r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Wed, 25 Jan 2023 06:23:10 GMT
Date: Wed, 25 Jan 2023 01:52:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12794
Expires: Wed, 25 Jan 2023 05:25:51 GMT
Date: Wed, 25 Jan 2023 01:52:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 01:35:08 GMT
content-type: application/json
age: 1049
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16407
Expires: Wed, 25 Jan 2023 06:26:04 GMT
Date: Wed, 25 Jan 2023 01:52:37 GMT
Connection: keep-alive
www.castprivate.shop/Iguah/csvsre4112uodsu/Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
200 OK 523 B URL HTTP/1.1 www.castprivate.shop/Iguah/csvsre4112uodsu/Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 792e625c53cea9ca455e84f14f0ea9c9
da443a88f2f532f0ea241c969518ca6d423d2e94
e2f1570702e8b2f5af6be44847a302d73457e724d2a87f74a39ac57b5649bbd1
Analyzer Verdict Alert fortinet Malware
GET /Iguah/csvsre4112uodsu/Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4%2F6HPIzQl0q84bj7ceDU2E9yWqLVsvQK%2FQkYba8%2B%2Fu1iZ8Yu59HAPXRUccyJ1SeTDD5%2B7F3Lr2DX0FECmIGxzhTb3Q%2F%2Bxh1BXQF0cUQiK0PNPPA6M7%2Fz%2B8AcxTGPV7hYczMvCo3Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78ed5eda3e6bb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N2AAlCzXt8yQ+FIoUb7Izov5vsSbMY9p8Yu07G/G5/1R+NSQeHwYqz18ywFbUdJiFdlNZlFFxyvWziMFibNPwA==
x-amz-request-id: D1XKBSJFZD26YCW6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 01:48:23 GMT
age: 254
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 01:52:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP
File type ASCII text, with very long lines (1759)
Hash 39340e5b8f9ffd6505438caad1d23103
bb343abc505d5faa80c56e0348d26fe458a51561
9e277dd4cfd9130ecd1b6e7a462824eb0c8f8df02b659b15b12656a8587406eb
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 01:52:37 GMT
expires: Wed, 25 Jan 2023 01:52:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 25 Jan 2023 00:34:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 01:17:31 GMT
age: 2107
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3026
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Wed, 25 Jan 2023 01:52:38 GMT
Connection: keep-alive
www.castprivate.shop/jquery-1.11.0.min.js
200 OK 33 kB URL HTTP/1.1 www.castprivate.shop/jquery-1.11.0.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/Iguah/csvsre4112uodsu/Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:59:06 GMT
ETag: W/"63a31f3a-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhUiakFMuztAhozfhY849eZ%2ByQ1O%2BFX5uozTUVNldkYP3T1YfxcjTlSM42tww9cxTmXp240RMQgdSDRddpZnArOf35QyisC3f4HUZajYukO2M38wSX0M%2BGBh7hsStwgWu1wX21wDDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5edcdfa0b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tdq//806GVKwbZZAJ3nKYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jAmbNF9khijyNyixkdq+N7dcNZg=
ocsp.pki.goog/s/gts1p5/KqDZQxiU_c4
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/KqDZQxiU_c4
IP
Hash fb2c53762b9059a04e976b51cf60785b
7ce0562dd22d8c03f9de1e2db59eab65522bf216
6474850bcc7246bfef55dbdced2e48b54333f8a4d412c0466b6a50fc3f4b6101
POST /s/gts1p5/KqDZQxiU_c4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/KqDZQxiU_c4
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/KqDZQxiU_c4
IP
Hash fb2c53762b9059a04e976b51cf60785b
7ce0562dd22d8c03f9de1e2db59eab65522bf216
6474850bcc7246bfef55dbdced2e48b54333f8a4d412c0466b6a50fc3f4b6101
POST /s/gts1p5/KqDZQxiU_c4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
200 OK 14 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16084), with CRLF line terminators
Hash 6e9163b53c01cd2d55434d441bec5cf9
0323527d8c829ccf51fd82f38340dfbb42df6c28
71be5fbb9ecc92585b55a1aaf82765228ec04dcae3089fae706fc8a202fbcd89
GET /clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYQd9eo2QrKfvUYTUMoZTP8mAYrmahVRbn%2BI999rCG6DfQju2hHyv36RiHP4QrCbduYk4kr1t%2FCxaWku0yzAc3BeXELZ368g0XEYT5JOG5cwQuwE56U3I2n3VqbeTuPr4Vdbz8WhuA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78ed5ee3dad2b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fast.wistia.com/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "63d05b97-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 22:28:39 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Jan 2023 01:52:39 GMT
age: 12138
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 101
x-timer: S1674611559.290866,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
www.castprivate.shop/clicks/circaknee_files/modernizr-custom.js
200 OK 1.6 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/modernizr-custom.js
IP
File type ASCII text, with very long lines (4277)
Hash 3b0b7910dbc74a70a84d5aaadd6dd5d8
ede9efa01f4f13ff72a4e0ec38f861fb0038997a
ffceb69c04fb2f1c15b6212bf27ab6a5e40522a273ad49fd3d4a05578f49d2c0
GET /clicks/circaknee_files/modernizr-custom.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-114c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqkuVxcEt407JWLwr30hDhLTvAxPWRcVFh8T7AzT8FPwvGeXcah3IEVr891va2rCWYzmYq7cfytRZGA6PzF%2BkjACzN2qdMA7EJL6PjdlsoaS6JhA9wsH5Rz6AT%2BNfOlF8J9ZL5TUVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee50ec9b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/blueshift.js
200 OK 2.0 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/blueshift.js
IP
File type ASCII text, with very long lines (4246), with no line terminators
Hash e510f0f99cb3baeac9c35553b8aec6f7
af64d1fc4bf5aa002596afa0d3c52a396ff69720
df549f295116025c11a3d9c8c4491963ba4f08ef3b3aa6eaa29542777cac70b1
GET /clicks/circaknee_files/blueshift.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-1096"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keMT9loJ6SXpcPiRdRl8QHwY8b0cGLXiJTkPj3Jy6bVK7e%2BVp1%2BcRYPktouRNxArUUyYN5mIfWETkuvG5Dc5grEkoCpeX2KVesaIpcr4J8z9RAbYCyReXm034gj6xhYsk5SCM5XgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee50d7a1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/css2.css
200 OK 1.1 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/css2.css
IP
Hash 53163eba0cf2d43dc392eca69fc2bfca
6f8c761a3da4e24bf7061f156db65a9f540c9c6f
a06dd967385fb560f7d9cc68fe9c7ee4e9476d33c4f5416d17fd953d1c2b0421
GET /clicks/circaknee_files/css2.css HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-65d2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2esmFjqHa%2BRmqnTnGHtXQvsypQGDU1bjsg3O7pKQy8wFlrwJ8aUXWf%2BPBiS%2FlvBk0SNCH00YWwwz%2BO2MkWCBvMdOP7w4KcjHkE0ioDQpqFHDtJm%2FEL8TOTAKAANWpK6LLpd5bb9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee50aeab4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/blazy.js
200 OK 2.0 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/blazy.js
IP
File type ASCII text, with very long lines (4991)
Hash b8116e5ca2a0e5c405502b6ee3cc25c5
52992193091d2872454ff3015f5d1756fd6b67f0
a7ed5eb0e7d7f08e31b08c515cbd6f491e18583106a549d060f1b4941f85c506
GET /clicks/circaknee_files/blazy.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-1448"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT2W1hYcWpBUDOLhwTrAXEFpeKqjfUA%2BE1A%2Ba4O04A0f4nXVdLTpyZ0Rz6Xhhfk2WN81lhyfbJoeVeyaB1m5S1QOWpuug8S45mELrIBcWjB78KlRswPGYe14Bzl8br9jU%2FhYeE04YA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee6df8fb527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10234
Expires: Wed, 25 Jan 2023 04:43:13 GMT
Date: Wed, 25 Jan 2023 01:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10234
Expires: Wed, 25 Jan 2023 04:43:13 GMT
Date: Wed, 25 Jan 2023 01:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10234
Expires: Wed, 25 Jan 2023 04:43:13 GMT
Date: Wed, 25 Jan 2023 01:52:39 GMT
Connection: keep-alive
www.castprivate.shop/clicks/circaknee_files/jquery-3.js
200 OK 20 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/jquery-3.js
IP
File type ASCII text, with very long lines (54348)
Hash 56fc9633833c473831b8772b20db4222
0f10326f6916de5303c92b3305ddcf3f64717242
0b64c12f01acfbac88bfac17bcfbe537a3be0c50ac7945309ca2a53378c930d6
GET /clicks/circaknee_files/jquery-3.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-d573"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t27crswub4NS8dxIxrZpZBsTgCE4uTdb%2FMdV6uiZbNyDYKxAF3vsznBB%2BZU5yeA3a59qTZ%2BneovUotsNGsDDErEmIoQOSjNOEHdtOCwmtqZCiSm4J3tg%2F1kiXtMSJ7QJVbBCs1ET8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee59b9fb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03ba93e6c29fb268712e33228fa5ee38
2528a659d067ce39b31d5d8a0a9943e313a4caa6
2a3dfcbafd31bfc0cc653f9f43cfa98206334551b8ab76e9ab6d20338c8d6e1c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: dd368937-de20-4e2a-82e3-e82bc20a806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AtgGu3oAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-7efe789a5411c14a74ec327a;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MDBCOwO8k543vmWo7ROvYyqyzju9iJIyGZvMpzHv7VqIoats0p3Nxg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 10:10:42 GMT
age: 56517
etag: "2528a659d067ce39b31d5d8a0a9943e313a4caa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69bdfbe73749ef39d9b9662b547ba853
ee2c14f82ea1e653b993fda0839a32943c5d9f86
21fa51ce61c1dfdc30c28371940f5dfc83127a691e34299ebab70c4bf0d19231
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8806
x-amzn-requestid: 1f9b1ebe-d1d7-44d5-9548-4632b32fbdd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-m3gF29IAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8eb63-297056c14cf56ee52c2c7cd9;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:04:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QAGHqubqMG0F2s7RkDk9nYrus_r5-XOGyIhZCpMiFKfQvGwVfWULsA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 09:24:16 GMT
age: 59303
etag: "ee2c14f82ea1e653b993fda0839a32943c5d9f86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntW_cYMwX6UWInGOxxPlwnV1AJh46X-hiLvwggRz9oa1Yno6jyE51g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 03:28:47 GMT
age: 80632
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 03:32:39 GMT
age: 80400
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: c7064a36-7bb0-42c7-9ee8-9ee798ce8cbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEq3UEjVoAMFipg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb582e-5be2ad2a217f9b4b6834a278;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b4EbiS-go4Yy-UcA4CbKj10TbS6qKgQd6ZgqB3XVyd9ieBPszfx_jw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:47:57 GMT
age: 14682
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7d50173f78bef1429160a353679dd91
695d7913e35a7e086d76c38d7c6f43462b0896df
4c761d1f9fd523750102aea0cce3f8c3cd92918d4c59853415745278292afa4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6231
x-amzn-requestid: 85406169-05a4-4ba9-8a20-5ed2badec48a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEXPmGB_oAMF7Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb38ca-607a23df395511207f5958cd;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 00:58:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tW2UAQbLJC3bGvFrbpeiQSQ8OkUqgIBAY4_vD_cGsfrd5FEIiJtjAw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:51:40 GMT
age: 75659
etag: "695d7913e35a7e086d76c38d7c6f43462b0896df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.castprivate.shop/clicks/circaknee_files/pre-vsl.css
200 OK 2.8 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/pre-vsl.css
IP
File type ASCII text, with very long lines (10514), with no line terminators
Hash a6194a7ab9c22bc59390745f841b48aa
a247bebbd2a37da8e811a7194f9328c84ec56170
a3f25cc361c9d1ac5f237abe450e0795863f6d635a2b54dd731320e24a4ccefc
GET /clicks/circaknee_files/pre-vsl.css HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-2912"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN9yYu%2B5%2F1Qk%2FYP2%2FeR%2BTDtZm%2FOwZuhpSoNeVXj6rpKyF4MYnrybt%2F4PbP5LHHz4szKyiCb%2FicZLm9SOUJyGvJmuJU771IPah8zeR4QLrdp9U6Z45lvWTjd7A5wbc2VC2fnjSFp1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee7abfbb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/ctrwowUtils-v2.js
200 OK 11 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/ctrwowUtils-v2.js
IP
File type ASCII text, with very long lines (33542), with no line terminators
Hash e6bde883be6ad8515c33ef779bd321f7
137f2bf9436f3f892c3e176da7429b171736d52f
9c1c652b9439d825b0a4bb12fc127a9a4b3397c1103becd5b6630541151bb11e
GET /clicks/circaknee_files/ctrwowUtils-v2.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-8306"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5NC26WyW31oyJ4tSRB3WZd85u68SjZY2YCCdcprhF1lF3mBFBrw4e%2Fu1c3y4xMHx8adePslFa%2FvSjnQE%2FOhMo4tj2WA9NUB%2FpEN1cccH427%2FA%2FrwRGl4VpuAzzqwAQ4yhBgQl1anA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee6ddfa1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 05:34:48 GMT
expires: Wed, 24 Jan 2024 05:34:48 GMT
cache-control: public, max-age=31536000
age: 73072
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.castprivate.shop/clicks/circaknee_files/gtm_002.js
200 OK 68 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/gtm_002.js
IP
File type ASCII text, with very long lines (62413)
Hash 6fdc4ea785ec4cc00f67e91ee7b38ba8
72458fb5a66d19067d7c24be9a9c7154925fd964
130d86eb0dbe7b3ec701e78d18f6982db50feffe7597e6241bf045776ed62b7f
GET /clicks/circaknee_files/gtm_002.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-3e9e8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEQUrWukll7xN3Pnx0lv6RmjgFCB0Ac6p55kaQZPFtJkGxC26UgE0TakEMawujV0%2FXx9lWkoqD5TtLhVulU526qHATcxicrS9J%2Fm58kiCVg%2Bv1hgD%2F0D1TfvJXs7V2g5iejsEkkayA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee50b400b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/gtm.js
200 OK 69 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/gtm.js
IP
File type ASCII text, with very long lines (55397)
Hash 5fa1c01b5d91b87b894513a1abe72ebb
165aadc0a4a01222146e4f7281e592532da95796
5d4826e8ff74dba968c57d47d2bbe791508729c389d445abd680e608dbab39d0
GET /clicks/circaknee_files/gtm.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-3a09f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cilxXe%2FL7pnlODM%2Bv5iAvxpSvO5CI4b34yP87FuOk8aKMm93QrHrz1t8JuMngGV2ktTbcjf2r92LYTGI9O4ttGmIEln73WeOzln9ueFlWcHUCP47wTTdDNV1srmgMf1hf6TO6P1KeA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee50ab9fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:33 GMT
expires: Fri, 19 Jan 2024 21:48:33 GMT
cache-control: public, max-age=31536000
age: 446647
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Hash 80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
GET /s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 13:04:23 GMT
expires: Fri, 19 Jan 2024 13:04:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
content-type: font/woff2
age: 478097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.castprivate.shop/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
200 OK 3.0 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
IP
File type ASCII text, with very long lines (8769), with no line terminators
Hash 53c890fc05fb6b6f2ba47d4efb27c270
1ddeb2e7e2457457afd49eb36ca322b8974b4503
f95f367cdc41e82a967eb190867b0a08dea30585fc45c0f4f5dcb43886d752bf
GET /clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-2241"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceUohHk2vqvISZiMQGRs1ifcvte65Wpu75FDzetMwYchutNji15VCWQYhtSSzEauemocUY%2FRjDP6PrHSzFsyhurFL6socitsCnnEKHMRHJM%2F8NjaqT2KXJ%2BhrsaC3ZbCDc7LESzPXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee90d43b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
200 OK 9.3 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
IP
File type ASCII text, with very long lines (30558), with no line terminators
Hash 1db1146a85840c35a9b14adf025fab66
8a96cbb216131380e65e2309ddc95102c4ca40b2
2cc882d7ca1ddde7f0b740d1715427768bb32a4058c613109ab107fb483203a7
GET /clicks/circaknee_files/ctr_heatmap_tracking-v1.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-775e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYsYvcrjVnzIYwoky%2F%2BhAeo7nsOMM%2Fq4a7qa7ZAEfZbRHjSZBLVuD1oqpouEiM3T4vLhNBvrTRXHcwyJ2wmJGcoZ0pLYwHtBGsrq5WgitOQU7iQkgs%2BfrD5hnpStVQqTPAhhft8QtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee96cbcb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/CTR_FP_TRACKING-v2.js
200 OK 12 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/CTR_FP_TRACKING-v2.js
IP
File type ASCII text, with very long lines (41829), with no line terminators
Hash 0295b973fd65376712df8353df786270
08c89d5801568d82ff1a316f444ac89a70138006
065905d0503934ee11aac8cfbfe36c4476c94f93dcaf980367f76030a881b87d
GET /clicks/circaknee_files/CTR_FP_TRACKING-v2.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-a365"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02l0wdUVSRPMWMCx6MLwJTlk%2BErzlD6zeLTdYsd7t6moY%2BdAildeUiwwpmycdTzK8qZ2NCoO9orwrvDzPNE545ZtXorobU3wVNqXIK3Bk3ckLTqTMWsZj1jBp%2FqRlr4ByGs1mZSrqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee8984db527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/ctrwow_analytics.js
200 OK 18 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/ctrwow_analytics.js
IP
File type ASCII text, with very long lines (55555), with no line terminators
Hash b4122018c18e0056422bb66c626070ee
836971bf8615cf908a985bf6307537cb10a84d15
f8ade1457ef938e60eb3f133e0e26dfa9a6eef5e74fa1aff540b12d8fcea41cd
GET /clicks/circaknee_files/ctrwow_analytics.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-d903"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kBKRnQu%2FW53EGsoqgZJvz333Y4ZTdOVHAB5FtQpXzqj1VntWbXxjXgsT1ipFPdaLYpIxxxbebDbdoRrOHlNOPZaIf4QVL%2FLRYrSdxdo0MkIVryuqgOe84SvvPfLMVpGBojyU1XQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ee96ea61c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/E-v1.js
200 OK 154 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/E-v1.js
IP
File type ASCII text, with very long lines (65459)
Size 154 kB (153756 bytes)
Hash aaaf417f60bc4b6154bc19e986c91100
cbec210ecfe93e0228665dd34c1ce55a5ad92cd2
5b77d5516120b74fe87c6940c863883d02db3306f138b897758e7abc4bd0dcbe
GET /clicks/circaknee_files/E-v1.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-9b796"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsK4zq0sYzhfiHokjCb77JE5WNKCA3g%2BxgbRHQo39echVFgdAYM7ear%2BgeqwILW5RoClFOlkViV6wYadQvwAmAeruWKFMHaZDoHkMP0yYHEJFxbq89hTfC%2Fova6yzV3KE7VfPDkadg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eea4cfc0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/blueshift_wow.js
200 OK 5.4 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/blueshift_wow.js
IP
File type Unicode text, UTF-8 text, with very long lines (15843), with no line terminators
Hash e65348c7a35e848a81cdfa547cffd09f
101070c91c21f9fe0ffd42fc17c8a0cfee2c56cd
4aa0a980550dad9808b8d4a80190720ad9c40d92b9e86c19919361a43d7745a0
GET /clicks/circaknee_files/blueshift_wow.js HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-3e23"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3JvAO4nCk%2FHHwrYjTadLC1w6NS5eJmsYViXlevegW%2FapMRkE8fA6Htub5ro5nwVXcwJdqFGs8y8eMGw7uNZPJ9ZEhHRm5cnTWPGvKsHSDXp1xyGuTOYCn%2FsUusfDq38z742D9fR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eeacde7b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/dmca-badge-resize.webp
200 OK 1.4 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/dmca-badge-resize.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9985d83ad8ac83764331a13b920ac486
6991872ac8abd1abd1045d20f355ce4b124de007
286198e6e4eaa35a618b8c9c954584d5d8c19bb0720228a0546bea63995285fa
GET /clicks/circaknee_files/dmca-badge-resize.webp HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: image/webp
Content-Length: 1386
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: "63a31f1d-56a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gnq5TPOruaaOnbz5zDj1479nEfp4AcHlziefBGSH%2FlgmhFujN0nGota6TbPCdpV40izN0XbkIUAXijg16%2BZnPLEF2L%2FesZx5Lrxbm3ZbrEUUF%2BTNtmULJ5KGi4iftle7SI3tf%2BpSgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eeb1d83b4fd-OSL
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/caresole-logo.webp
200 OK 11 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/caresole-logo.webp
IP
File type PNG image data, 250 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c5dbd2e1ce2316b00542d800ef78ce0
621e8e53b796f51192300283da10107a8ac30280
cfd90f4cf00eb0e2918940b49b27c69cade015d631b3d7ac31c227f624edcb83
GET /clicks/circaknee_files/caresole-logo.webp HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: image/webp
Content-Length: 11188
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: "63a31f1d-2bb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dzvNjVBeoUsBBqy2OYQ8eGVhLjSErKOScsMZ6FS%2BVnFdBpqrzv%2By9bX4A9bCXhIe3mwWmYfavAhyDcKtt2RX7B8XD71Nu6yagcL1KlA9cuf%2B1hEOrsonpxq47P7AyOSid0plQ15Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eec3c5ffac0-OSL
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/blank.htm
200 OK 548 B URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/blank.htm
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
GET /clicks/circaknee_files/blank.htm HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIPBBe3RjyBTllk1cxDZMvrzkBgf7G%2FE2NxQZMG7RhBXUkRtYznt%2Bhkt7%2B7krOkV3X%2BeVvOMGo48ARZq%2Bb0nFep%2FeNG%2F5y8t3%2FRBbvm6q9p9n%2FgoP0WRsRItAXH63gqJV8L%2FtUgwSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78ed5eec0f3a1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.castprivate.shop/clicks/circaknee_files/icon_shipping.webp
200 OK 1.4 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/icon_shipping.webp
IP
File type PNG image data, 104 x 52, 8-bit colormap, non-interlaced\012- data
Hash ba2661585e30c45f0a39517480f9968f
bc126b42415e512f42aa551cc2af30e3d675ee8a
b8d83ff7d53074a841c50d8e17b38e41f8624b38f842fe4edad04f63fe9e4962
GET /clicks/circaknee_files/icon_shipping.webp HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: image/webp
Content-Length: 1431
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: "63a31f1d-597"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQYHgWm4kuw4ewIb%2BFHhVvTFhLmsYk2MfRIYHdsBTswaC2uILkbJ9WGXbPGtbgpGe0QOWnLiSiD49LGZCJhNNpKobtMzzGMz67HYfjJQ5PH3GwsVFtb5Ie%2FtdLo7If%2Bs1UZ3caIv%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eec1d8f0b55-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2fae3d2840eefa050d48ee6d519016c7
265ccacc655c0ec9d379899a20d4183dbcc1f82a
e4abf44275db34453705e5c606a25e2a6e87c36068983017c53cc02e53ca0b54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4ABF44275DB34453705E5C606A25E2A6E87C36068983017C53CC02E53CA0B54"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=706
Expires: Wed, 25 Jan 2023 02:04:26 GMT
Date: Wed, 25 Jan 2023 01:52:40 GMT
Connection: keep-alive
fast.wistia.net/assets/external/wistia-mux.js
200 OK 36 kB URL HTTP/1.1 fast.wistia.net/assets/external/wistia-mux.js
IP
File type ASCII text, with very long lines (65468)
Hash a3d8c61b17b4b10aef855611a430c0a8
be2a728fff089a8653ef697ad0e0e5b49f8b8a28
21bcd7444f85f02541aea5653f7e86006f310f03b1b4c5cba33b861bbc4e48ca
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 35514
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "63cea5d6-8aba"
Last-Modified: Mon, 23 Jan 2023 15:20:54 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:40 GMT
Age: 1340
X-Served-By: cache-iad-kcgs7200052-IAD, cache-bma1674-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 119, 2
X-Timer: S1674611561.686609,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
www.castprivate.shop/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
200 OK 66 kB URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
GET /clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: image/webp
Content-Length: 65510
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: "63a31f1d-ffe6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqrgQt85gAVV156UWHPsd9z2nKuftSYAjNXGsFSh%2FwUco96KtU2f%2B4AsvXIvdQ8nrzu4UpAeVuGBenO5oHCtrwh0rO7OoURoqyWNn426q4EVG4RJklJNVuREjogrVq1oOyf3xMycNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eeb3961b527-OSL
alt-svc: h2=":443"; ma=60
fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
200 OK 1.8 kB URL HTTP/1.1 fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
IP
File type ASCII text, with very long lines (5582), with no line terminators
Hash 029221f1094046d47375159e09221399
a04cc7104345a12c61aa23dc29a7a6fd9165edde
5a1fb59b2c6cd2e5adc27f90fd8babf9baf1f8b14f2da7311cc2e6d24ab05bdd
GET /embed/medias/wl3c973xo9.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1834
Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
ETag: W/"461bc3ce2d591ffe2bd08e5b89631898"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 34c250250a6ce95adb6c2b3e8e8b6eb7
X-Runtime: 0.056107
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:40 GMT
Age: 7263
X-Served-By: cache-iad-kiad7000112-IAD, cache-bma1640-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 9, 0
X-Timer: S1674611561.686561,VS0,VE91
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
api.sjpf.io/
200 OK 208 B IP
File type ASCII text, with no line terminators
Hash 66b12387a328a791ee806fe75415a07f
68821005fe1855edb27494d20d56a64e06a29afb
c74eb50ede67477ecd3f3d026eae203037a1831c899abcc09c3e47f3835c6e5a
GET / HTTP/1.1
Host: api.sjpf.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=2592000, immutable, private
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 208
date: Wed, 25 Jan 2023 01:52:40 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 25 Jan 2023 01:45:20 GMT
expires: Wed, 25 Jan 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 440
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP
File type ASCII text, with very long lines (1654)
Hash 1a7f4ea591ac0239b74b459cf1c24b33
d3fdd8b74d96f884623e105aa4ab072620d64abf
dd77cdcbe2788e94b6c55c8c9c822fcaab155297bba40055f7db1d669fbc7ceb
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Jan 2023 01:52:40 GMT
expires: Wed, 25 Jan 2023 01:52:40 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17232022191221729168
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.castprivate.shop/clicks/circaknee_files/blank_data/inject.css
200 OK 928 B URL HTTP/1.1 www.castprivate.shop/clicks/circaknee_files/blank_data/inject.css
IP
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
GET /clicks/circaknee_files/blank_data/inject.css HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee_files/blank.htm
Cookie: _gcl_au=1.1.104855607.1674611558
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:40 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:58:37 GMT
ETag: W/"63a31f1d-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Un%2Fb5m1JxMcJbCICrvDuxxcnZE9dHgIJneVT1PtUbw3MwWQznsANIbi%2Fhjhx9mEXzt0i3s5bOizCCyaKe9%2Fhynr72NlQ9qnIpxYvJngLpCDLG0j%2FAVBNI%2BSNffuQvaK6%2BfnLj7QY%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5eedeca9fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fast.wistia.net/assets/external/share-v2.js
200 OK 16 kB URL HTTP/1.1 fast.wistia.net/assets/external/share-v2.js
IP
File type ASCII text, with very long lines (51810), with no line terminators
Hash 4f41d0dae790c083bd334b72ed0d874f
f3807d16ed750fc8f6ceb5850b4ef61db750a1fb
5ef0648aa60d1a387592538a507cee8f0d83b2724b74030c19b67822f900860f
GET /assets/external/share-v2.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15882
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "63cea5d6-3e0a"
Last-Modified: Mon, 23 Jan 2023 15:20:54 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:40 GMT
Age: 1337
X-Served-By: cache-iad-kcgs7200069-IAD, cache-bma1674-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 158, 0
X-Timer: S1674611561.805988,VS0,VE92
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
200 OK 66 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
IP
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
GET /deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/webp
Accept-Ranges: none
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
content-disposition: inline
Last-Modified: Tue, 11 May 2021 01:11:50 UTC
surrogate-key: 624bfc51d2fcbc0ebaac400b53014447 thumbnail-delivery
Content-Length: 65510
Cache-Control: max-age=31485782
Date: Wed, 25 Jan 2023 01:52:41 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
fast.wistia.net/assets/external/engines/manual_quality_video.js
200 OK 25 kB URL HTTP/1.1 fast.wistia.net/assets/external/engines/manual_quality_video.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4eff995ff53aa03cc11de83d3e3070b1
df6f3d83118fac675be51c4f0ec398c8937aab80
f538e194362612d191f7dade07ac8a1e8051e1ac8bebd6aa1dec53608052f1b1
GET /assets/external/engines/manual_quality_video.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25012
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "63cea5d6-61b4"
Last-Modified: Mon, 23 Jan 2023 15:20:54 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:41 GMT
Age: 1333
X-Served-By: cache-iad-kcgs7200140-IAD, cache-bma1674-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 106, 1
X-Timer: S1674611561.175226,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 94bd170af82e66b11326c149c80c78aa
c983bcfa7e18fe93df52d888bcd856cfed671d2f
242faf0fd8c0933999060acaaaf27b089f483229d91eae4e90b629cf5011aa32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 01:52:41 GMT
Last-Modified: Wed, 25 Jan 2023 00:15:34 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UT9Ew4mkYjRS3l3AKz6as8XBX3GqwvYE-pxzcWCW-W3xHlNKSz6fBA==
Age: 5827
fast.wistia.net/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/1.1 fast.wistia.net/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1214
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Type: image/gif
ETag: "63d05b7d-4be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Tue, 24 Jan 2023 22:28:13 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:41 GMT
Age: 12141
X-Served-By: cache-iad-kjyo7100120-IAD, cache-bma1674-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 60, 18
X-Timer: S1674611561.222512,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=5f8ea23018087a1c5c16753a HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.castprivate.shop
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y4snW8pslleTHabT7PB8aA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Wed, 25 Jan 2023 01:52:41 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=8bda68aa4ff6df9baa08a9393f4847cb398cfb7fed442211b32f97b8b6a23d01;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
ARRAffinitySameSite=8bda68aa4ff6df9baa08a9393f4847cb398cfb7fed442211b32f97b8b6a23d01;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: s4GrqwMghKaN2fJ/ZAMnmfwUF8c=
Origin: http://www.castprivate.shop
X-Powered-By: ASP.NET
fp.ctrwow.com/
400 Bad Request 218 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 65ff01efb900ddecb5aadf4d877cd852
683ae9116c5e9df040b5fdb042cd31ae9a10acd4
29bee82744eeff2655e99e723116b10c60f8d0054da1dbb4d89660621fd602f7
POST / HTTP/1.1
Host: fp.ctrwow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1008
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
date: Wed, 25 Jan 2023 01:52:41 GMT
content-type: application/json; charset=utf-8
content-length: 218
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: http://www.castprivate.shop
access-control-expose-headers: Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 34c6c87358e04f2487a4fcb466d2ad17
2e99bb20b81b80930471f736676e4dd3a093a9cd
db58d2601ad2308da96f8998b9b5e39c3c48b910c0f141230a757b9985b536fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1674611559120&cv=9&fst=1674611559120&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1674611559120&cv=9&fst=1674611559120&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2645), with no line terminators
Hash 44d684c7dcbf1bf94728630d3b7b74ed
5d605f8a714899294a0965bbdabbec28c402083e
004ecc4d3bf403ecfe3787cd6c173f13000e07af8b986ad3c6222c0c8e7b12bc
GET /pagead/viewthroughconversion/781463602/?random=1674611559120&cv=9&fst=1674611559120&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 01:52:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1135
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Jan-2023 02:07:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 34c6c87358e04f2487a4fcb466d2ad17
2e99bb20b81b80930471f736676e4dd3a093a9cd
db58d2601ad2308da96f8998b9b5e39c3c48b910c0f141230a757b9985b536fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135383900-2&cid=610496931.1674611559&jid=364439537&gjid=252246210&_gid=1980011207.1674611559&_u=YEDAAUABAAAAACAAI~&z=1893347367
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135383900-2&cid=610496931.1674611559&jid=364439537&gjid=252246210&_gid=1980011207.1674611559&_u=YEDAAUABAAAAACAAI~&z=1893347367
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135383900-2&cid=610496931.1674611559&jid=364439537&gjid=252246210&_gid=1980011207.1674611559&_u=YEDAAUABAAAAACAAI~&z=1893347367 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.castprivate.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Jan 2023 01:52:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-22484186-3&cid=610496931.1674611559&jid=742558492&gjid=1053997957&_gid=1980011207.1674611559&_u=YEBAAUAAAAAAACAAI~&z=30076628
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-22484186-3&cid=610496931.1674611559&jid=742558492&gjid=1053997957&_gid=1980011207.1674611559&_u=YEBAAUAAAAAAACAAI~&z=30076628
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-22484186-3&cid=610496931.1674611559&jid=742558492&gjid=1053997957&_gid=1980011207.1674611559&_u=YEBAAUAAAAAAACAAI~&z=30076628 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.castprivate.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Jan 2023 01:52:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/781463602/?random=1674611559120&cv=9&fst=1674608400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=2990456210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/781463602/?random=1674611559120&cv=9&fst=1674608400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=2990456210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/781463602/?random=1674611559120&cv=9&fst=1674608400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=2990456210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 01:52:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/playPauseLoadingControl.js
200 OK 18 kB URL HTTP/1.1 fast.wistia.net/assets/external/playPauseLoadingControl.js
IP
File type ASCII text, with very long lines (60297), with no line terminators
Hash 54655134174b76e8a312ca7ee44e5841
7da0149d360496982567aa873606efa1438acd99
dcc31ee48b4597ae600b2cff9330959cb18b345bdc35e8219545e4a65be4403e
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17963
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "63cea5d6-462b"
Last-Modified: Mon, 23 Jan 2023 15:20:54 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:41 GMT
Age: 1340
X-Served-By: cache-iad-kiad7000024-IAD, cache-bma1674-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 378, 1
X-Timer: S1674611562.503388,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7143ec2b6ec489f406bfc0a99a9f0c0d
d29957fc02e2cd2b070924e572b5bcfbf43b5dd9
cddfe545e4b4a71aa7840bf8e88240fcd4c5997fee0e9f3c0a6a0b197cc06877
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 01:52:41 GMT
Etag: "63ceb647-1d7"
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XMDboY-6efGGGHLJt9X6qpFAS8E1I62swXTj0xHss2-SH8DnRU6CIg==
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 01:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.getblueshift.com/blueshift.js
200 OK 2.0 kB URL HTTP/1.1 cdn.getblueshift.com/blueshift.js
IP
File type ASCII text, with very long lines (4271), with no line terminators
Hash 72b5c14c6153ec1e7f8e78ec457b928f
961e3125fddb06f28262a7d8c1497573e3867901
c3efaac4dcd1dcec06e610ad4c1874a14908ba1ec109f2deaddb2d8f0c1a2ce4
GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1975
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:16:27 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 25 Jan 2023 01:11:51 GMT
Cache-Control: max-age=3600
ETag: "72b5c14c6153ec1e7f8e78ec457b928f"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lY--DuGGSUVByH8sV6MD7xMka7xoqLHx3EA_u2VFFFXSY75sJaNSqg==
Age: 2453
fast.wistia.com/assets/external/E-v1.js
200 OK 151 kB URL HTTP/1.1 fast.wistia.com/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150567 bytes)
Hash 2d6561982f12f2094e3b2232feab2c18
62cd35c8cb70953d4f102ef889b6be7a4b878ff3
e68e5f7db8fc00fe10b799e62164e1334e49a5fec6757748ec7aa7dd9e71b300
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 150567
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "63cea5d6-24c27"
Last-Modified: Mon, 23 Jan 2023 15:20:54 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:41 GMT
Age: 1341
X-Served-By: cache-iad-kiad7000159-IAD, cache-bma1636-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 46, 1
X-Timer: S1674611562.563998,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
www.castprivate.shop/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
404 Not Found 131 B URL HTTP/1.1 www.castprivate.shop/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534 HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/clicks/circaknee.php?sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
Cookie: _gcl_au=1.1.104855607.1674611558; _ga=GA1.2.610496931.1674611559; _gid=GA1.2.1980011207.1674611559; _gat_gtag_UA_22484186_3=1; _gat_gtag_UA_135383900_2=1; _clck=rvsjn3|1|f8k|0
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 01:52:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msZeEQAzj24RLo4U%2B9IgfcBPMxejmXQ3CpCdjRWw0e5oGpOpGdbwULZgjcifKoe6GvQbahUoCj%2BMRAB9D1ni7LMNxe5qYh4t3LEqsM2yIWCC0eOlhE5r8L24m1Phb3kBKlWtp%2Fr%2FdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ed5ef39fc60b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 701
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://www.castprivate.shop
access-control-allow-credentials: true
date: Wed, 25 Jan 2023 01:52:40 GMT
X-Firefox-Spdy: h2
www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
200 OK 1.0 kB URL HTTP/2 www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
IP
File type PNG image data, 128 x 127, 8-bit colormap, non-interlaced\012- data
Hash 0f351fbdf834a0dfa6b09ee104664762
1d0f4329ee8bd6e0f4fd1e89ba7b6e7feb4c117b
d4571ae92aa3e457bd64730f7bca11b74a0052faddd90e9c57560683ed538c11
GET /en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png HTTP/1.1
Host: www.buycircaknee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1048
date: Wed, 25 Jan 2023 01:52:42 GMT
cache-control: max-age=31536000
last-modified: Wed, 23 Nov 2022 09:47:46 GMT
etag: "0f351fbdf834a0dfa6b09ee104664762"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OtvSZDieQWZwtMJqoVTa_DCwXt9nHCPwb04Kv9Ps75BHNOTzH3qkew==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c7311eb71703c722ebe8696a72fb99b
ca9162ac1922b722623afdf9a4af62e973c3743e
da211c46d484888058784b43718995af8e20ee37375b9f08008138543c6f8212
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 01:52:41 GMT
Etag: "63cf99fb-1d7"
Last-Modified: Wed, 25 Jan 2023 01:43:52 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EOhxTl92QqM5pxLBWadVoIJWUuxpMmB-ATIERMdEfoASejoPNiFOSg==
Age: 529
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 27af3e2d4be81382263dce660ccf04f4
d213e5d8def924656dfbadc4edd461c3c0d2b6d2
450fd5a99df8e463ec3eabc3c2616848629154856ea2ded2eaff69d137f78bf1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108003
Date: Wed, 25 Jan 2023 01:52:41 GMT
Etag: "63cf7844-1d7"
Expires: Thu, 26 Jan 2023 07:52:44 GMT
Last-Modified: Tue, 24 Jan 2023 06:18:44 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HR3w7TvOdk0Am3Tn0jBLUchLAadI82BcCgzYlVEA22WKeRRE_hyk7g==
Age: 5640
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1266
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 01:52:42 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
fg8vvsvnieiv3ej16jby.litix.io/
200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.castprivate.shop/
Content-Type: text/plain
Origin: http://www.castprivate.shop
Content-Length: 1462
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Date: Wed, 25 Jan 2023 01:52:42 GMT
Content-Length: 0
Connection: keep-alive
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 2200
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:42 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1254
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 01:52:42 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&RedC=c.clarity.ms&MXFR=126758DAD551673B13074A7ED15169A7
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=126758DAD551673B13074A7ED15169A7; domain=.clarity.ms; expires=Mon, 19-Feb-2024 01:52:42 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 25 Jan 2023 01:52:41 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&RedC=c.clarity.ms&MXFR=126758DAD551673B13074A7ED15169A7
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&RedC=c.clarity.ms&MXFR=126758DAD551673B13074A7ED15169A7
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&RedC=c.clarity.ms&MXFR=126758DAD551673B13074A7ED15169A7 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.castprivate.shop/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&MUID=3CC72401034D670735D836A502B866BC
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3CC72401034D670735D836A502B866BC; domain=c.bing.com; expires=Mon, 19-Feb-2024 01:52:42 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4030B052D3B4A70A0751601261CE2DE Ref B: OSL30EDGE0509 Ref C: 2023-01-25T01:52:42Z
date: Wed, 25 Jan 2023 01:52:42 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&MUID=3CC72401034D670735D836A502B866BC
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&MUID=3CC72401034D670735D836A502B866BC
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=2643D182E9634B44A7BBC0EC9C524D5B&MUID=3CC72401034D670735D836A502B866BC HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.castprivate.shop/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 25-Jan-2023 02:02:42 GMT; path=/; SameSite=None; Secure;
date: Wed, 25 Jan 2023 01:52:41 GMT
content-length: 42
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/allIntegrations.js
200 OK 6.3 kB URL HTTP/1.1 fast.wistia.net/assets/external/allIntegrations.js
IP
File type ASCII text, with very long lines (21637), with no line terminators
Hash 99068e991000bfd869abb76f94ee0e27
e2377b1d0920d20811806005c579d3fd5b1a5809
99300c86f4a06c5700a6b3f0e29591425597d5c30ec6b0b499f3cbc7f747df0c
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 6272
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "63cea5d6-1880"
Last-Modified: Mon, 23 Jan 2023 15:20:54 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 25 Jan 2023 01:52:42 GMT
Age: 3574
X-Served-By: cache-iad-kcgs7200084-IAD, cache-bma1674-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 398, 0
X-Timer: S1674611563.511626,VS0,VE92
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 105
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 99751
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://www.castprivate.shop
access-control-allow-credentials: true
date: Wed, 25 Jan 2023 01:52:41 GMT
X-Firefox-Spdy: h2
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 2200
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:42 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
api.getblueshift.com/unity.gif?t=1674611561&e=pageload&r=&z=389299&x=13c25a652e2a0c05cb06a3b1dba09a85&k=c100c4a4-4e13-74bb-50c6-531502fef300&u=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
200 OK 42 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1674611561&e=pageload&r=&z=389299&x=13c25a652e2a0c05cb06a3b1dba09a85&k=c100c4a4-4e13-74bb-50c6-531502fef300&u=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /unity.gif?t=1674611561&e=pageload&r=&z=389299&x=13c25a652e2a0c05cb06a3b1dba09a85&k=c100c4a4-4e13-74bb-50c6-531502fef300&u=http%3A%2F%2Fwww.castprivate.shop%2Fclicks%2Fcircaknee.php%3Fsid%3D1005458%26h%3DY5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU%2FMd9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 01:52:42 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
access-control-allow-origin: http://www.castprivate.shop
access-control-expose-headers: etag
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7048
Origin: http://www.castprivate.shop
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://www.castprivate.shop
access-control-allow-credentials: true
date: Wed, 25 Jan 2023 01:52:44 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/cgxrhsz59b?ref=gtm2
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/cgxrhsz59b?ref=gtm2
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/cgxrhsz59b?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=dda02b682c324ddb9d90643c961f2a59.20230125.20240125; expires=Thu, 25 Jan 2024 01:52:42 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0aovQYwAAAACqHnBeMKpYRZUi6+PWTIGwQ1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 25 Jan 2023 01:52:42 GMT
X-Firefox-Spdy: h2
www.castprivate.shop/offer.php?id=373&sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
200 OK 0 B URL HTTP/2 www.castprivate.shop/offer.php?id=373&sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE
IP
GET /offer.php?id=373&sid=1005458&h=Y5VHLj3JSlXaUPsYKZZa5vBL6r2gu2E69ijpi2Z8rSU/Md9WLIaPX8lq0zy_SYR6gChFMGEc4pyKMqKBws81fbE0clM9I7oKTwigbaF-iBzMtqNxrh8iFtov-dXVwPWJ3JHZMwqpj-8SBXa6BmJLLrE HTTP/1.1
Host: www.castprivate.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 01:52:38 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReU932zdOeT1QwDqb8bR4tBxvibXbXFtqC6p%2BLG6aex56yTJ3xjCIlVX8jVre2E4LTDd%2FiO2IJTgIEce%2BgrKBAE2rE2hWhBDSnAOVqWCSEPozA6Gr6fmEpftK7orJQo9uafCG124oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ed5ee2aa97b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1450693.js?sv=7
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1450693.js?sv=7
IP
GET /c/hotjar-1450693.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 25 Jan 2023 01:52:40 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/82b3e48d91c949ca19b7fad683e8a3e2
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L3F3IycNFOew99Ck9g8HNoCAyjnXosEzJvzpxUlezaPUYjB8BaIhAg==
X-Firefox-Spdy: h2
www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/ecqx4egfsd?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=e4ca49795bda40ada2f3d141d5c23054.20230125.20240125; expires=Thu, 25 Jan 2024 01:52:40 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0aIvQYwAAAADzRbo5Bc2sT6QUKblnV/QTQ1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 25 Jan 2023 01:52:40 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.castprivate.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d928dd7500799e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0aNbPYwAAAABEY8COhBBQSJ4OXKejqMB5RlJBMjMxMDUwNDE3MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0aYvQYwAAAACNGhGpbYmyTYtysmyudsJ6Q1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 25 Jan 2023 01:52:41 GMT
X-Firefox-Spdy: h2
172.67.189.186
23.36.76.200
188.114.97.1
0.0.0.0