b3682479b
257cbd396e9ead4ae0ca0a6568daa402a6ff518c
43c4feaa87fa856d96a07497532ac540e8005a7d8e6a90484a00e1ac97e4278a
GET /6f6c7faae0e50a098198441f725d8616.js HTTP/1.1
Host: d313lzv9559yp9.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Thu, 16 Mar 2023 21:55:41 GMT
last-modified: Fri, 04 Feb 2022 07:06:42 GMT
etag: W/"88cb9226f8023d9ebdf06530f39e8631"
x-amz-meta-md5-hash: 88cb9226f8023d9ebdf06530f39e8631
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tCZz2W0XdHgcKivhBGv2rMvR0TSJJn5b792IlfMuSw2oMrIUOCDMOA==
age: 226799
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Material+Icons+Outlined
200 OK 364 B URL HTTP/2 fonts.googleapis.com/css2?family=Material+Icons+Outlined
IP
Hash 34b87245d0926032a5d0fc014773b92a
fe395948f618fdd78e244514dda06a04b2b07951
5703e15a881e4e96d9540c9deaf4caf9e5e00fc8484956a07d69f6db79614795
GET /css2?family=Material+Icons+Outlined HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 19 Mar 2023 12:55:35 GMT
date: Sun, 19 Mar 2023 12:55:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=adl&google_cm&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27
302 Found 330 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=adl&google_cm&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 16b8e4b6b7d405937a93d952c0fe56a5
72c5a559c5953430843a40eddbbc3895c69a6eda
1e0a63e3b8e430ee05b7746b0e14e992c55b496500903ce5c1e8d4fa669333db
GET /pixel?google_nid=adl&google_cm&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27&google_tc=
date: Sun, 19 Mar 2023 12:55:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 330
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Mar-2023 13:10:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27&google_tc=
302 Found 239 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c6e56f979c17237f2e21f5959d68e8ca
e11c209142617b45ceee574ba68399a212bef1ee
29d69f8c119d517c443f4112cfeed028551b352f1921664db223f23bf5a70330
GET /pixel?google_nid=adl&google_cm=&google_hm=b%27UHp3OHllZVoyMGVDM0RBV2g1cGZYTldI%27&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://sc.adelement.com/cs?google_error=3
date: Sun, 19 Mar 2023 12:55:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=29403057&t=2
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=29403057&t=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=29403057&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 19 Mar 2023 12:55:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29403057%26t%3D2
AN-X-Request-Uuid: 3259e694-605f-431f-a196-88145a63ac37
Set-Cookie: uuid2=1680082533216808464; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 17-Jun-2023 12:55:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29403057%26t%3D2
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29403057%26t%3D2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D29403057%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 19 Mar 2023 12:55:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c447b3bf-0511-4d38-8292-a0c32ec29f2c
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C$Ip+T)Z!]tbP6j2F-XstGt!@D>K$XRlI; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 17-Jun-2023 12:55:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sc.adelement.com/cs?google_error=3
302 Found 0 B URL HTTP/2 sc.adelement.com/cs?google_error=3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs?google_error=3 HTTP/1.1
Host: sc.adelement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Cookie: OAID=Pzw8yeeZ20eC3DAWh5pfXNWH; _ae_rt_tt=eu-west-1; _ae_rt_te=; _ae_rt_dt=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 19 Mar 2023 12:55:40 GMT
location: https://ib.adnxs.com/setuid?entity=389&code=Pzw8yeeZ20eC3DAWh5pfXNWH
server: nginx/1.18.0 (Ubuntu)
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D389%26code%3DPzw8yeeZ20eC3DAWh5pfXNWH
200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D389%26code%3DPzw8yeeZ20eC3DAWh5pfXNWH
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D389%26code%3DPzw8yeeZ20eC3DAWh5pfXNWH HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 19 Mar 2023 12:55:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0a8af632-da6e-4e60-a1f9-9f40699f989d
Set-Cookie: anj=dTM7k!M41.E:2jUF']wIg2C$Ip+T)Z!]tbPl1Mu5QgUl$=0Y'2lsLTb5=Rzdjd2Xt3l-Da.B*KeliG!shcg8Y(j#iP(Md+>)fy+u6$'(L; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 17-Jun-2023 12:55:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
widget.intercom.io/widget/cz9vuj8s
200 OK 3.3 kB URL HTTP/2 widget.intercom.io/widget/cz9vuj8s
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8520), with no line terminators
Hash 3fbef7d71b7c3df251fe6d773e37daa9
d50449a3be2fa09c96503d364277a2116388e74d
d450b3f776f34952145e3ec839727f100625da39034ad2e27cad5aaca4a76ba2
GET /widget/cz9vuj8s HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 3267
last-modified: Wed, 15 Mar 2023 18:00:36 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 9M8.ZgIQMGNLmT6vKebRWxJOUP8BEZTh
accept-ranges: bytes
server: AmazonS3
date: Sun, 19 Mar 2023 12:41:40 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "3fbef7d71b7c3df251fe6d773e37daa9"
x-cache: Error from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HLJxLFGniBVmDoHktD0hcQTgZlR056Cqg2Bpsqcbbb8mObHGc6Ydow==
age: 921
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.46a0a397.js
200 OK 142 kB URL HTTP/2 js.intercomcdn.com/frame.46a0a397.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (142309 bytes)
Hash 41c418d5dc8e3fe038e46c20fd3e751a
306d84c1cea60fbb87dda25acd6aa832cdec9d63
1356c41b14d14bab1ea8695e8f7214c3bbaa75fb6f5ea40a0f73fd6c46bd94df
GET /frame.46a0a397.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 142309
last-modified: Wed, 15 Mar 2023 17:58:09 GMT
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 49j5edlQhxcDYAmui1pNphiZnFzObxyi
accept-ranges: bytes
server: AmazonS3
date: Sun, 19 Mar 2023 12:25:22 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "41c418d5dc8e3fe038e46c20fd3e751a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kr4WFIMM-Vtx9xCzMjnxvxhp-FvOlDpyyR9WxRE3k7K7cj8mI9v1Hg==
age: 1820
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.551a6de5.js
200 OK 108 kB URL HTTP/2 js.intercomcdn.com/vendor.551a6de5.js
IP
File type Unicode text, UTF-8 text, with very long lines (65431)
Size 108 kB (108489 bytes)
Hash 8deb2689654059a01764fb9a31dce705
cb3325e17780436c5aa8fcb12091b431c58411c0
65a6ac9afaca19ccdf78e6c7f9c808d6ce1a06e1a74187fb66ecd6615e4b81db
GET /vendor.551a6de5.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108489
last-modified: Wed, 15 Mar 2023 17:58:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: GYHHhEs5CnwBT8ycU879GnNcLaIoTt8e
accept-ranges: bytes
server: AmazonS3
date: Sun, 19 Mar 2023 11:06:15 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "8deb2689654059a01764fb9a31dce705"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ql7s-lFxOt_t1NHbWajayhkbkKU2w6FK3WKV3FkuloilQstfXelMxw==
age: 6566
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash de411b05015c336a7d6769a4f77e6b20
805075645ca6c31c34b1c00b82389b621d7a1640
f8684399aa1535badfe1806aba3fc7a5218645753e7f18423c47942699c82dae
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150011
Date: Sun, 19 Mar 2023 12:55:41 GMT
Etag: "64169861-1d7"
Expires: Tue, 21 Mar 2023 06:35:52 GMT
Last-Modified: Sun, 19 Mar 2023 05:06:41 GMT
Server: ECAcc (bsa/EACA)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: djiakjYv32M7f6QV3vhGpUYLNlqKD8QvGooZQmb80fu9l997XZscrw==
Age: 5351
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 10b44b46d5a0e40c9bd519c0564227ae
563f3a81d863ec1f06fe09a1b7565069250092d6
dbf11805789be7c95c1fad32d1a38c1f35e17a47492663f7acc1819b207c7fea
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140641
Date: Sun, 19 Mar 2023 12:55:42 GMT
Etag: "64166fb6-1d7"
Expires: Tue, 21 Mar 2023 03:59:43 GMT
Last-Modified: Sun, 19 Mar 2023 02:13:10 GMT
Server: ECAcc (bsa/EB2A)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B4SZCYyRxs9ni2pFmdZztqInr2c4J_G6cEAtY4OcDwDmqqDJMuc_Kw==
Age: 6393
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash be257e01d7f2be3ecdc430ff14618437
6454c1817ca31c74097dcfd44cbb6057763fdb04
221dce0edf357d502870f03ff6abab7eed714a776051a697b6537a72d34b8505
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169980
Date: Sun, 19 Mar 2023 12:55:42 GMT
Etag: "6416e5d0-1d7"
Expires: Tue, 21 Mar 2023 12:08:42 GMT
Last-Modified: Sun, 19 Mar 2023 10:37:04 GMT
Server: ECAcc (dcb/7F87)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Gul-C-tV2eSrJUfl-ks8aFwHMn__wE2H4GgbfbnGo2MCNBDYIG5_tg==
Age: 5498
collector-cps-live.omnitrend.biz/session/
200 OK 0 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/session/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /session/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: bu-project,bu-session,bu-uid,ot-guest,ot-timestamp,ot-token
Referer: https://mcw18.com/
Origin: https://mcw18.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
date: Sun, 19 Mar 2023 12:55:42 GMT
server: uvicorn
content-type: text/html; charset=utf-8
content-length: 0
vary: Origin
access-control-allow-origin: *
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, ot-token, ot-guest, ot-timestamp, bu-session, bu-project, bu-uid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=IekCDApCQCSyKLvptsW4RE4GF2QAAAAAQUIPAAAAAABvG811BluYjotasGoLziwo; expires=Sun, 17 Mar 2024 22:43:25 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2885031=+mnfcNO2bjdWnhf/lDJeOwAAAACFyO6t3IZoUaE5AjPvJ/Gn; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=CIynMxgCCDDRsoygj1HFCE8GF2QAAAAAH7JbDVulK/SnOMUx+g9VRw==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 3-13405441-13405442 NNNN CT(239 481 0) RT(1679230542090 24) q(0 0 7 1) r(9 9) U24
cz9vuj8s.intercom-messenger.com/messenger/web/ping
200 OK 2.2 kB URL HTTP/2 cz9vuj8s.intercom-messenger.com/messenger/web/ping
IP
File type JSON data\012- , ASCII text, with very long lines (5067), with no line terminators
Hash 8b94bd9ec05df736560da5e177d824ed
fd8fe613ba0bbdf49fd939864503056fb39d1db8
f4455b397aabe9f90b08edb922e918a2ed3d3849ca7aa6daef453be0aca2165a
POST /messenger/web/ping HTTP/1.1
Host: cz9vuj8s.intercom-messenger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 456
Origin: https://mcw18.com
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 12:55:42 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1679230550
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13077
access-control-allow-origin: https://mcw18.com
vary: Accept,Accept-Encoding
x-intercom-version: be68fde63659c0e54da555abe5e3fe4fab46a211
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 003e2m92u0uqun8edda0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"278e56bac3548f4a7110c4de60df2824"
x-runtime: 0.285434
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0a5a4ac101ab7d496
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75459a03-8a9b-45e3-9b63-a2365ba8bb7a.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75459a03-8a9b-45e3-9b63-a2365ba8bb7a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d2172da8414a0c6b957f5456f8618c9
a667a0a797ed328a2b11511f6ee3f111edb5e865
c83e7d4f87ff9a8eb410fadf136d9d4a16c2750c95f61fd318206ef3219591cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75459a03-8a9b-45e3-9b63-a2365ba8bb7a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5660
x-amzn-requestid: 4c490edf-9040-42ba-919b-97b68b677a12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bsu-0FUeIAMFVww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e91f8-2e36591035bf276d3fda8e19;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 03:01:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TZx0NalCuYXzhY01gfiP82y58cfmEv_3ziSuqkTFY1sSPUQKZJzJoA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:00:36 GMT
age: 53707
etag: "a667a0a797ed328a2b11511f6ee3f111edb5e865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cz9vuj8s.nexus.intercom-chat.com/pubsub/5-Q8jR4p6CWVkQYwCOmKRAJ8PHds2YSFe45adLwHTQdKNYT1mLZPqZwVpu-mz0jJLiLhoWRFkKybvLTIzQFuKiUDwSSgORxQYLGMNf?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
101 Switching Protocols 0 B URL HTTP/1.1 cz9vuj8s.nexus.intercom-chat.com/pubsub/5-Q8jR4p6CWVkQYwCOmKRAJ8PHds2YSFe45adLwHTQdKNYT1mLZPqZwVpu-mz0jJLiLhoWRFkKybvLTIzQFuKiUDwSSgORxQYLGMNf?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-Q8jR4p6CWVkQYwCOmKRAJ8PHds2YSFe45adLwHTQdKNYT1mLZPqZwVpu-mz0jJLiLhoWRFkKybvLTIzQFuKiUDwSSgORxQYLGMNf?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: cz9vuj8s.nexus.intercom-chat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://mcw18.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CeCEK0v0d8IehhRS+/+mxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: upgrade
Server: nginx
Date: Sun, 19 Mar 2023 12:55:43 GMT
Upgrade: websocket
Sec-WebSocket-Accept: V/1uiuncH+2u/+qYyhWJ/7mLi6E=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: s6HKoxlnHvt0pjAFv7384pcj45DlxEN_d5RUx19tR5lJXPtydcHz0g==
collector-cps-live.omnitrend.biz/info/
200 OK 0 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/info/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /info/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bu-project,bu-session,bu-uid,ot-guest,ot-timestamp,ot-token
Referer: https://mcw18.com/
Origin: https://mcw18.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
date: Sun, 19 Mar 2023 12:55:43 GMT
server: uvicorn
content-type: text/html; charset=utf-8
content-length: 0
vary: Origin
access-control-allow-origin: *
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, ot-token, ot-guest, ot-timestamp, bu-session, bu-project, bu-uid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=fM2L1pQ1RKygs4rFxCXDmU8GF2QAAAAAQUIPAAAAAADOuxJDjfjaI1sfD4C6bkG9; expires=Sun, 17 Mar 2024 22:43:24 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=UHqdQQ6b2g+fs4ygj1HFCE8GF2QAAAAAt1sNA7M0AlPn3Wl4QuSiww==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 4-20318995-20319056 SNNy RT(1679230542090 1401) q(0 0 0 -1) r(3 3) U24
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash c571394fbf1dea87a6f309f0a353a673
d09de538a6ff7b681384eb786644989a142231dc
621db9c363ef1d6cc64c9255d8b4f4d712f602448ad149ef38e5ff787840979c
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163019
Date: Sun, 19 Mar 2023 12:55:43 GMT
Etag: "6416d7b6-1d7"
Expires: Tue, 21 Mar 2023 10:12:42 GMT
Last-Modified: Sun, 19 Mar 2023 09:36:54 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TbXNWT9ZrX3OTYtiKzwNCHtcjJaH5bMflZEDu0zmwirC8aDptAv93w==
Age: 2148
collector-cps-live.omnitrend.biz/info/
204 No Content 0 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/info/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /info/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
bu-project: j&3-xc4)%%72f4_nfn-v9_n-07t_qw$@8!o&x75v-b=4=*^j3q
bu-session: undefined
bu-uid: undefined
ot-guest: MmMzMjlkNjctYjEzNC00ZTcxLTg5ODAtYzMzYWI1MWEyZDM1OjkxLjkwLjQyLjE1NDoxNjc5MjMwNTQzLjMzMDIxNDpNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMDpqJjMteGM0KSUlNzJmNF9uZm4tdjlfbi0wN3RfcXckQDghbyZ4NzV2LWI9ND0qXmozcQ==
ot-timestamp: 1679230555.394
ot-token: ZDRmNzE0ODctYzU5Yi00MzRhLWE3ODYtOTk5NWU1YTZmODE0OjkxLjkwLjQyLjE1NDoxNjc5MjMwNTQzLjMzMTAyNjpNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMDpqJjMteGM0KSUlNzJmNF9uZm4tdjlfbi0wN3RfcXckQDghbyZ4NzV2LWI9ND0qXmozcQ==
Content-Type: text/plain;charset=UTF-8
Origin: https://mcw18.com
Content-Length: 343
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Sun, 19 Mar 2023 12:55:43 GMT
server: uvicorn
content-type: text/html; charset=utf-8
content-length: 0
vary: Origin
access-control-allow-origin: *
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=6oASPuGDS/KfS3ppqpem1VAGF2QAAAAAQUIPAAAAAAAWtTFQj5mA5yU5eVaPm49N; expires=Sun, 17 Mar 2024 22:43:24 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=O0R9KDxk1ye+s4ygj1HFCFAGF2QAAAAAZk/Jkl7DKLeu/Wf7llhKlQ==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 4-20318995-20319056 SNNy RT(1679230542090 1661) q(0 0 0 -1) r(3 3) U24
sc.adelement.com/setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en
302 Found 0 B URL HTTP/2 sc.adelement.com/setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en
IP
GET /setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en HTTP/1.1
Host: sc.adelement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 19 Mar 2023 12:55:39 GMT
location: https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en&_aeset=1
server: nginx/1.18.0 (Ubuntu)
set-cookie: OAID=Pzw8yeeZ20eC3DAWh5pfXNWH; expires=Mon, 18-Mar-2024 12:55:39 GMT; Domain=.adelement.com; SameSite=None; Secure
X-Firefox-Spdy: h2
18.196.138.182
54.230.111.95
188.114.96.1
104.17.25.14
23.33.119.27
54.78.185.162