arep.co/b64695d80521ac4eb8821eb100653cba/unlock
52.64.21.46301 Moved Permanently 162 B URL HTTP/1.1 arep.co/b64695d80521ac4eb8821eb100653cba/unlock
IP 52.64.21.46:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /b64695d80521ac4eb8821eb100653cba/unlock HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 23:42:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://arep.co/b64695d80521ac4eb8821eb100653cba/unlock
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5290
Cache-Control: max-age=125540
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:43 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 10:35:03 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U9OSdwzUXvcn7uGekTZiVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DYEEj+cfNVCJw6C0zP1BOkPLJCA=
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 23:42:14 GMT
content-type: application/json
age: 30
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZUWQX/T7NF7vHvbVkHYMo69/q1KJvuBM57Upr97wJS00CxuJS6/jvd4IbJL1GlKY1qc7RmNnQTs=
x-amz-request-id: 83MHJDHTC71NBC6B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 22:56:00 GMT
age: 2804
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 23:42:44 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 23:33:46 GMT
age: 538
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
arep.co/b64695d80521ac4eb8821eb100653cba/unlock
52.64.21.46302 Found 0 B URL HTTP/1.1 arep.co/b64695d80521ac4eb8821eb100653cba/unlock
IP 52.64.21.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b64695d80521ac4eb8821eb100653cba/unlock HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 16 Jan 2023 23:42:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Etag: "bcrypt+sha512$e6aa14e1e37cc6932998ff21f1063247$4$c0f61658eb1747fb050a5c1ab7b54a1894c818a250d321e8"
Vary: Accept
Location: https://arep.co/YVdBiy/unlock
Set-Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY0LCJpYXQiOjE2NzM5MTI1NjR9.mK4kjhbqQoe-SggSK0dOU4VfdCFNo2UBZUnoDDSs3BY;Path=/;Max-Age=920160;Secure
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type
Access-Control-Expose-Headers: X-Auth-Token
arep.co/YVdBiy/unlock
52.64.21.46200 OK 2.7 kB IP 52.64.21.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2157)
Hash 75e7f6180ea143eba0e8ced56dc98681
4852c8b2ace82a0f889be530427e0a9a3c624ffa
34c4438fe93fe319f53d8041ba790abe0753b90859cee6d0e6f73f591b5fbfc0
GET /YVdBiy/unlock HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY0LCJpYXQiOjE2NzM5MTI1NjR9.mK4kjhbqQoe-SggSK0dOU4VfdCFNo2UBZUnoDDSs3BY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 23:42:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"bcrypt+sha512$7b348bb00c6e613ca0ecfbcc7121ee2f$4$a5594f07d538381483841615dfc198e352eb73214d7ffa43"
Vary: Accept-Encoding, Accept
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type
Access-Control-Expose-Headers: X-Auth-Token
Content-Encoding: gzip
cdn.polyfill.io/v2/polyfill.min.js?features=default,fetch
151.101.1.26200 OK 126 B URL HTTP/2 cdn.polyfill.io/v2/polyfill.min.js?features=default,fetch
IP 151.101.1.26:0
Hash 73facef13260d15915b31c39a22317b8
2e0d6642d943b6bba33c14ed89db6ca0d98e7844
fe0e7a42051b9bde30f5d3f6679756e2aad5814be1914d6606d961f6e15f07f7
GET /v2/polyfill.min.js?features=default,fetch HTTP/1.1
Host: cdn.polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 11 Jan 2023 11:21:48 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Mon, 16 Jan 2023 23:42:45 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=15
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 126
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 15eefbeba639021ff081a7bc85fb57a9
219f15ce1782c8f382ba2d8c40c405735e3bb397
45428fc85fc5a90678d199a0d9d17ad5016cb1919a88596b910f96eea36d04b4
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 23:42:45 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0733A45B8C53B9AED3347BC5CD3FA61E1F42A873"
Expires: Tue, 17 Jan 2023 10:00:00 GMT
Last-Modified: Mon, 16 Jan 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1008
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78aab59cbb08b505-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 79f45c828bcf1579157e07b09a6e33c0
37978dbbaf317b2e75bb33029452c892e48cd066
ea0537038a89b65edb180d6fe383683d1954fb95f171fb4a4b7922b97101c2f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 23:42:45 GMT
Etag: "63c4c208-1d7"
Last-Modified: Mon, 16 Jan 2023 23:23:53 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _R-zWOrAUS96e32Gi-_2BFFuSw1Z_-rPQHSz9XIfYqBEVX02lteSkw==
Age: 1132
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 79f45c828bcf1579157e07b09a6e33c0
37978dbbaf317b2e75bb33029452c892e48cd066
ea0537038a89b65edb180d6fe383683d1954fb95f171fb4a4b7922b97101c2f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102625
Date: Mon, 16 Jan 2023 23:42:45 GMT
Etag: "63c4c208-1d7"
Expires: Wed, 18 Jan 2023 04:13:10 GMT
Last-Modified: Mon, 16 Jan 2023 03:18:32 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n2fGJnnAOGExsXndFablR24Wqa0CAuHnWaOv6sEy3F8STaqgSQw8mQ==
Age: 3278
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 79f45c828bcf1579157e07b09a6e33c0
37978dbbaf317b2e75bb33029452c892e48cd066
ea0537038a89b65edb180d6fe383683d1954fb95f171fb4a4b7922b97101c2f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101881
Date: Mon, 16 Jan 2023 23:42:45 GMT
Etag: "63c4c208-1d7"
Expires: Wed, 18 Jan 2023 04:00:46 GMT
Last-Modified: Mon, 16 Jan 2023 03:18:32 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aSNSJzul1JkHK2RkKHmpIYJBbam_PoNzjc9NGwAtKeVMKhln0pndAA==
Age: 2534
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 79f45c828bcf1579157e07b09a6e33c0
37978dbbaf317b2e75bb33029452c892e48cd066
ea0537038a89b65edb180d6fe383683d1954fb95f171fb4a4b7922b97101c2f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 23:42:45 GMT
Etag: "63c4c208-1d7"
Last-Modified: Mon, 16 Jan 2023 22:07:57 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qfr3LMh7jCQCp6awJBnrl_61ZV0jmBeCg-XvfZBTTR2AnPfTqHgKKg==
Age: 5688
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 79f45c828bcf1579157e07b09a6e33c0
37978dbbaf317b2e75bb33029452c892e48cd066
ea0537038a89b65edb180d6fe383683d1954fb95f171fb4a4b7922b97101c2f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99347
Date: Mon, 16 Jan 2023 23:42:45 GMT
Etag: "63c4c208-1d7"
Expires: Wed, 18 Jan 2023 03:18:32 GMT
Last-Modified: Mon, 16 Jan 2023 03:18:32 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: orMM1ytxLs4WQ1lB9hr6s_lEvcSQYjZnYeqmTEcHRwwjXfJ-EUx7Tw==
cdn.arep.co/img/favicon/favicon.ico
54.230.111.58200 OK 15 kB URL HTTP/2 cdn.arep.co/img/favicon/favicon.ico
IP 54.230.111.58:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 32c1928212c65f839af9b11702a5b7dc
b7506744d4efb9bc5490069d1a42dc8d0e83ecbb
ac3b738118632ba715c728d20ea381829075334583197c8b643b37097d86d2db
GET /img/favicon/favicon.ico HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15086
last-modified: Tue, 08 Nov 2022 02:57:06 GMT
server: AmazonS3
date: Mon, 16 Jan 2023 03:24:48 GMT
etag: "32c1928212c65f839af9b11702a5b7dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fv8ZDjpantRnEiNzBcejOW7_nbgxBq0dclS20WrgJV10ZyZgYqpfog==
age: 73079
X-Firefox-Spdy: h2
arep.co/api/v1/cn/campaign-uri?$filter=uri%3D%2FYVdBiy%2Funlock
52.64.21.46200 OK 4.6 kB URL HTTP/1.1 arep.co/api/v1/cn/campaign-uri?$filter=uri%3D%2FYVdBiy%2Funlock
IP 52.64.21.46:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (15546), with no line terminators
Hash ad910f6519dffa566812e5299f3e98fb
527d2c8ca226d414ef7521772248ca28bb4a33ba
2ee83a994e91a4128c83bcf80c1f608129a04225ae354bb8c3f3fa13c420b0f3
GET /api/v1/cn/campaign-uri?$filter=uri%3D%2FYVdBiy%2Funlock HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/YVdBiy/unlock
Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY0LCJpYXQiOjE2NzM5MTI1NjR9.mK4kjhbqQoe-SggSK0dOU4VfdCFNo2UBZUnoDDSs3BY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 23:42:45 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type,ETag
Access-Control-Expose-Headers: X-Auth-Token,ETag
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57f4bddae2488cc36924ba39e6cb5b75
84c4e591d4ec54c3f9b6749044029145103f2fb8
30f39db37bf4f4089a2c180cf3415dbcd2e73e4ad6088eb1ecf31c9f6f00d521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: d7f0fb1e-8a6e-4fae-99a9-7e0497a250c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ekP_UE9HoAMFuyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be6061-389b5ce60f1febdc3e3d48d0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 07:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r5J4wPWxEkUaI7C2rCwCVIZ-KvGCLNIS95-_7L2Pj3M5CSkS7Em3xg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 06:53:17 GMT
age: 60569
etag: "84c4e591d4ec54c3f9b6749044029145103f2fb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98638632-6085-4fe0-b179-1d3dc01455bc.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98638632-6085-4fe0-b179-1d3dc01455bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f1e894af57f496e42b147688fab47ae
e6d32846839d1b47a0ad690c4002ce07ca2fecb6
090494beedfef9ecae9917f38731a52fc8bfd05ad6cd0ec97c8e0cc95b8bbd6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98638632-6085-4fe0-b179-1d3dc01455bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8257
x-amzn-requestid: 6ff7504a-9e5c-4210-a548-d89cbeb429de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewNbvFVEIAMFR1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32917-22fa378d002450dd3cfbe931;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 22:13:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHdFbETsTOqs8rnxiMmuUKJrbPaatDql9rGxwt9ste_32o5n4fWoxQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 22:21:46 GMT
age: 4860
etag: "e6d32846839d1b47a0ad690c4002ce07ca2fecb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 858008283680ca87da102bf7b125fccc
bb8be336e54bb6b722eef455ff15535b2de9207d
c79b8fb1638811abd6ef35e50a2590c630ba255a25b8417d6ec0739fc1e558fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 843
Cache-Control: max-age=170056
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:46 GMT
Etag: "63c5d2f3-2d7"
Expires: Wed, 18 Jan 2023 22:57:02 GMT
Last-Modified: Mon, 16 Jan 2023 22:42:59 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a57f270-98a9-442f-9239-76f1b01be9ae.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a57f270-98a9-442f-9239-76f1b01be9ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11978fd8515619467879303c76a11092
178546ab6c6779129e49f2a7bd80560cf08fbf7c
3f4bd577a740e0b2fcfb38ba4edd72cef3d2a8da7b5949eef33b2c04d417dca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a57f270-98a9-442f-9239-76f1b01be9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9186
x-amzn-requestid: dcfb9d55-6741-4ac3-afb6-d6fcc316c305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tvYHw6oAMFnwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c32f-237ef8a2086f859b7b49b006;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jU1UPGJjz6GgxfBnK1alPLb4ltxnFyWU29tfI7DH6FERqQSggFZwrg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:56:51 GMT
age: 6355
etag: "178546ab6c6779129e49f2a7bd80560cf08fbf7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 6991
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
35.186.235.23200 OK 17 kB URL HTTP/2 cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
IP 35.186.235.23:0
File type ASCII text, with very long lines (755)
Hash caa762087e9d75cecc34b5d6626cb7b9
fcc68d485c2f42e0f880260c3e104cedf50d0d11
dc0ec55efae4c1f0ff095cf05133cc835e1cc4ff7906d3b7a2d0d86789bfe145
GET /libs/mixpanel-2-latest.min.js HTTP/1.1
Host: cdn.mxpnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduAT34v6zhvIv2Dmvgc6QgtvKx88E4dtXs1_P-ehIwiDd0OfJ2L4JmQREmDZJBmD8A-yXkBuWtE6Gw8rcy0QlpphZjG3Br5
x-goog-generation: 1645129310876382
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
content-encoding: gzip
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17435
access-control-allow-origin: *
server: UploadServer
date: Mon, 16 Jan 2023 23:40:32 GMT
expires: Mon, 16 Jan 2023 23:50:32 GMT
cache-control: public,max-age=600
age: 134
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
etag: "caa762087e9d75cecc34b5d6626cb7b9"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcaf94e244d0b492c26d4964836f4913
fde259440056930606a16b88e6d87e2edc420bd6
6cc207b89ceda6a27a0c9905a3284044984af07cdf5eb91a84b93bc56e414806
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3027
x-amzn-requestid: 9599f603-0ef7-40c7-aa0e-699a82057dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tr0GvUoAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c318-3d11e6404c85fcb737852aaf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9U7jKrDbganO37QtU-I_g8A9G3XEHtsj-z6s0UF419IdEj_Zw1-uw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 6991
etag: "fde259440056930606a16b88e6d87e2edc420bd6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arep.co/api/v1/cn/campaign-account
52.64.21.46201 Created 17 B URL HTTP/1.1 arep.co/api/v1/cn/campaign-account
IP 52.64.21.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f3859e0ace341e8cbdce089aa5b91550
af8d8ddd7dc2b118232a3e413ce6f60b65f1a350
b1a69456d4165e5e6c178de6374b5966c3515270c8b77dc47b4e8a48ed9a71c7
POST /api/v1/cn/campaign-account HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 20
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/YVdBiy/unlock
Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY0LCJpYXQiOjE2NzM5MTI1NjR9.mK4kjhbqQoe-SggSK0dOU4VfdCFNo2UBZUnoDDSs3BY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 201 Created
Server: nginx
Date: Mon, 16 Jan 2023 23:42:46 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 17
Connection: keep-alive
Vary: Accept
X-Auth-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY2LCJpYXQiOjE2NzM5MTI1NjZ9.aj99UOLdLZqZknLOOx3E4v7I3xJEW6i9zrdSs0NrZTg
Set-Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY2LCJpYXQiOjE2NzM5MTI1NjZ9.aj99UOLdLZqZknLOOx3E4v7I3xJEW6i9zrdSs0NrZTg;Path=/;Max-Age=920160;Secure
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type,ETag
Access-Control-Expose-Headers: X-Auth-Token,ETag
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 858008283680ca87da102bf7b125fccc
bb8be336e54bb6b722eef455ff15535b2de9207d
c79b8fb1638811abd6ef35e50a2590c630ba255a25b8417d6ec0739fc1e558fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 843
Cache-Control: max-age=170056
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:46 GMT
Etag: "63c5d2f3-2d7"
Expires: Wed, 18 Jan 2023 22:57:02 GMT
Last-Modified: Mon, 16 Jan 2023 22:42:59 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K7G69W6
216.58.207.200200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K7G69W6
IP 216.58.207.200:0
File type ASCII text, with very long lines (5019)
Hash c3239e8ca1e90f2ea115669dc32b3310
88abb41f10bade41150d16f32018a86addb169da
6f7f32cde556281caa588fb2e2a826764b67b6874ae25e41eeea687f22d3be8f
GET /gtm.js?id=GTM-K7G69W6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 23:42:46 GMT
expires: Mon, 16 Jan 2023 23:42:46 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 1fb40802-d4c1-4dd7-9b51-157038cfc440
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIhZHLgIAMFyEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c2546f-5485f4c22c8e32797201f6e9;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:06:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e0iFkBZy-CLm3jTIFapUPxWCZwykC7ayz-pdR6dqlRlKinoQFoODOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 18:39:50 GMT
age: 18176
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEQFF7JC77UA35R5C1E0&lib=ttq
23.36.79.17200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEQFF7JC77UA35R5C1E0&lib=ttq
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2359)
Hash f93213ca31d0e512b7eac9bcb83bc353
d750f84cce430bf94054fcab5015e08ea2b5af4e
98f2b6e110858729d0218139115f079d951fd84c75107d32290aff1462e24357
GET /i18n/pixel/events.js?sdkid=CEQFF7JC77UA35R5C1E0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230116234246910C6489D3785F74C7E2
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf605c931182f530d4a1d60831afa5ad6e860d3546b18ce2f56f2e9655cb1bdc00c25f79d492589e5129d0c5b0752d54a6f63ae2ce6baca8ed3ab4eb14e8dd15259c5985983f3a6ec8e00d047e56b15f38730e7821fa9f326778c24c413fd4984aa0
content-encoding: gzip
content-length: 1158
x-origin-response-time: 10,23.201.31.156
x-akamai-request-id: 1a1082c.7c01a27e
expires: Mon, 16 Jan 2023 23:42:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 16 Jan 2023 23:42:46 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KQhA4XxBNf1ZyhgFLOxSl0SLXt; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-201-31-156.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=10, inner; dur=3
x-parent-response-time: 117,23.36.79.13
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js
23.36.79.17200 OK 70 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash e470cdee4fb19533b3076cf5e6445ff0
3fa761e875d60e55f5464f0cee6207bca0d2cbed
e7fa855a1d974007175332f96be3ec95d6c6b94f7f4180dac64e4cf7d3d7115a
GET /i18n/pixel/static/main.MWE2YWY2YTgzMQ.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Cookie: _ttp=2KQhA4XxBNf1ZyhgFLOxSl0SLXt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175829D91E25D7003EA9A803DC
x-tt-trace-host: 01f6175df718ab226765794aaab21df67154f0b53b7f693af896ad93db0deb0ef832d63bb31438f0c5e0aa4878e941bb88c0976593910f5ab417b5ca255605e18e5e0fd52686d843afbd593b8bd0d366fe4ffb20082da9c196e6db1f01a9ce8992
content-encoding: gzip
content-length: 70411
date: Mon, 16 Jan 2023 23:42:46 GMT
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 7c01a358
X-Firefox-Spdy: h2
arep.co/api/v1/cn/campaign-fan/6255
52.64.21.46200 OK 889 B URL HTTP/1.1 arep.co/api/v1/cn/campaign-fan/6255
IP 52.64.21.46:0
File type JSON data\012- , ASCII text, with very long lines (1700), with no line terminators
Hash 1ada373506a73ff0f6125901e9908f88
b943b4e87faf56d3575008d5ed7d029e2e9bc896
43779d712b7ecae3b25f04921fb55859cb907775318df3c9f32ed501fd1f560a
GET /api/v1/cn/campaign-fan/6255 HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/YVdBiy/unlock
Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY2LCJpYXQiOjE2NzM5MTI1NjZ9.aj99UOLdLZqZknLOOx3E4v7I3xJEW6i9zrdSs0NrZTg; mp_f69a408e00c65bd7df6a80939c06bc7a_mixpanel=%7B%22distinct_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24device_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 23:42:46 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type,ETag
Access-Control-Expose-Headers: X-Auth-Token,ETag
Content-Encoding: gzip
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEQFF7JC77UA35R5C1E0&lib=ttq
23.36.79.17200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEQFF7JC77UA35R5C1E0&lib=ttq
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2359)
Hash 325d855ebb8b77ca7312b530b5c5d31d
f9f6ef576ca0106a91cfef0ac2ff004c72b03e73
9e3ead50efed4c51441d33c21f0961d43d7ae3fb306a81929800dfe9d4836bfd
GET /i18n/pixel/events.js?sdkid=CEQFF7JC77UA35R5C1E0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202301162342460B8BBDD8B190F8716B4D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5059ee65cc3fdbb1df654659639282939a5ca237b1abf72981399cc9ebe5deb0e19befcbe0abce2ead1f451913a42c2cf6062a59d166d37316c875cf61374507c1024bca697f269ad0ced79e8afb9a8a9
content-encoding: gzip
content-length: 1160
x-origin-response-time: 11,23.218.223.9
x-akamai-request-id: 2bde62d.7c01a34b
expires: Mon, 16 Jan 2023 23:42:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 16 Jan 2023 23:42:46 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KQhA00zT4pkRt2o3F3bZIim6tB; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-9.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=10, inner; dur=3
x-parent-response-time: 111,23.36.79.13
X-Firefox-Spdy: h2
cdn.arep.co/fonts/Graphik/Graphik-Regular-Web.woff2
54.230.111.58200 OK 30 kB URL HTTP/2 cdn.arep.co/fonts/Graphik/Graphik-Regular-Web.woff2
IP 54.230.111.58:0
File type Web Open Font Format (Version 2), TrueType, length 30241, version 1.0\012- data
Hash 3360447f6bf82bef8bf8234d4d60f494
c1f1f25814f684082844abe29ed066a65db8f9bb
c0aff37dfc576576f78bd55948e4251dc6986f88c058369e0212387ff52efb7e
GET /fonts/Graphik/Graphik-Regular-Web.woff2 HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://arep.co
Connection: keep-alive
Referer: https://cdn.arep.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 30241
date: Mon, 16 Jan 2023 07:47:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 08 Nov 2022 02:57:05 GMT
etag: "3360447f6bf82bef8bf8234d4d60f494"
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PjxcajQpPicbkjn5O0Z4OtGAswG71T4xJZen8WqqAe59IUo8IA28wQ==
age: 57316
X-Firefox-Spdy: h2
cdn.arep.co/fonts/Graphik/Graphik-Medium-Web.woff2
54.230.111.58200 OK 33 kB URL HTTP/2 cdn.arep.co/fonts/Graphik/Graphik-Medium-Web.woff2
IP 54.230.111.58:0
File type Web Open Font Format (Version 2), TrueType, length 33401, version 1.0\012- data
Hash ae4a5ff7da4a141f4c396cfb6cae8e2e
fe3332c7e2d3ec5f93071f107d74e3a986afcedd
57a9cc40cbf28d1d0a01679a4f8683fb5a57d0fabfac3c4532610698d518ae5c
GET /fonts/Graphik/Graphik-Medium-Web.woff2 HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://arep.co
Connection: keep-alive
Referer: https://cdn.arep.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 33401
date: Mon, 16 Jan 2023 07:47:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 08 Nov 2022 02:57:05 GMT
etag: "ae4a5ff7da4a141f4c396cfb6cae8e2e"
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ejEY639rbUEG4bgKSE7RMLZx4IWewNhzTv4l3NeMVv3fI86ZifHQgw==
age: 57316
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
23.36.79.17200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Cookie: _ttp=2KQhA00zT4pkRt2o3F3bZIim6tB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
content-length: 30917
date: Mon, 16 Jan 2023 23:42:46 GMT
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 7c01a497
X-Firefox-Spdy: h2
media-assets.arep.co/promoter/9753/a3b47611-7141-4080-bc93-04e3a191b992-campaign-image.png
54.230.111.13200 OK 424 kB URL HTTP/2 media-assets.arep.co/promoter/9753/a3b47611-7141-4080-bc93-04e3a191b992-campaign-image.png
IP 54.230.111.13:0
File type PNG image data, 1200 x 628, 8-bit/color RGBA, non-interlaced\012- data
Size 424 kB (424478 bytes)
Hash fbc2586fda2e9ccc1b1d161b14332016
47efb1a11d4a1acea73c18270cfcc5b93ac2c507
43e864cd6f6da5a9dd42516771929f8b149c306f8d33cd2b56c6f255f22c26a4
GET /promoter/9753/a3b47611-7141-4080-bc93-04e3a191b992-campaign-image.png HTTP/1.1
Host: media-assets.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Cookie: mp_f69a408e00c65bd7df6a80939c06bc7a_mixpanel=%7B%22distinct_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24device_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.1229877580.1673912567; _ga_6L6KQ6S8T1=GS1.1.1673912566.1.0.1673912566.60.0.0; _ga=GA1.1.1366570544.1673912567
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/png
content-length: 424478
last-modified: Mon, 09 Jan 2023 21:37:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 16 Jan 2023 23:19:07 GMT
etag: "fbc2586fda2e9ccc1b1d161b14332016"
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CeZR7UBePr3Au2flCLijsnheWS6Ig7VgDeLf3jhbYtb2ExrRmPwh3A==
age: 4994
X-Firefox-Spdy: h2
arep.co/api/v1/cn/campaign-page-view
52.64.21.46201 Created 444 B URL HTTP/1.1 arep.co/api/v1/cn/campaign-page-view
IP 52.64.21.46:0
File type JSON data\012- , ASCII text, with very long lines (444), with no line terminators
Hash 5f88c54f4d095f73d109ffa9f199693a
6868e3be570232e369641d0cc32b7272b8cd2641
c33f4c5f4f3057ad4efa86e555cacd14146ffe3d8afd247fdf046514613cfa50
POST /api/v1/cn/campaign-page-view HTTP/1.1
Host: arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 52
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/YVdBiy/unlock
Cookie: _ar_fan_auth_token_=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyLXJlY29yZC1zdHJpbmciOiJ7OmFjY291bnQtaWQgMjE0NTMyMjc4LCA6YWNjb3VudC10eXBlIFwiRkFOXCJ9IiwiY2xpZW50LWlkZW50aXR5Ijoie1wiYWNjb3VudElkXCI6MjE0NTMyMjc4LFwiYWNjb3VudFR5cGVcIjpcIkZBTlwifSIsIm1hc3F1ZXJhZGVyLXJlY29yZC1zdHJpbmciOm51bGwsImF1dGgtc2NoZW1lIjoibG9naW4iLCJzdWIiOjIxNDUzMjI3OCwiZXhwIjoxNzI5MTIyMTY2LCJpYXQiOjE2NzM5MTI1NjZ9.aj99UOLdLZqZknLOOx3E4v7I3xJEW6i9zrdSs0NrZTg; mp_f69a408e00c65bd7df6a80939c06bc7a_mixpanel=%7B%22distinct_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24device_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.1229877580.1673912567; _ga_6L6KQ6S8T1=GS1.1.1673912566.1.0.1673912566.60.0.0; _ga=GA1.1.1366570544.1673912567
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 201 Created
Server: nginx
Date: Mon, 16 Jan 2023 23:42:46 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 444
Connection: keep-alive
Vary: Accept
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type,ETag
Access-Control-Expose-Headers: X-Auth-Token,ETag
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 770
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/
Cookie: _ttp=2KQhA00zT4pkRt2o3F3bZIim6tB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230116234247ACF2D3CBFD4DE77B7587
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b52fad04d775d71aaf3031073095da04e5cb8893b9c1d9d2111c9e39aff5f13f40c9fedd14ed490c19190eeb33a9efbcd7147da36e590eda7bf6a9920d5dfb8288330710fdf61d0fb1eadd7e0292a9a200
x-origin-response-time: 29,23.218.223.13
x-akamai-request-id: 447cd4d9.7c01a4b8
expires: Mon, 16 Jan 2023 23:42:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 16 Jan 2023 23:42:47 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-218-223-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=29, inner; dur=16
x-parent-response-time: 132,23.36.79.13
X-Firefox-Spdy: h2
media-assets.arep.co/promoter/9753/9851d781-10de-4bbf-961e-bcf73dd6e262-prize-image.png
54.230.111.13200 OK 429 kB URL HTTP/2 media-assets.arep.co/promoter/9753/9851d781-10de-4bbf-961e-bcf73dd6e262-prize-image.png
IP 54.230.111.13:0
File type PNG image data, 1200 x 628, 8-bit/color RGBA, non-interlaced\012- data
Size 429 kB (428961 bytes)
Hash c40f1e88a6075bb0b52cf3f34876ff1e
318eb1324e8883d0f6c9100c6bae5ef6bcc76162
fc9f94627c0dbe3d4b38253acb128c396b5014ea8f97abf1e07e5ce8a2322367
GET /promoter/9753/9851d781-10de-4bbf-961e-bcf73dd6e262-prize-image.png HTTP/1.1
Host: media-assets.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Cookie: mp_f69a408e00c65bd7df6a80939c06bc7a_mixpanel=%7B%22distinct_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24device_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.1229877580.1673912567; _ga_6L6KQ6S8T1=GS1.1.1673912566.1.0.1673912566.60.0.0; _ga=GA1.1.1366570544.1673912567; _tt_enable_cookie=1; _ttp=HTqtb7Ji6K5rG5_qr4YITq2a243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 428961
last-modified: Mon, 09 Jan 2023 21:37:36 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 16 Jan 2023 22:19:33 GMT
etag: "c40f1e88a6075bb0b52cf3f34876ff1e"
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F61duq5w4hO21xXEk--9aEpJ9ZWeUleRhGuAootQd3aph3yU595N4A==
age: 4995
X-Firefox-Spdy: h2
media-assets.arep.co/promoter/9753/6b2d9f5b-2308-4d31-8d16-f6b95f9830d4-prize-image.png
54.230.111.13200 OK 421 kB URL HTTP/2 media-assets.arep.co/promoter/9753/6b2d9f5b-2308-4d31-8d16-f6b95f9830d4-prize-image.png
IP 54.230.111.13:0
File type PNG image data, 1200 x 628, 8-bit/color RGBA, non-interlaced\012- data
Size 421 kB (421023 bytes)
Hash 7039d7a493e3a5e5fd4ec033b979ad9b
b7a576ab66d2b03e8897c86bf249ec896afc2f2f
833f136d4b8a30a3fe8f7fdc7791f41a0bd56c5f032da01d49188c99ee2bee30
GET /promoter/9753/6b2d9f5b-2308-4d31-8d16-f6b95f9830d4-prize-image.png HTTP/1.1
Host: media-assets.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Cookie: mp_f69a408e00c65bd7df6a80939c06bc7a_mixpanel=%7B%22distinct_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24device_id%22%3A%20%22185bcf6c2babe-04b2b57d5135cd-c505425-140000-185bcf6c2bb47%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.1229877580.1673912567; _ga_6L6KQ6S8T1=GS1.1.1673912566.1.0.1673912566.60.0.0; _ga=GA1.1.1366570544.1673912567; _tt_enable_cookie=1; _ttp=HTqtb7Ji6K5rG5_qr4YITq2a243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 421023
date: Mon, 16 Jan 2023 06:10:10 GMT
last-modified: Mon, 09 Jan 2023 21:37:44 GMT
etag: "7039d7a493e3a5e5fd4ec033b979ad9b"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g9mIRr7qVngrQvD2hqY2tqwD4H606r_-n4g8MydO788UQQwmv6GYPQ==
age: 63158
X-Firefox-Spdy: h2
arep-ui-cdn.arep.co/1.0.0/fonts/Graphik-Medium.woff2
54.230.111.65200 OK 37 kB URL HTTP/2 arep-ui-cdn.arep.co/1.0.0/fonts/Graphik-Medium.woff2
IP 54.230.111.65:0
File type Web Open Font Format (Version 2), TrueType, length 36992, version 1.0\012- data
Hash 8209b58fb591ea988389291a97e4d232
cd8d57cb8fabbefd2f71dd9ab61e93b8722741f2
65abe0fc15bbb17b4fa09fa806f2c22c5f78e004c95bb8272e5c84f0b128a495
GET /1.0.0/fonts/Graphik-Medium.woff2 HTTP/1.1
Host: arep-ui-cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://arep.co
Connection: keep-alive
Referer: https://cdn.arep.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 36992
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, HEAD
last-modified: Tue, 13 Oct 2020 05:55:38 GMT
server: AmazonS3
date: Mon, 16 Jan 2023 06:43:30 GMT
etag: "8209b58fb591ea988389291a97e4d232"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BPR3c931aOKs0KRAFOTklbqY7wTT1XsSmLQFsyRzsSeePTsxfuhnZQ==
age: 61158
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 772
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/
Cookie: _ttp=2KQhA00zT4pkRt2o3F3bZIim6tB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301162342474A6226464D9E216FD415
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5b501a333512f376f39afdfef8f37727838cc7eaedb54494cb0eef7ac96dbb00fe33fe1a9fd22fdf9a6273f02a1155f4bbbe2d2a8688b79879d55cb3b4cf4a174a97229b5545d0fdad7e421e365d417fa
x-origin-response-time: 109,23.218.223.15
x-akamai-request-id: 119628f7.7c01a4ba
expires: Mon, 16 Jan 2023 23:42:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 16 Jan 2023 23:42:47 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=109, inner; dur=106
x-parent-response-time: 213,23.36.79.13
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0988e06d2698db0b1a5bcadbadba234a
515ca060583e340fec230fcf8e758352f4bc10a8
1a0dc461032c28c3e0e71daec9b2296e5b5c089e22785e7d7bee505d71e40127
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2607
Cache-Control: max-age=121042
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Etag: "63c50c9a-1d7"
Expires: Wed, 18 Jan 2023 09:20:09 GMT
Last-Modified: Mon, 16 Jan 2023 08:36:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
s.adroll.com/j/roundtrip.js
143.204.55.75200 OK 18 kB URL HTTP/1.1 s.adroll.com/j/roundtrip.js
IP 143.204.55.75:0
File type ASCII text, with very long lines (1139)
Hash b412d434bb00b5f2bbd6122e81ed2316
bb441865849fd9f6924bf49a522d40fee3131c97
0ee56a3fd135b671fc20b9b3f1422fee39f0bb0566dd7a13b7dc056383feda9c
GET /j/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 23:42:59 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: c46bE.9L1VPpk_2fDbiTiDKy4ZYsGJxp
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 16 Jan 2023 23:30:29 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"921666262b2234d4a4d129d30750823f"
Vary: Accept-Encoding
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
Age: 779
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C__N7MyvuNzszpojILZmfs9jwAx2GaNPDd5gaePc3DkLqnI0WR4-8w==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0988e06d2698db0b1a5bcadbadba234a
515ca060583e340fec230fcf8e758352f4bc10a8
1a0dc461032c28c3e0e71daec9b2296e5b5c089e22785e7d7bee505d71e40127
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2607
Cache-Control: max-age=121042
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Etag: "63c50c9a-1d7"
Expires: Wed, 18 Jan 2023 09:20:09 GMT
Last-Modified: Mon, 16 Jan 2023 08:36:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
cdn.arep.co/6ca5805.js
54.230.111.58200 OK 151 kB IP 54.230.111.58:0
File type Unicode text, UTF-8 text, with very long lines (65309), with no line terminators
Size 151 kB (151117 bytes)
Hash 3e0541dd84af4292cf702eb307313586
a463152fee2ac870c639743a4bf27053598ca22f
1f5d65f1821075be95c80e99d39cfbb20fd205216af64f13106342f5d6813a6b
GET /6ca5805.js HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 03:09:21 GMT
cache-control: max-age=31104000
last-modified: Tue, 08 Nov 2022 02:57:02 GMT
etag: W/"bf02dc7aa770062438f1ad9d7ce8cf8a"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5NIVwxy1GVf46bYowRC7i_K2wupOWoHudz_tbufVpp1ztONg7kigPw==
age: 6035605
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0cd18c4a19cce4db4c1ee660e9a0a967
a60b429532788a57a53e8674de365ddd84fcf3e4
878401e98ec0ea4de88dad035d00618a4d3f382329f326711f3916b4325aab88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: obqA9TVsRkeOVR5WyBQs5dTKvPbHOI7QOTFQe7UkTvuZZjytLiqqq2t0Kzc3LbJ0DSz3mUNzJ/2mWGVXoAM3BQ==
content-length: 27815
x-fb-trip-id: 2050670934
date: Mon, 16 Jan 2023 23:42:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.arep.co/1954a23.js
54.230.111.58200 OK 249 kB IP 54.230.111.58:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (65485)
Size 249 kB (248669 bytes)
Hash 0138ab2683e98fe49bf1d22f4a7aa631
651f81a2eed8cc96a145a6f0fae34d41bc79d300
b9afcc4eedb1d92736dcedd60b377fdfd08a34cf343346623a04d11e50f13c3d
GET /1954a23.js HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 03:09:20 GMT
cache-control: max-age=31104000
last-modified: Tue, 08 Nov 2022 02:57:02 GMT
etag: W/"ac05614c5e0dda5915ac7a28cb7c7c60"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eq7FyfLKe6Haei4E3_fCZVpizF6N8kzZSH28P1sZeXqkkBIg2nWcfQ==
age: 6035606
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9c27cc551532f9424a9c944b490c3c45
1da7d84941c2ac6ffe4dfdf044d96c5b07d38b11
ae4dcb0d9d7fd53177cefc7d6c4c4101af88a85a2970a4693b33217d8dfdcf48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.adroll.com/j/pre/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO/index.js
143.204.55.75200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO/index.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 22:29:02 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: OXS6WoCrVacfBb6wVdZSg3uu4crxSnJS
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 16 Jan 2023 23:19:07 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
Age: 2834
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RT2NBsAPB7NFr7P_u4NoUwlPL9IfTCvfCSTBogFkAXABXiH1qav1TQ==
s.adroll.com/j/pre/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO/fpconsent.js
143.204.55.75302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/pre/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO/fpconsent.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO/fpconsent.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Mon, 16 Jan 2023 12:01:00 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
Age: 42107
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wq8N-vJ9x9Ey7dR62mcsUU7F7wpCIUYsjVd-g5MtN9k6YkJD_hnwbg==
s.adroll.com/j/exp/OO34ZDJ3MVDALF3UYRBB6W/index.js
143.204.55.75302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/OO34ZDJ3MVDALF3UYRBB6W/index.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/OO34ZDJ3MVDALF3UYRBB6W/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Mon, 16 Jan 2023 07:52:03 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
Age: 57043
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K7gaCgOE9jFIE9dWgn6LfUTI6ZQnOU0l-UWhLzgtCanfn-jLXw7QrA==
googleads.g.doubleclick.net/pagead/viewthroughconversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&ct_cookie_present=1
172.217.21.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&ct_cookie_present=1
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Jan-2023 23:57:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=355438948&t=pageview&_s=1&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&ul=en-us&de=UTF-8&dt=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=2096705868&gjid=632066625&cid=1366570544.1673912567&tid=UA-91177118-2&_gid=748008152.1673912567&_r=1&_slc=1>m=2wg1a1PHDLGCL&z=449423607
142.250.74.46200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=355438948&t=pageview&_s=1&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&ul=en-us&de=UTF-8&dt=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=2096705868&gjid=632066625&cid=1366570544.1673912567&tid=UA-91177118-2&_gid=748008152.1673912567&_r=1&_slc=1>m=2wg1a1PHDLGCL&z=449423607
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=355438948&t=pageview&_s=1&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&ul=en-us&de=UTF-8&dt=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=2096705868&gjid=632066625&cid=1366570544.1673912567&tid=UA-91177118-2&_gid=748008152.1673912567&_r=1&_slc=1>m=2wg1a1PHDLGCL&z=449423607 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://arep.co
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0988e06d2698db0b1a5bcadbadba234a
515ca060583e340fec230fcf8e758352f4bc10a8
1a0dc461032c28c3e0e71daec9b2296e5b5c089e22785e7d7bee505d71e40127
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2607
Cache-Control: max-age=121042
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Etag: "63c50c9a-1d7"
Expires: Wed, 18 Jan 2023 09:20:09 GMT
Last-Modified: Mon, 16 Jan 2023 08:36:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6L6KQ6S8T1&cid=1366570544.1673912567>m=2oe1a1&aip=1&z=1513329794
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6L6KQ6S8T1&cid=1366570544.1673912567>m=2oe1a1&aip=1&z=1513329794
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6L6KQ6S8T1&cid=1366570544.1673912567>m=2oe1a1&aip=1&z=1513329794 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.2258f2bad9aa53d2a0c2.js
143.204.55.46200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.2258f2bad9aa53d2a0c2.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (47958)
Hash 8b2164bedd368c1837c7e4740cf4a11d
c6c175da5a097facb732f957317109d6d543027c
ca0c50638ea183d9dd38b303682f1e2ca6307e1b8a7a5dbdae919d8ef4793f61
GET /modules.2258f2bad9aa53d2a0c2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69014
date: Mon, 16 Jan 2023 11:14:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8b2164bedd368c1837c7e4740cf4a11d"
last-modified: Mon, 16 Jan 2023 11:14:05 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tlHgwRtN6EnHlJlSR_4cuWBntYv8gtE6k30AYxSThednCWrW9-Zv3g==
age: 44921
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=73ef95a1139dde116c7049a8273cc0a0
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=73ef95a1139dde116c7049a8273cc0a0
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash b7fd6a1690e496033e44d688d1a084d7
bb43d45fae9b645630e4b67711cd761c98928cd7
7385c8ee6d3555c082f902cf07c2a055a79c67b16990616221bb87fd4a9331e4
GET /en_US/sdk.js?hash=73ef95a1139dde116c7049a8273cc0a0 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7dbc6cae253eb4a6302880d7683dc687
etag: "897fc263c6e2668cf212043e3ec44b2b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 16 Jan 2024 21:34:10 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: t/1qFpDklgM+RNaI0aCE1w==
x-fb-debug: wyEl4CUpoYus/uJEKAPjeHOtSbjaqq5uwjNJeFJF0X5J7NWWY1Y4tCPO8JtPYZdBSvTYvPBammrluXBX9L8xrA==
priority: u=3,i
content-length: 88413
x-fb-trip-id: 2050670934
date: Mon, 16 Jan 2023 23:42:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s.adroll.com/j/exp/index.js
143.204.55.75200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.75:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arep.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 16 Jan 2023 15:04:53 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
Age: 31075
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pGiGv5VVs1CGxmbkJ98MCGqzlfmOET-Al09YHoooILb2Vk4wsjqchA==
www.google.no/pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/11059160986/?random=1673912566565&cv=11&fst=1673912566565&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=FwqRCJ-4_YYYEJrPtZkp&hn=www.google.com&frm=0&url=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&tiba=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&value=0&bttype=purchase&auid=1229877580.1673912567&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arep.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 80da883a1386f667df455f7dfb950534
b416dcd104aaacd43ced31fa12f28fb1bfec0c5e
7c6916978782fdd9c1cd9511489caa40fd221aaac55eaf914b6e61362690892b
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88622
Date: Mon, 16 Jan 2023 23:42:47 GMT
Etag: "63c47e90-1d7"
Expires: Wed, 18 Jan 2023 00:19:49 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:40 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kz_75gKCCTCSqLrDYjkf73mynd07eCuwTngny_Z1isL4_wLu3vzIWg==
Age: 6549
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 46016837fa657816c9759b877cfd0a84
a2d7e97f1f2e86c2889af087fbd569177eca7958
4ff15623841a08fe9936578c1d95aeb2a1c5c9942cae7a4881f35f79430a1735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6a0c99efce2ba7294ef4b88e9810c411
90e325963c1355d4c2ab6500689850a2df4c419f
957f138460650b9cecf197fb62ec2b92fae42eb5d9d431a348f8f518470612c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-6L6KQ6S8T1>m=2oe1a1&_p=355438948&_gaz=1&cid=1366570544.1673912567&ul=en-us&sr=1280x1024&_s=1&sid=1673912566&sct=1&seg=0&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&dt=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-6L6KQ6S8T1>m=2oe1a1&_p=355438948&_gaz=1&cid=1366570544.1673912567&ul=en-us&sr=1280x1024&_s=1&sid=1673912566&sct=1&seg=0&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&dt=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6L6KQ6S8T1>m=2oe1a1&_p=355438948&_gaz=1&cid=1366570544.1673912567&ul=en-us&sr=1280x1024&_s=1&sid=1673912566&sct=1&seg=0&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&dt=Snow%20Machine%20Queenstown%3A%20Register%20for%20Presale%20Access%20%26%20WIN%20a%20trip%20for%202%20to%20Queenstown!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://arep.co
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Sat, 03 Dec 2022 04:42:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y5QK12wRjZxQH9c2MDhr4YgoIDae7JfEI4TgwgIgjkg0metg-Lq8Lw==
age: 3870045
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0cd18c4a19cce4db4c1ee660e9a0a967
a60b429532788a57a53e8674de365ddd84fcf3e4
878401e98ec0ea4de88dad035d00618a4d3f382329f326711f3916b4325aab88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9c27cc551532f9424a9c944b490c3c45
1da7d84941c2ac6ffe4dfdf044d96c5b07d38b11
ae4dcb0d9d7fd53177cefc7d6c4c4101af88a85a2970a4693b33217d8dfdcf48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-6L6KQ6S8T1&cid=1366570544.1673912567>m=2oe1a1&aip=1
173.194.222.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-6L6KQ6S8T1&cid=1366570544.1673912567>m=2oe1a1&aip=1
IP 173.194.222.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6L6KQ6S8T1&cid=1366570544.1673912567>m=2oe1a1&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://arep.co
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://arep.co
date: Mon, 16 Jan 2023 23:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d.adroll.com/ipixel/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO?name=ed122c3c
52.48.135.24200 OK 42 B URL HTTP/2 d.adroll.com/ipixel/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO?name=ed122c3c
IP 52.48.135.24:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ipixel/OO34ZDJ3MVDALF3UYRBB6W/TP7FSYIOQNGTNAVQNCUWHO?name=ed122c3c HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 23:42:47 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-transform,public,max-age=300,s-maxage=900
vary: Cookie
X-Firefox-Spdy: h2
d.adroll.com/consent/check/OO34ZDJ3MVDALF3UYRBB6W?pv=31774960982.36999&arrfrr=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&_s=9124311d2e054e9cc88670bbfb269c7f&_b=2
52.48.135.24200 OK 462 B URL HTTP/2 d.adroll.com/consent/check/OO34ZDJ3MVDALF3UYRBB6W?pv=31774960982.36999&arrfrr=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&_s=9124311d2e054e9cc88670bbfb269c7f&_b=2
IP 52.48.135.24:0
File type ASCII text, with very long lines (462), with no line terminators
Hash 42f4f967ab3d3b0677442d24c61c5427
511cb590178831c05f9a00cbca37f8dd5800f6af
19ba231467ea1d3e47295bce48f8f9a015d4271cdc3a6770d2617dc2a28a063c
GET /consent/check/OO34ZDJ3MVDALF3UYRBB6W?pv=31774960982.36999&arrfrr=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&_s=9124311d2e054e9cc88670bbfb269c7f&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 23:42:47 GMT
content-type: application/javascript
content-length: 462
server: nginx/1.22.0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 46016837fa657816c9759b877cfd0a84
a2d7e97f1f2e86c2889af087fbd569177eca7958
4ff15623841a08fe9936578c1d95aeb2a1c5c9942cae7a4881f35f79430a1735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 23:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1334132337387246&ev=Lead&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567576&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1673912567571.1231114722&it=1673912567307&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1334132337387246&ev=Lead&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567576&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1673912567571.1231114722&it=1673912567307&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1334132337387246&ev=Lead&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567576&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1673912567571.1231114722&it=1673912567307&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Jan 2023 23:42:47 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=614766965379897&ev=fb_page_view&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567552&sw=1280&sh=1024&at=
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=614766965379897&ev=fb_page_view&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567552&sw=1280&sh=1024&at=
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=614766965379897&ev=fb_page_view&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567552&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Jan 2023 23:42:47 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1334132337387246&ev=PageView&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567572&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673912567571.1231114722&it=1673912567307&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1334132337387246&ev=PageView&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567572&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673912567571.1231114722&it=1673912567307&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1334132337387246&ev=PageView&dl=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&rl=&if=false&ts=1673912567572&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673912567571.1231114722&it=1673912567307&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Jan 2023 23:42:47 GMT
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=614766965379897&input_token&origin=1&redirect_uri=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&sdk=joey&wants_cookie_data=true
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=614766965379897&input_token&origin=1&redirect_uri=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&sdk=joey&wants_cookie_data=true
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=614766965379897&input_token&origin=1&redirect_uri=https%3A%2F%2Farep.co%2FYVdBiy%2Funlock&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://arep.co/
Origin: https://arep.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://arep.co
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: esgCQKZk7LQtC3tHR07H6smSuF3+kmQMwZH8AzcJ6AAeNge00XAdPEYCJnJsIzTGiQczBlTGEzviCA5H2tQrJw==
content-length: 0
date: Mon, 16 Jan 2023 23:42:47 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-672735.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-672735.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-672735.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 16 Jan 2023 23:42:02 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/66e37edea76b63ffa176afb769dea6ee
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OG5UoJbpd0RcRFYW0AKRJ-m1gtD3XFUqkKTYReBAJEKEki--muSjcQ==
age: 45
X-Firefox-Spdy: h2
cdn.arep.co/vendors/app.c41746f.css
54.230.111.58200 OK 0 B URL HTTP/2 cdn.arep.co/vendors/app.c41746f.css
IP 54.230.111.58:0
GET /vendors/app.c41746f.css HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
date: Tue, 08 Nov 2022 03:09:20 GMT
cache-control: max-age=31104000
last-modified: Tue, 08 Nov 2022 02:57:03 GMT
etag: W/"b5fd57ea75c40271af205a84849d64b2"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5dLyWfvjCezKkrkicj5OJvDAVmwxqOAyLdEdEF0bEWdSzjbisOv9Lg==
age: 6035605
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/1334132337387246?v=2.9.92&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/1334132337387246?v=2.9.92&r=stable
IP 31.13.72.12:0
GET /signals/config/1334132337387246?v=2.9.92&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: BkjrnrqKr85zLjXcIzsSGQ0UGYzYEA5wXzCGXIXTM+gYN3Cdic15TQclU4Dqd1mclcfe5OGgYySrsGNh/Iv0eQ==
x-fb-trip-id: 2050670934
date: Mon, 16 Jan 2023 23:42:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.arep.co/b1997ae.js
54.230.111.58200 OK 0 B IP 54.230.111.58:0
GET /b1997ae.js HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 03:09:20 GMT
cache-control: max-age=31104000
last-modified: Tue, 08 Nov 2022 02:57:02 GMT
etag: W/"d3f3217a3779d37e92217b12b81acad6"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IHC3AmvtDP2pNdgzScJWZ3evS5TdtJoPTUkEa9oJyYstmYQzC0rzjQ==
age: 6035606
X-Firefox-Spdy: h2
cdn.arep.co/app.50909fe.css
54.230.111.58200 OK 0 B URL HTTP/2 cdn.arep.co/app.50909fe.css
IP 54.230.111.58:0
GET /app.50909fe.css HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
date: Tue, 08 Nov 2022 03:09:21 GMT
cache-control: max-age=31104000
last-modified: Tue, 08 Nov 2022 02:57:02 GMT
etag: W/"0c9c53225dc6d5cf4664e67d1562f4de"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j39DQ6bFzlTgYSyFWHh-fzBFG4rgc3vD5SdIej1QyRfAl1KXrbV1KA==
age: 6035605
X-Firefox-Spdy: h2
cdn.arep.co/75abacb.js
54.230.111.58200 OK 0 B IP 54.230.111.58:0
GET /75abacb.js HTTP/1.1
Host: cdn.arep.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arep.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 03:09:21 GMT
cache-control: max-age=31104000
last-modified: Tue, 08 Nov 2022 02:57:02 GMT
etag: W/"865b932e6156f00c092105a75adc390c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fkvUPpafg3Nr7DAV0953eydG1eBktR7qhTaLvxZSSkrCZP_rrKobRg==
age: 6035605
X-Firefox-Spdy: h2