marketing.netcraftdigital.com/2361dbb1-46ff-478f-8a45-287bc07c078c
35.157.125.133302 0 B URL HTTP/1.1 marketing.netcraftdigital.com/2361dbb1-46ff-478f-8a45-287bc07c078c
IP 35.157.125.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /2361dbb1-46ff-478f-8a45-287bc07c078c HTTP/1.1
Host: marketing.netcraftdigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sat, 26 Nov 2022 13:00:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.malimora.com/fashion/?fashion=https://r.brandreward.com/?key=690888d974a715942ab6b37c487f9a02&url=http%3A%2F%2Fcrispbln.com&id=we5b1o4ohvdnndok2s2m5ma0
Pragma: no-cache
Set-Cookie: 2361dbb1-46ff-478f-8a45-287bc07c078c-v4=cH9wA1WD7yKXCf3HLMYRpMIGz1xFzqQPN4_sbM1fa3Q; Max-Age=86400; Expires=Sun, 27-Nov-2022 13:00:05 GMT; Domain=marketing.netcraftdigital.com; Path=/; HttpOnly
cc-v4=5bLFflfkLj9%2FcVv6Z79MjCeFP%2BbMZQTXAOhoztpNgm7Z8vUZ%2FhTNPbYpInEmX5cA1sVKC33ht2iE92yiUZjsNhhg4U%2FtpYq7StnUw%2FLS5Ffz6%2B9d1525AY8kC%2B74rF0qnrBGSJnN1BYJyZzgjHRY%2BA%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 13:00:05 GMT; Domain=marketing.netcraftdigital.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14833
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 13:00:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3304
Cache-Control: max-age=167167
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:05 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:26:12 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9032
Expires: Sat, 26 Nov 2022 15:30:37 GMT
Date: Sat, 26 Nov 2022 13:00:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 12:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2452
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qwZSw2XBZdmS/siXtZkY535D7l/fOlfUVM91kAuJu+4tj2MKUND4FxoXSTVgOdD2p5TGD5i6TzE=
x-amz-request-id: D7CV976E50A3D382
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 12:41:12 GMT
age: 1133
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:00:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/5vasegk43NA
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/5vasegk43NA
IP 142.250.74.3:0
Hash 093575b49a2e9e00166e353b9cb9fe82
cbece6fffc83ab2f5e4b1cb199454f823891133a
b93c41fed9422c68a5af7acb92e6568cd2dbb1a3beb4752044f8f054331d3f9d
POST /s/gts1p5/5vasegk43NA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 12:08:54 GMT
cache-control: public,max-age=3600
age: 3071
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/5vasegk43NA
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/5vasegk43NA
IP 142.250.74.3:0
Hash 093575b49a2e9e00166e353b9cb9fe82
cbece6fffc83ab2f5e4b1cb199454f823891133a
b93c41fed9422c68a5af7acb92e6568cd2dbb1a3beb4752044f8f054331d3f9d
POST /s/gts1p5/5vasegk43NA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=163920
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:05 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:32:05 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HCNKGKnL50yC4ah5sQwtyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ig1yVZ+Qk+JaLAgA4guqn1ByarU=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7d63474a3817269fe4fdfe34a7b2c8f
5835cb8f9b00445110ec3b888822f49044cba731
0ba28461a55ef18d4c086ba882b345fc2c92694e1786fe2c435fa702d15303db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BA28461A55EF18D4C086BA882B345FC2C92694E1786FE2C435FA702D15303DB"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15496
Expires: Sat, 26 Nov 2022 17:18:22 GMT
Date: Sat, 26 Nov 2022 13:00:06 GMT
Connection: keep-alive
r.brandreward.com/?key=690888d974a715942ab6b37c487f9a02&url=http://crispbln.com&id=we5b1o4ohvdnndok2s2m5ma0
169.48.74.205200 OK 296 B URL HTTP/1.1 r.brandreward.com/?key=690888d974a715942ab6b37c487f9a02&url=http://crispbln.com&id=we5b1o4ohvdnndok2s2m5ma0
IP 169.48.74.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (515), with no line terminators
Hash e48de758e47200b58476f2b6669dc73c
a7f94ec1c0ccb982df431c5fd66b5be61d9c5f7c
1fc61b668f669d5e511a7ff39ceb23da552055db5f6d5e562faea804cedce189
GET /?key=690888d974a715942ab6b37c487f9a02&url=http://crispbln.com&id=we5b1o4ohvdnndok2s2m5ma0 HTTP/1.1
Host: r.brandreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.malimora.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 13:00:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: _bd=f7d1c2c56d911de4052cd38554c3cca4
Referer:
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a50006bdbd71ac0280e3e52688f62b03
2c4d29d954088117d769a65f8d6b46854be28aab
22070dbf40760d084e63a71dfbb56f526bb7079093a02bc74b69683fafb0bde3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127524
Date: Sat, 26 Nov 2022 13:00:07 GMT
Etag: "6381437e-1d7"
Expires: Mon, 28 Nov 2022 00:25:31 GMT
Last-Modified: Fri, 25 Nov 2022 22:36:46 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TyKOjuQSVMdoVqo_4NdYoTIU9nECQux4y9xePeuA9vEijb2fX4zfyw==
Age: 6525
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:00:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:00:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:00:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:00:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:00:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70fae9ac56bb7676177d4252757f0180
bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:51 GMT
age: 52096
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 32669
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 54841
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 51988
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 54841
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 52932
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
141.95.57.33301 Moved Permanently 338 B URL HTTP/1.1 crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
IP 141.95.57.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c96206648852fcb50254e12231943092
4ba642cbb89853153ea04d1c08acd5708f970770
2530f809b0ad34e9bd0593c9d913fc0fd37fe47ae4b88eb49d912c15ea4d9d1a
GET /?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821 HTTP/1.1
Host: crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 13:00:07 GMT
Server: Apache
Location: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Content-Length: 338
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 64872947daa6b57ecca67c6ba7c35c15
dee31513399fe053b877d07db60ae078a9e5e606
426c65409f058b80b746f8e9008b0fd8ab6adecf0648d27bc0d64015da4dc35e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "426C65409F058B80B746F8E9008B0FD8AB6ADECF0648D27BC0D64015DA4DC35E"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14658
Expires: Sat, 26 Nov 2022 17:04:25 GMT
Date: Sat, 26 Nov 2022 13:00:07 GMT
Connection: keep-alive
www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
141.95.57.33200 OK 16 kB URL HTTP/1.1 www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
IP 141.95.57.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40123)
Hash 35ebf87cea54b5112d4932dd0bea6808
0d329bf3b59d1aaa3f1c5a1cb20dac3a1b9d8c42
db66fb0711654c57e6ef000bd3771837a0f0324bb6406fa69a8a47bb6988e592
GET /?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821 HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:07 GMT
Server: Apache
link: </web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css>; rel="preload"; as="style",</web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.js>; rel="preload"; as="script"
X-Content-Digest: end6012ca8596465fef61963a55e6fd813aff71d99a5633feec4bc30daf2347907
Age: 3567
Cache-Control: no-cache, private
Set-Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Fri, 26-Nov-2021 13:00:06 GMT; Max-Age=0; path=/
nocache=deleted; expires=Fri, 26-Nov-2021 13:00:06 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 16549
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
141.95.57.33200 OK 82 kB URL HTTP/1.1 www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
IP 141.95.57.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f2381a2fe8cad1cc31ba7e296ae16351
a23ad570883198ccf49ccd0356234d30c7d0ae0e
ee01d509300a32bc10b8c834436a4759e2c8a15e67d365e351f7a1cb1182b28d
GET /web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:07 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 23 Nov 2022 08:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=604800, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.crispbln.com/media/vector/a9/5c/21/logo_crisp_desktop_black_new.svg
141.95.57.33200 OK 2.1 kB URL HTTP/1.1 www.crispbln.com/media/vector/a9/5c/21/logo_crisp_desktop_black_new.svg
IP 141.95.57.33:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 384c20f004c5fba63c35edeffb44f2cb
8b689d18a2f1ebd57dfeba5adbcca6d135f6d95a
573f947a797b4ec2280da47fde92452b3ad9aa5c709f27cc22180673dfbe8b95
GET /media/vector/a9/5c/21/logo_crisp_desktop_black_new.svg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 11 Apr 2022 16:10:06 GMT
Accept-Ranges: bytes
Content-Length: 2102
Vary: Origin
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
www.crispbln.com/engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/img/logos/ts-logo.png
141.95.57.33200 OK 4.4 kB URL HTTP/1.1 www.crispbln.com/engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/img/logos/ts-logo.png
IP 141.95.57.33:0
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 278a8de759a7ab6623a633b92ded31aa
dfe11fb0ccfcdd71ab0ba2c8001108d7b70f0dc0
7303d21f6a76368095f5625c6ca75057a692403ade13607172ae010cc01a88e0
GET /engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/img/logos/ts-logo.png HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 21 Sep 2022 20:18:45 GMT
Accept-Ranges: bytes
Content-Length: 4429
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=604800, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.js
141.95.57.33200 OK 165 kB URL HTTP/1.1 www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.js
IP 141.95.57.33:0
File type ASCII text, with very long lines (59372)
Size 165 kB (164773 bytes)
Hash 7ae8f5e49624b88fe1695b5e8ec4b191
f6d3da9a611d04944f17652c48320f3b456a9a82
8008049ab910fedc424302e4d1477b8a2ac8b708dd4e46e7a97ca8feb8f6db6e
GET /web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.js HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 23 Nov 2022 08:21:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=604800, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.crispbln.com/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?9fa98e40fdf9bff8e4cc29383d19100e
141.95.57.33200 OK 42 kB URL HTTP/1.1 www.crispbln.com/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?9fa98e40fdf9bff8e4cc29383d19100e
IP 141.95.57.33:0
File type Web Open Font Format (Version 2), TrueType, length 41684, version 1.6619\012- data
Hash 237aa94493d93bcf630b9a062f455d0a
3d2fab0aea06119ea018a1833cb4e52445c39b75
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
GET /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?9fa98e40fdf9bff8e4cc29383d19100e HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 18 Jul 2022 11:49:04 GMT
Accept-Ranges: bytes
Content-Length: 41684
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
www.crispbln.com/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?ba1c70ca50e96cb9915d2958440346bf
141.95.57.33200 OK 24 kB URL HTTP/1.1 www.crispbln.com/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?ba1c70ca50e96cb9915d2958440346bf
IP 141.95.57.33:0
File type Web Open Font Format (Version 2), TrueType, length 24276, version 1.0\012- data
Hash 542276b37771317f850a11ee89e0720d
20ce7199ec6a04947e871b38f691d046d2ed5220
386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0
GET /themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?ba1c70ca50e96cb9915d2958440346bf HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 18 Jul 2022 11:49:04 GMT
Accept-Ranges: bytes
Content-Length: 24276
Vary: Origin
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.googletagmanager.com/gtm.js?id=GTM-W5ZN7D3
142.250.74.168200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W5ZN7D3
IP 142.250.74.168:0
File type ASCII text, with very long lines (14928)
Hash d64a08470b27aefdb8b9dcc0365f9b6e
6fe5556f4f388ead8b8e4b95beda58dfc6147f72
0ccf9bb75b7cee63b7b8e4d6e933592441c286e71d7177e08ffb5bbba135aba5
GET /gtm.js?id=GTM-W5ZN7D3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 13:00:08 GMT
expires: Sat, 26 Nov 2022 13:00:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.crispbln.com/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?1ba1d7af86816cb906398f14156fcb7f
141.95.57.33200 OK 44 kB URL HTTP/1.1 www.crispbln.com/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?1ba1d7af86816cb906398f14156fcb7f
IP 141.95.57.33:0
File type Web Open Font Format (Version 2), TrueType, length 43524, version 1.6619\012- data
Hash b62818c54031125f5feb919cf0cb6752
29520539229ea3019411dabb4ff21bb461e3dab2
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e
GET /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?1ba1d7af86816cb906398f14156fcb7f HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 18 Jul 2022 11:49:04 GMT
Accept-Ranges: bytes
Content-Length: 43524
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.crispbln.com/engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/fonts/payments/paymentfont-webfont.woff?v12
141.95.57.33200 OK 107 kB URL HTTP/1.1 www.crispbln.com/engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/fonts/payments/paymentfont-webfont.woff?v12
IP 141.95.57.33:0
File type Web Open Font Format, TrueType, length 107428, version 1.0\012- data
Size 107 kB (107428 bytes)
Hash 966196dae4fcb2b6cbf4b5a817c9d2ef
4e98c5ebe871196755c3f2d493db82652d2542c0
030cd480e19712acda77e90719747769830be54dfe133e79e63c46283571a5ef
GET /engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/fonts/payments/paymentfont-webfont.woff?v12 HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 21 Sep 2022 20:18:45 GMT
Accept-Ranges: bytes
Content-Length: 107428
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
www.crispbln.com/engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/fonts/ionicons/ionicons.woff?v12
141.95.57.33200 OK 68 kB URL HTTP/1.1 www.crispbln.com/engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/fonts/ionicons/ionicons.woff?v12
IP 141.95.57.33:0
File type Web Open Font Format, TrueType, length 67904, version 0.0\012- data
Hash 05acfdb568b3df49ad31355b19495d4a
e46819e863a46751d622c1190c4e8a83ebc20612
709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc
GET /engine/Shopware/Plugins/Community/Frontend/TabtenTemplateNorii/Themes/Frontend/NORII/frontend/_public/src/fonts/ionicons/ionicons.woff?v12 HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.crispbln.com/web/cache/1669191666_184e8ee41521f7985c5f6a28f2a91969.css
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 21 Sep 2022 20:18:45 GMT
Accept-Ranges: bytes
Content-Length: 67904
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdc9fd810aa067e741e9eb1b72df794f
4b3569a3884ef6924d7457330e4f92c5efeb7eef
a87fb98b5e98bb372a39d55525f5dc92c850f75702acfa768486a2bc2610da27
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3008
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:08 GMT
Last-Modified: Sat, 26 Nov 2022 12:10:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.crispbln.com/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
141.95.57.33200 OK 0 B URL HTTP/1.1 www.crispbln.com/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
IP 141.95.57.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/index/refreshStatistic?requestPage=%2F&requestController=index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Cache-Control: private
x-robots-tag: noindex
X-Body-Eval: ESI
Set-Cookie: x-cache-context-hash=deleted; expires=Fri, 26-Nov-2021 13:00:07 GMT; Max-Age=0; path=/
nocache=deleted; expires=Fri, 26-Nov-2021 13:00:07 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Origin
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/media/unknown/a1/86/4e/favicon5847f65cdd0cd.ico
141.95.57.33200 OK 34 kB URL HTTP/1.1 www.crispbln.com/media/unknown/a1/86/4e/favicon5847f65cdd0cd.ico
IP 141.95.57.33:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 3c340554e7ad999f1f4cf300a8afcb3b
6f8df68a7326147febc8ad7d2ec837d782d1de66
00e491d55abd184b17c1200f91bd494b311f07de419c0ec8d02d05089b23e42c
GET /media/unknown/a1/86/4e/favicon5847f65cdd0cd.ico HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 07 Dec 2016 11:45:32 GMT
Accept-Ranges: bytes
Content-Length: 34494
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=604800, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.crispbln.com/media/image/41/b6/24/mstile-150x1505847f65ddd848.png
141.95.57.33200 OK 18 kB URL HTTP/1.1 www.crispbln.com/media/image/41/b6/24/mstile-150x1505847f65ddd848.png
IP 141.95.57.33:0
File type PNG image data, 270 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash dee03050843e97046940a6962cab0a48
6c314e10f1301916aa4369f102a52e36a68b1d63
e48e999420c986cc9c1e92eb6fffd8e8c6e10f4b72838142babb84abe816f2e4
GET /media/image/41/b6/24/mstile-150x1505847f65ddd848.png HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 07 Dec 2016 11:45:33 GMT
Accept-Ranges: bytes
Content-Length: 17731
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=604800, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.crispbln.com/widgets/emotion/index/emotionId/464/secret//controllerName/index
141.95.57.33200 OK 1.6 kB URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/464/secret//controllerName/index
IP 141.95.57.33:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (17396), with no line terminators
Hash 17be8e0745dcb833bf1c3bb904bbe3c4
8b4056c5c4493e5a460725d20de2e9112ae67147
ee417cd52239fdc198b2d9d2718685b265d44a9584f7d77a593d4c2fae17654e
GET /widgets/emotion/index/emotionId/464/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:15:30 GMT
Server: Apache
x-content-digest: en728d97cfb67fad2a908e99626a240f61a7e4c7f2259c7b2e81293b32bd7144c0
Age: 9878
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 1623
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off
138.201.222.21200 OK 14 kB URL HTTP/2 cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off
IP 138.201.222.21:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 52ae474bbbccafa471fb0a80707f578b
8d141d4a326c4eeadee1d631352051844cae5356
bcaf4654c446c282461a6ba0583393c8f9b6406e56f72f8db98a0d38010f798b
GET /widgetapi/widget2/trustami-widget.js?cache=off HTTP/1.1
Host: cdn.trustami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:04 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 15:13:09 GMT
vary: Accept-Encoding
etag: W/"63725b05-163f3"
server: Trustami trust server G4 - stable release
expires: Sat, 03 Dec 2022 13:00:04 GMT
pragma: public
cache-control: max-age=604800, public, no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.crispbln.com/widgets/emotion/index/emotionId/465/secret//controllerName/index
141.95.57.33200 OK 2.5 kB URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/465/secret//controllerName/index
IP 141.95.57.33:0
File type HTML document, ASCII text, with very long lines (25176), with no line terminators
Hash 692e2609b816ed62f9a2f105e6d6d005
8cd3ad497869ad2439e5352b2f1657dbc2f6e420
4954cf259661c780a7835bd4425f95bb05b20941799c52c5f0acf4eb02d1517d
GET /widgets/emotion/index/emotionId/465/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:18:59 GMT
Server: Apache
x-content-digest: en4fd1e861c3c40b09fc910af20606bcaf8f5161507dc02d44f2243fa23eb9ddae
Age: 9669
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 2536
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/widgets/emotion/index/emotionId/469/secret//controllerName/index
141.95.57.33200 OK 434 B URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/469/secret//controllerName/index
IP 141.95.57.33:0
File type ASCII text, with very long lines (1274), with no line terminators
Hash 6771e5332a076ffa2b8983a85e9dcc4c
8813e4f112e3bd2e6a507c398fcbbc94371be557
b9813e9201513d66fd36d5cc5b0ca72d3f5c2e7f15b00e51e1f67b8dbb884fe4
GET /widgets/emotion/index/emotionId/469/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:15:30 GMT
Server: Apache
x-content-digest: enf3554c2120b412f6d4190b347acbd888cd1e073baba53b08edc2923c5be5f192
Age: 9878
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 434
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/widgets/emotion/index/emotionId/467/secret//controllerName/index
141.95.57.33200 OK 1.2 kB URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/467/secret//controllerName/index
IP 141.95.57.33:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (6343), with no line terminators
Hash 0f6f1df501167db12070f098a0e6f97e
2c908d8bb978aa212bacec52825b371cfabe8166
a04c81a68ecbbb9b764a9bbee36580680d1cf397bc32461e3229aad2e52239ef
GET /widgets/emotion/index/emotionId/467/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:15:30 GMT
Server: Apache
x-content-digest: end74ad411a83e9e7c262307eb9b761ed1015f15d6c5ec2fd7169d6fc2d7a61981
Age: 9878
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 1161
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/widgets/emotion/index/emotionId/501/secret//controllerName/index
141.95.57.33200 OK 451 B URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/501/secret//controllerName/index
IP 141.95.57.33:0
File type HTML document, ASCII text, with very long lines (1302), with no line terminators
Hash 2d27314bb8e3af1ff584b6e1355a8eb9
9030f6746cc0be39409d85b3af25d697792ac863
e85b0cf2fc1e664592f8e82da5a1a721b159dd31d18a891a21620725d05447b3
GET /widgets/emotion/index/emotionId/501/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:15:31 GMT
Server: Apache
x-content-digest: en36bf5cb35c7d269dcc61c3f6bca516580c5ac23258c3735d47cfd2ed17a0400d
Age: 9877
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 451
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/widgets/emotion/index/emotionId/410/secret//controllerName/index
141.95.57.33200 OK 1.9 kB URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/410/secret//controllerName/index
IP 141.95.57.33:0
File type Unicode text, UTF-8 text, with very long lines (7267), with no line terminators
Hash c08a6d7ea746b4a2647534f6f1fe26df
92a1347a92ce5d3e0d5027260b426198969ddc39
7a198f4a9244fe8416fee0914d797f84db66c83081aff337dd57007ea4c52982
GET /widgets/emotion/index/emotionId/410/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:27:35 GMT
Server: Apache
x-content-digest: en03bedbaca48f4ded51e9ab8a508869453334df31181bfb00bf5e91227ed1e054
Age: 9153
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 1902
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/widgets/emotion/index/emotionId/470/secret//controllerName/index
141.95.57.33200 OK 2.6 kB URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/470/secret//controllerName/index
IP 141.95.57.33:0
File type HTML document, ASCII text, with very long lines (26083), with no line terminators
Hash 164cc139173548c7a6e44261a9bc6f87
a34df7cc84364720c54a2493edd02722b4723445
87be9661aa6b71db2d0b4a5960e93b5a68d189ac2bd8a622428031c480366b0d
GET /widgets/emotion/index/emotionId/470/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:18:59 GMT
Server: Apache
x-content-digest: en04abcbbd4832d357e5972723e4d368d116c64d8526ffb1131fc2bc21ed097aa0
Age: 9669
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 2636
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.crispbln.com/widgets/emotion/index/emotionId/472/secret//controllerName/index
141.95.57.33200 OK 369 B URL HTTP/1.1 www.crispbln.com/widgets/emotion/index/emotionId/472/secret//controllerName/index
IP 141.95.57.33:0
File type ASCII text, with very long lines (1162), with no line terminators
Hash 05981f523b4cf3ff4f988d9762029a34
03de2c0c1286bb8d67c1947b41026c0bd8a5a750
2cfa62f68b49fc1200677f9673ed4245e088cd96f2ae9929591a82f591703e15
GET /widgets/emotion/index/emotionId/472/secret//controllerName/index HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:15:31 GMT
Server: Apache
x-content-digest: en94c31913a0c1727136441d5ca6883a36cf3a6bf2eb091a0904ece287a72e288e
Age: 9877
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sat, 26-Nov-2022 13:00:08 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Length: 369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
app.trustami.com/widgetapi/widgetapi-multi.php?callback=trustamiWidget.processRequest&profile=59bf8b2653a4992b3d8b4567&user=31ae1621831be5333185d875512bf5e52c480452&platform=0&mode=null&v=0&type=2&pluginType=sw&trCache=1669467607488
144.76.66.83200 OK 1.2 kB URL HTTP/1.1 app.trustami.com/widgetapi/widgetapi-multi.php?callback=trustamiWidget.processRequest&profile=59bf8b2653a4992b3d8b4567&user=31ae1621831be5333185d875512bf5e52c480452&platform=0&mode=null&v=0&type=2&pluginType=sw&trCache=1669467607488
IP 144.76.66.83:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2935), with no line terminators
Hash a3e2ac06a4d358277f3717fec8d46319
fb3249a39c1b007cd8681fcee0f7af9846dbd000
e818545c76ccf4e948adffc3c832e1e23e493c658e9e443c5013e02670aceed3
GET /widgetapi/widgetapi-multi.php?callback=trustamiWidget.processRequest&profile=59bf8b2653a4992b3d8b4567&user=31ae1621831be5333185d875512bf5e52c480452&platform=0&mode=null&v=0&type=2&pluginType=sw&trCache=1669467607488 HTTP/1.1
Host: app.trustami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 13:00:08 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.crispbln.com/csrftoken
141.95.57.33200 OK 0 B URL HTTP/1.1 www.crispbln.com/csrftoken
IP 141.95.57.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csrftoken HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
x-csrf-token: YgnDvOEaWStEnNCyrCT1AMbvThhnEB
Cache-Control: no-cache, private
Set-Cookie: x-cache-context-hash=deleted; expires=Fri, 26-Nov-2021 13:00:07 GMT; Max-Age=0; path=/
nocache=deleted; expires=Fri, 26-Nov-2021 13:00:07 GMT; Max-Age=0; path=/; secure; httponly
Strict-Transport-Security: max-age=63072000;
Content-Length: 0
Vary: Origin
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f119c31e9ab1de7c6e42ee745a683654
ad39a0e387c0ff81cbd11aeeddc6036c3f75789f
12afe561cebb69668a3a46bfaab66ec081f16ec79af3a84aaf2937e905872476
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154136
Date: Sat, 26 Nov 2022 13:00:08 GMT
Etag: "6381b291-1d7"
Expires: Mon, 28 Nov 2022 07:49:04 GMT
Last-Modified: Sat, 26 Nov 2022 06:30:41 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tTlYSgF5Oo3LHqU8di8CMfCLZ7equhW4WCM9uNBVjqLctaKdvgxHAQ==
Age: 4703
www.crispbln.com/media/image/cc/b0/54/crispbln_1667813802_17961753655907051.jpg
141.95.57.33200 OK 249 kB URL HTTP/1.1 www.crispbln.com/media/image/cc/b0/54/crispbln_1667813802_17961753655907051.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1350, components 3\012- data
Size 249 kB (249442 bytes)
Hash 6e5f276b0abcc5ccee88767077ec3dc5
e2c1582aa8608f183feabbda59623c4710dfe815
fbd45894a2073337b0440403f7bf1922483043f98d6c7057426dfff3c9c20e62
GET /media/image/cc/b0/54/crispbln_1667813802_17961753655907051.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 07 Nov 2022 09:36:42 GMT
Accept-Ranges: bytes
Content-Length: 249442
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/71/13/df/crispbln_1667813801_17987885701621186.jpg
141.95.57.33200 OK 176 kB URL HTTP/1.1 www.crispbln.com/media/image/71/13/df/crispbln_1667813801_17987885701621186.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1350, components 3\012- data
Size 176 kB (175463 bytes)
Hash 5bc333622149d87887229d0fcfc22da4
e118ea4acfd99ef9dc865cc3c64e456915cc9c4e
5814ea55d1d7c207ec2bc6ad587a65afc4df04bb5c59d2c00225b1eba6382f38
GET /media/image/71/13/df/crispbln_1667813801_17987885701621186.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 07 Nov 2022 09:36:42 GMT
Accept-Ranges: bytes
Content-Length: 175463
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/db/88/e5/502234_00_600x600.jpg
141.95.57.33200 OK 48 kB URL HTTP/1.1 www.crispbln.com/media/image/db/88/e5/502234_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash b8194b9d159dd1d3cbcfc1d306cad6d2
8fded4b1ec853de0563bc50b64ae8b41ef4e6ad2
e1d5dfe14004f3eda2f88b6f27d8b04067eb6de2e4085cca9669809560656de8
GET /media/image/db/88/e5/502234_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 15 Nov 2022 06:06:42 GMT
Accept-Ranges: bytes
Content-Length: 48383
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/be/7f/02/502186_00_600x600.jpg
141.95.57.33200 OK 54 kB URL HTTP/1.1 www.crispbln.com/media/image/be/7f/02/502186_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash eac4ac17a9c3fa8fe1fe6b5eae7ea465
a5bf838e3c5557685f0184f519c40fb1b45bcdaa
ce9e7054f90971253838f4c4b65c275d97d3382958b6f9d065c9a8a6077afb7f
GET /media/image/be/7f/02/502186_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 15 Nov 2022 06:06:22 GMT
Accept-Ranges: bytes
Content-Length: 53477
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/15/87/dc/crispbln_1668766925_18015093706464121.jpg
141.95.57.33200 OK 615 kB URL HTTP/1.1 www.crispbln.com/media/image/15/87/dc/crispbln_1668766925_18015093706464121.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size 615 kB (614703 bytes)
Hash 535711893a496d46b61ee2c5cbe92bac
561f161705405074912bdd372fea8f2d881746e0
ef5ea10b65b13581b9ecaf29080d785c31fa97af20975f3b940df07d44cd9b2a
GET /media/image/15/87/dc/crispbln_1668766925_18015093706464121.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 18 Nov 2022 10:22:05 GMT
Accept-Ranges: bytes
Content-Length: 614703
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/db/6d/d7/502183_00_600x600.jpg
141.95.57.33200 OK 49 kB URL HTTP/1.1 www.crispbln.com/media/image/db/6d/d7/502183_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 3edfb3cc7124a03da3c1d828503b104a
4d4612ceebc39e898feec5ac355428d8c510d8ee
169eab8f1b8509d846b510b8826bd5cfe3bfb5faa3f119d6a56b7a2305624eb9
GET /media/image/db/6d/d7/502183_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 15 Nov 2022 06:06:16 GMT
Accept-Ranges: bytes
Content-Length: 49064
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/de/c9/5d/501624_00PHlN3Z6cVVWQD_600x600.jpg
141.95.57.33200 OK 52 kB URL HTTP/1.1 www.crispbln.com/media/image/de/c9/5d/501624_00PHlN3Z6cVVWQD_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 609b0ffffb63f7b58d547dad1b78d520
b044586ddac55e47241c9be9c02d6340f1db508e
4840b9a1f10300ee212f0ccd78fc23f2b9b00168da70e43f818eb571771bc37b
GET /media/image/de/c9/5d/501624_00PHlN3Z6cVVWQD_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 11 Nov 2022 14:20:31 GMT
Accept-Ranges: bytes
Content-Length: 51839
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/d5/f3/29/502232_00_600x600.jpg
141.95.57.33200 OK 50 kB URL HTTP/1.1 www.crispbln.com/media/image/d5/f3/29/502232_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 2cb68cbdc977d570f52513b4b4e38dcb
8b6dd5f3914775a1124ecb22de13cc760ea37ddf
8d136fbf074222389b86d95d355da5a8b9b8bf0f4effaaff3a7e5d7e7a94ba42
GET /media/image/d5/f3/29/502232_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 15 Nov 2022 06:06:29 GMT
Accept-Ranges: bytes
Content-Length: 49820
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/57/b1/3d/502243_00_600x600.jpg
141.95.57.33200 OK 57 kB URL HTTP/1.1 www.crispbln.com/media/image/57/b1/3d/502243_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 7795a5d13659ebf96999d6df03f9422a
7abf8a3d85665ffe6e1b88a91be94a0246b22ece
42b9f3a32ecf929805502fc0404ca4fe7c5a2ad17b42185225c0fb93c82eb275
GET /media/image/57/b1/3d/502243_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Thu, 17 Nov 2022 13:50:18 GMT
Accept-Ranges: bytes
Content-Length: 56833
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/b4/77/f3/502233_00_600x600.jpg
141.95.57.33200 OK 49 kB URL HTTP/1.1 www.crispbln.com/media/image/b4/77/f3/502233_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 55a281f757a7fcd6867fc13286da96ca
b7bdcb6b691394d815fc6dbd2d592613e0c8ab73
20033cb770837d319bfcd6b58492a3d5a88c126e5f177f4645ca58390eff33b3
GET /media/image/b4/77/f3/502233_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 15 Nov 2022 06:06:36 GMT
Accept-Ranges: bytes
Content-Length: 49015
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/68/18/2a/502097_00_600x600.jpg
141.95.57.33200 OK 50 kB URL HTTP/1.1 www.crispbln.com/media/image/68/18/2a/502097_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 7bb0339c0cc76045cd527507c22281fe
9ec396fb4aad4c0ba47afbffa5b8846a7244fa0f
25b1892c07b435660c5b29bb0af365818151786f4ec5e6c3e6b4e2a1aa8535be
GET /media/image/68/18/2a/502097_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 11 Nov 2022 14:20:54 GMT
Accept-Ranges: bytes
Content-Length: 50092
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/82/98/aa/502181_00_600x600.jpg
141.95.57.33200 OK 54 kB URL HTTP/1.1 www.crispbln.com/media/image/82/98/aa/502181_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 3189406ef0bf05ae0f9f1a35fcccf457
78f35b16c5061ab802ed8d8ad5b4195974cb21bb
40baf492493069a827612275e1cd93f980e773c9a1beeab659fa59ac393729c1
GET /media/image/82/98/aa/502181_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 11 Nov 2022 14:21:24 GMT
Accept-Ranges: bytes
Content-Length: 53513
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/f6/0a/c1/502225_00_600x600.jpg
141.95.57.33200 OK 52 kB URL HTTP/1.1 www.crispbln.com/media/image/f6/0a/c1/502225_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 00c9d8472821660b60dc4ed8a1d6aa67
d46ca755ceb960ddb214799f6d5396e0ff7d98d5
90769554560c3e14eb5a61d6d789d224cf79dd8a91a6b799b77b75bf6a320104
GET /media/image/f6/0a/c1/502225_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 11 Nov 2022 14:21:39 GMT
Accept-Ranges: bytes
Content-Length: 52245
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/87/e0/b8/crispbln_1667209578_17939984000432169.jpg
141.95.57.33200 OK 400 kB URL HTTP/1.1 www.crispbln.com/media/image/87/e0/b8/crispbln_1667209578_17939984000432169.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1350, components 3\012- data
Size 400 kB (400489 bytes)
Hash 24961b0aa7c925f91760f8e748e70cba
3b71c18bd0522712f08121a91a036f952579e9af
49970c6a4994afa769e35de9e41e74ec27a361baeecd6c8b615e0cb5ff898eca
GET /media/image/87/e0/b8/crispbln_1667209578_17939984000432169.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 31 Oct 2022 09:46:19 GMT
Accept-Ranges: bytes
Content-Length: 400489
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/33/2d/79/crispbln_1667209577_18252199336189080.jpg
141.95.57.33200 OK 184 kB URL HTTP/1.1 www.crispbln.com/media/image/33/2d/79/crispbln_1667209577_18252199336189080.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1350, components 3\012- data
Size 184 kB (183613 bytes)
Hash a4050317f741dc464a51fb04b0549b6d
4d28f71df8a991be6df04acf8e88bb4c3a24f7c0
c1ba450b2aa32c27f3d87a63bd996657d0064f342405b49cf2bd430289136815
GET /media/image/33/2d/79/crispbln_1667209577_18252199336189080.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 31 Oct 2022 09:46:18 GMT
Accept-Ranges: bytes
Content-Length: 183613
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/8d/9b/d1/501649_0061af2739bfd7b_600x600.jpg
141.95.57.33200 OK 52 kB URL HTTP/1.1 www.crispbln.com/media/image/8d/9b/d1/501649_0061af2739bfd7b_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 8fce559962e8befa35a0c90d18a4a7bc
4377e9df182478c332633f8c8feaf5b353a37309
1b44f0b81a389e01675cf4c2e7fe174369f1ca807741faa17290c5e3144bfd42
GET /media/image/8d/9b/d1/501649_0061af2739bfd7b_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 07 Dec 2021 09:19:53 GMT
Accept-Ranges: bytes
Content-Length: 52159
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/ca/d9/5e/59702_00_600x600.jpg
141.95.57.33200 OK 41 kB URL HTTP/1.1 www.crispbln.com/media/image/ca/d9/5e/59702_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 429c575c5126ea8930deab4fb3c5bc75
dcd97884ff8febce0985564d244a85c1fbb7e86e
b015e0239e94399161822f19d815bc618bda239f074007b9f07189fa0989033d
GET /media/image/ca/d9/5e/59702_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 04 Dec 2018 14:53:38 GMT
Accept-Ranges: bytes
Content-Length: 41000
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/72/ff/25/501709_00_600x600.jpg
141.95.57.33200 OK 38 kB URL HTTP/1.1 www.crispbln.com/media/image/72/ff/25/501709_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash d555ed58f6de6154d4338c7a7fd9669e
7e0b13f8b5f6e9defcb5480d49032a9a549dd25b
1a3352ec62e33e40256a48c4ffe5809c2175f54d94520f5dab4f6944bd5c475e
GET /media/image/72/ff/25/501709_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Mon, 07 Feb 2022 09:28:41 GMT
Accept-Ranges: bytes
Content-Length: 38529
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/3e/6b/43/501485_00_600x600.jpg
141.95.57.33200 OK 58 kB URL HTTP/1.1 www.crispbln.com/media/image/3e/6b/43/501485_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash f7cb77ffce296099e5724f503f81347d
b124062ae2c710af36fb4262512d2c5fbeb019c4
5e2500f4cf95e1c22224d610f079ca3d6f4cf6adc3fab6d27c189fc21b50fa75
GET /media/image/3e/6b/43/501485_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 20 Aug 2021 11:24:12 GMT
Accept-Ranges: bytes
Content-Length: 57643
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/d6/71/24/502062_00_600x600.jpg
141.95.57.33200 OK 46 kB URL HTTP/1.1 www.crispbln.com/media/image/d6/71/24/502062_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 435dfaeabfb75836e91ef38307bc5da7
10a5064d9dafa2b981878fa69d404ff6b82a970b
95c4dc28668fd1e3ba294642182c804a538dba41b5e5d1f64f0125a4bfcf3a7b
GET /media/image/d6/71/24/502062_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Wed, 31 Aug 2022 13:29:12 GMT
Accept-Ranges: bytes
Content-Length: 45837
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/89/6d/19/501686_00_600x600.jpg
141.95.57.33200 OK 35 kB URL HTTP/1.1 www.crispbln.com/media/image/89/6d/19/501686_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 1e16f1ee87ac2d164c910472e3ab612e
326eaa1f28e2e119cfe2cba5f9f0cffcbda55afa
b420197cdbf8803011439ef57b609a3e85c6544525f0a619cdd3ed6ec027843d
GET /media/image/89/6d/19/501686_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Thu, 13 Jan 2022 11:58:36 GMT
Accept-Ranges: bytes
Content-Length: 35117
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/00/da/59/501339_00_600x600.jpg
141.95.57.33200 OK 64 kB URL HTTP/1.1 www.crispbln.com/media/image/00/da/59/501339_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash aef5e2dd728f7abc6b3675d0f47baffc
da638fd51ca30ef6ff39cf83c1cf58feff5a7802
05803bb567d261744835aa235f9bf669fd35959aa52fa00b7ebd6a52221ec466
GET /media/image/00/da/59/501339_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 20 Apr 2021 06:55:38 GMT
Accept-Ranges: bytes
Content-Length: 63808
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/ed/31/cf/501577_00_600x600.jpg
141.95.57.33200 OK 58 kB URL HTTP/1.1 www.crispbln.com/media/image/ed/31/cf/501577_00_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash 91e1d7b8062c9ba1cc20161a266fc36b
b02d86328c80df5a0f19b57c645cdfa3c2f02134
525a8198b51da1077fc5e384e31586a58621fd81be8563fd26abcccd27add01d
GET /media/image/ed/31/cf/501577_00_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Fri, 24 Sep 2021 07:06:20 GMT
Accept-Ranges: bytes
Content-Length: 57929
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.crispbln.com/media/image/c0/68/44/501673_0061af26fbd4f2d_600x600.jpg
141.95.57.33200 OK 60 kB URL HTTP/1.1 www.crispbln.com/media/image/c0/68/44/501673_0061af26fbd4f2d_600x600.jpg
IP 141.95.57.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x600, components 3\012- data
Hash c1f039a3961cc6e6fa1f34e91d3fc700
8502e479de7dd7162502ab1cf30bb206df78924b
df2b9e839970ecbcd0cd842e6434aef3b717d50a898f61722c4405b6912a1745
GET /media/image/c0/68/44/501673_0061af26fbd4f2d_600x600.jpg HTTP/1.1
Host: www.crispbln.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
Cookie: session-2=g860gvs7dgfqakhab5jb1s9k9k; __CK__WG__=13633_192821_16694676072845_a9b1a0348d; wwwcrispblncom-mnd-fb-pixel=optout
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:08 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000;
Last-Modified: Tue, 07 Dec 2021 09:18:52 GMT
Accept-Ranges: bytes
Content-Length: 59607
Vary: Origin
X-Frame-Options: SAMEORIGIN
Cache-Control: public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 12:41:08 GMT
expires: Sat, 26 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 1141
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/xxx/?random=1669467607496&cv=11&fst=1669467607496&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&rfmt=3&fmt=4
142.250.74.98200 OK 980 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/xxx/?random=1669467607496&cv=11&fst=1669467607496&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2157), with no line terminators
Hash 059d5a294945a8b32089666496fe46f7
23f99721c4de708877b151460ac8de43bb339e31
f9ec521e41f44f139e13f32034a1a62d71fe8ea85b37289b58437127313b6b15
GET /pagead/viewthroughconversion/xxx/?random=1669467607496&cv=11&fst=1669467607496&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 13:00:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 980
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 13:15:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/xxx/?random=1669467607496&cv=11&fst=1669467600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&fmt=3&is_vtc=1&random=1464596282&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/xxx/?random=1669467607496&cv=11&fst=1669467600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&fmt=3&is_vtc=1&random=1464596282&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/xxx/?random=1669467607496&cv=11&fst=1669467600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&fmt=3&is_vtc=1&random=1464596282&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 13:00:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/xxx/?random=1669467607496&cv=11&fst=1669467600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&fmt=3&is_vtc=1&random=1464596282&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/xxx/?random=1669467607496&cv=11&fst=1669467600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&fmt=3&is_vtc=1&random=1464596282&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/xxx/?random=1669467607496&cv=11&fst=1669467600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xxx&frm=0&url=https%3A%2F%2Fwww.crispbln.com%2F%3Fwgu%3D13633_192821_16694676072845_a9b1a0348d%26wgexpiry%3D1701003607%26source%3Dwebgains%26siteid%3D192821&tiba=Sneaker%20Store%20im%20Herzen%20Berlins%20%26%20Sneaker%20Onlineshop%20%7C%20CRISP%20BLN&fmt=3&is_vtc=1&random=1464596282&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 13:00:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111466338-1&cid=1939931291.1669467608&jid=1501621245&gjid=1771927527&_gid=1511567596.1669467608&_u=aGBAgEALAAAAAEAMI~&z=278314862
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111466338-1&cid=1939931291.1669467608&jid=1501621245&gjid=1771927527&_gid=1511567596.1669467608&_u=aGBAgEALAAAAAEAMI~&z=278314862
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111466338-1&cid=1939931291.1669467608&jid=1501621245&gjid=1771927527&_gid=1511567596.1669467608&_u=aGBAgEALAAAAAEAMI~&z=278314862 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.crispbln.com
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.crispbln.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 13:00:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.webgains.io/tracking-event
3.11.196.201204 No Content 0 B URL HTTP/2 api.webgains.io/tracking-event
IP 3.11.196.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tracking-event HTTP/1.1
Host: api.webgains.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.crispbln.com/
Origin: https://www.crispbln.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 13:00:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
X-Firefox-Spdy: h2
widgets.trustedshops.com/assets/images/trustmark_120x120.png
143.204.55.72200 OK 8.2 kB URL HTTP/2 widgets.trustedshops.com/assets/images/trustmark_120x120.png
IP 143.204.55.72:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash d85f5c61a2d1e39cf0301c6a0779fc61
6bb2398b8c6cfeeb9e587e6c2da1d7c42ff72796
45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a
GET /assets/images/trustmark_120x120.png HTTP/1.1
Host: widgets.trustedshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8208
last-modified: Mon, 31 Oct 2022 13:43:56 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 26 Nov 2022 12:15:13 GMT
cache-control: max-age=3600
etag: "d85f5c61a2d1e39cf0301c6a0779fc61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dgfG6Mb8NOKMq5tBpSgKOHoDeNje0K-vYORrQ6Sd9InZCZWfdPLNGg==
age: 2697
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1232
Cache-Control: max-age=118986
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Etag: "638136d3-138"
Expires: Sun, 27 Nov 2022 22:03:15 GMT
Last-Modified: Fri, 25 Nov 2022 21:42:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e221c48ca23d0627cfc0cd7907f5bee1
b3f3af6074a05d3bddf023bd5dbbf88bb8d5686e
b91f260251b5c2f217f96a3b79f7e32ccfe843d5e9919664153e07802f55026a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6068
Cache-Control: max-age=172066
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Etag: "6381f347-139"
Expires: Mon, 28 Nov 2022 12:47:55 GMT
Last-Modified: Sat, 26 Nov 2022 11:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2f430e776295c8a092ddc55a2884da0a
e3f281f24cba695cffbadec33c5e84345cb85197
0b3dae016bcce1949ee52c22d6082e9a8e5477bf307cd629c45a55bbdd55f05b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Last-Modified: Sat, 26 Nov 2022 11:20:37 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?topUrl=www.crispbln.com&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.crispbln.com&origin=onetag
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?topUrl=www.crispbln.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=94e69119-78ba-401c-ab53-bffbdc085a94; expires=Thu, 21 Dec 2023 13:00:08 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 538994
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 14 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
Hash 25c8eab25d911435d777b377188c40ac
374d733423cd23dd4f729166c55fbd4ae2700e51
c9ad570addf7a8134c3c345a0ec7073d138d1910fe3c71eeeb613a5ee43ffad5
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Sun, 27 Nov 2022 13:00:09 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ff560baeb6bc6d7906a8853513f84137
0972af7b02c7cca877f685229665931cb760d759
872744168a0fbb4c3b4b462fa44bc28d26128efcca87e5b8415dfd5d5dab8123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 986
Cache-Control: max-age=163038
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:09 GMT
Etag: "6381e3dd-13a"
Expires: Mon, 28 Nov 2022 10:17:27 GMT
Last-Modified: Sat, 26 Nov 2022 10:01:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60258dcaa6d9afc4bfb6d21a63a592db
76d29d03caffd13932dc90bcda32c7955ef6a411
ec5c9a0eafdf97b91c622ef8faf15158fb10fee1bc4db145833feefbfdd81b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC5C9A0EAFDF97B91C622EF8FAF15158FB10FEE1BC4DB145833FEEFBFDD81B2C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12160
Expires: Sat, 26 Nov 2022 16:22:50 GMT
Date: Sat, 26 Nov 2022 13:00:10 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-hGSKXyjMFgTkuzRdlD6g7u-ray3jR8LecLLAbA
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-hGSKXyjMFgTkuzRdlD6g7u-ray3jR8LecLLAbA
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-hGSKXyjMFgTkuzRdlD6g7u-ray3jR8LecLLAbA HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60258dcaa6d9afc4bfb6d21a63a592db
76d29d03caffd13932dc90bcda32c7955ef6a411
ec5c9a0eafdf97b91c622ef8faf15158fb10fee1bc4db145833feefbfdd81b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC5C9A0EAFDF97B91C622EF8FAF15158FB10FEE1BC4DB145833FEEFBFDD81B2C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12160
Expires: Sat, 26 Nov 2022 16:22:50 GMT
Date: Sat, 26 Nov 2022 13:00:10 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7e9dc592aba1346b475dd38695b75abf
408e89fc62d168abadd3370d878dd38c469c0565
9c5ec32ccaad1467bc839a688f81e1308bf93535a9c02e8d3918be6b90f09dca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148182
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6381a1a3-1d7"
Expires: Mon, 28 Nov 2022 06:09:52 GMT
Last-Modified: Sat, 26 Nov 2022 05:18:27 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FlBHYGdP5dNHUylGZ4EH2qsfupRGfoUjyzBILC89nEdvD1uAB-z6wQ==
Age: 3085
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3608c7c38d0749d554708b2268d3a0a
b1ee77bcb5a88c3af3248768ea0c2c03fe9fe063
72d5970ce0bbf7abdc8dac8186b5bdf58e80d2fb968590086d9f18c21fd0eeeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=119989
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "63812a46-117"
Expires: Sun, 27 Nov 2022 22:19:59 GMT
Last-Modified: Fri, 25 Nov 2022 20:49:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:09 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 899215
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-QkeCCijMFgTkuzRdlD6g7u-ray3hbVwiE50PUw
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-QkeCCijMFgTkuzRdlD6g7u-ray3hbVwiE50PUw
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-QkeCCijMFgTkuzRdlD6g7u-ray3hbVwiE50PUw HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3124692103580258000V10; Expires=Sun, 26 Nov 2023 13:00:10 GMT; domain=.media.net; Path=/;
data-c-ts=1669467610;Expires=Mon, 26 Dec 2022 13:00:10 GMT;path=/;domain=.media.net;
data-c=k-QkeCCijMFgTkuzRdlD6g7u-ray3hbVwiE50PUw~~3;Expires=Mon, 26 Dec 2022 13:00:10 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sat, 26 Nov 2022 13:00:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 26 Nov 2022 13:00:10 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ
172.217.21.162302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d1f45f37092d0cb11265416864e71a4f
4e8cdd8817d5503f85cc36824d3b6a361b333067
f43f026c95cd4d9e7956a9db13ef5e96a684e9e662c82b0992a36e6459932dd3
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm=&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ&google_tc=
date: Sat, 26 Nov 2022 13:00:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 13:15:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:10 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA&C=1
cf-ray: 7702ce34ff041c02-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4IN2g.FGOAPf3ffDd7DOAAA; Path=/; Domain=casalemedia.com; Expires=Sun, 26 Nov 2023 13:00:10 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=663; Path=/; Domain=casalemedia.com; Expires=Fri, 24 Feb 2023 13:00:10 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=663; Path=/; Domain=casalemedia.com; Expires=Fri, 24 Feb 2023 13:00:10 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ThHaDDVXSa%2BKVPUraZ80gGnPD0eD%2BDFnfeZ17Ebq2n8m%2F%2B7rlgVIPuaqvt4Skm%2FUkvVSdo8azAdBP17W6tBCpCfAq%2Fx4A59CNwEBKJvJOoDZvDkqmmfuDmndLENJjx2Axa%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash a3db7fbb082f801e5d494c3c664653b3
aab20bfebd6fc2952944ec254d5382ea50548289
1322160bb6bc3616fadd5c6e0e8a6aded51aac827d253372554bfc9c6591aaf1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4494
Cache-Control: max-age=101364
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6380e540-13a"
Expires: Sun, 27 Nov 2022 17:09:34 GMT
Last-Modified: Fri, 25 Nov 2022 15:54:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm=&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ&google_tc=
172.217.21.162302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm=&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ&google_tc=
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e8b59ab6e72e0dfda13c5911530148ea
bfc9d2e3c581cf726c9ba3dec2c013c366153085
a70bc623f403b0dd148fa96157d772f1750d274f471f5a8f4e9ad0b4d085596f
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_cm=&google_hm=ay0wVHZvX3lqTUZnVGt1elJkbEQ2Zzd1LXJheTIydy0ta1gyUU9zQQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_error=3
date: Sat, 26 Nov 2022 13:00:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
37.252.171.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 26 Nov 2022 13:00:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 562d3c28-704b-402a-b7ec-fd1663389e8f
Set-Cookie: uuid2=8547600151034875268; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 24-Feb-2023 13:00:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-anCJRCjMFgTkuzRdlD6g7u-ray1qSu_vlUQDYg
185.86.137.131200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-anCJRCjMFgTkuzRdlD6g7u-ray1qSu_vlUQDYg
IP 185.86.137.131:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-anCJRCjMFgTkuzRdlD6g7u-ray1qSu_vlUQDYg HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sat, 26 Nov 2022 13:00:09 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=6850860144776809518; expires=Tue, 26 Dec 2023 13:00:10 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 26 Dec 2023 13:00:10 GMT; domain=smartadserver.com; path=/
csync=79:k-anCJRCjMFgTkuzRdlD6g7u-ray1qSu_vlUQDYg; expires=Sun, 26 Nov 2023 13:00:10 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-rzLdqCjMFgTkuzRdlD6g7u-ray2lb9eyMcn4HA&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
content-length: 43
cf-ray: 7702ce354f811c02-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGxLkEcCacVjoFpPtu%2FtFrrS1gempgmKJInwoNRchwATNnbvsMMlu8mkpSeB2D%2BNIl5YJOYuVsjJTNtb5uGkeTUcJ43QqEqbfJU%2BM6s1Bkhs02X9jTUqRxPSl7w3GymsJnoh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-vt4tMyjMFgTkuzRdlD6g7u-ray3kP6CgHX0BsA
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-vt4tMyjMFgTkuzRdlD6g7u-ray3kP6CgHX0BsA
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-vt4tMyjMFgTkuzRdlD6g7u-ray3kP6CgHX0BsA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sat, 26 Nov 2022 13:00:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 26 Nov 2022 13:00:10 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 03196688ecacd6edc6139519890852b0
73d8fdb58a4df90b5858c3c338f1ac40befc06e0
6a8c70040024563bfdafbd076537d58762414d32d1714b3adb4d2d5e2990a6de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132030
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "63815fbf-1d7"
Expires: Mon, 28 Nov 2022 01:40:40 GMT
Last-Modified: Sat, 26 Nov 2022 00:37:19 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yzDFb5ZKeO90YhXknVOrAI24u0j-nDqGUS4pp730F1-uyibJNizc-Q==
Age: 3801
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9833a8d06446deb9b455938cf04fcdfa
6c561e1d1d6ae7d2ff2cdef2026d35136c501f0a
2b911aef88711257cbc14e3bb63f6a749c0b2a0f24cc5ac8e7e23095bed2bf1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 721
Cache-Control: max-age=130729
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "638166b2-1d7"
Expires: Mon, 28 Nov 2022 01:18:59 GMT
Last-Modified: Sat, 26 Nov 2022 01:06:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg
18.185.226.213302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg
IP 18.185.226.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg
set-cookie: tuuid=2f32df57-c073-4949-a01e-13b7c3bb3759; Expires=Fri, 24 Feb 2023 13:00:10 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1669467610; Expires=Fri, 24 Feb 2023 13:00:10 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3608c7c38d0749d554708b2268d3a0a
b1ee77bcb5a88c3af3248768ea0c2c03fe9fe063
72d5970ce0bbf7abdc8dac8186b5bdf58e80d2fb968590086d9f18c21fd0eeeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=119989
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "63812a46-117"
Expires: Sun, 27 Nov 2022 22:19:59 GMT
Last-Modified: Fri, 25 Nov 2022 20:49:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-DLrUPCjMFgTkuzRdlD6g7u-ray3TQcppQPekTA&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-DLrUPCjMFgTkuzRdlD6g7u-ray3TQcppQPekTA&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-DLrUPCjMFgTkuzRdlD6g7u-ray3TQcppQPekTA&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
Content-Type: image/gif
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
37.252.171.84302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 26 Nov 2022 13:00:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: c2b0f287-39ff-4c07-8b60-e7d71fd220be
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg
18.185.226.213200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg
IP 18.185.226.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-cPkSeijMFgTkuzRdlD6g7u-ray0T13a1tvatDg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d9982c4a878719ddada7e301fb40eca
b088389e7b4dca42ef7391324d6ebc7fc7d8e796
64dbc2a8bcfd6e778293004e63430dc61138124ce7a82e564d9bde62e90b5a60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Last-Modified: Sat, 26 Nov 2022 11:15:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c8551591e515d9029e8c9a29804eecb
1298f0c1b78880a93b57d06eeecddc8f668208b9
87bd2ac1ed0fcd041651ce64766499da60cc349352b42f5bf28ace8ef647a72a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 01:56:51 GMT
Expires: Sat, 03 Dec 2022 01:56:50 GMT
Etag: "1298f0c1b78880a93b57d06eeecddc8f668208b9"
Cache-Control: max-age=564399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702ce353ed7b523-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash caa4af10eea9c1cc9e4bd81803697fd1
a27d5ec90d031d7a5aad439939be3fcb0b3e23c4
d448510b3df08d4d877f7a7def8e8334a58d861e603737cac3faa162ac4b52ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6528
Cache-Control: max-age=100866
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6380db5c-1d7"
Expires: Sun, 27 Nov 2022 17:01:16 GMT
Last-Modified: Fri, 25 Nov 2022 15:12:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aeb988bac72da6e2a2506d5f766a3056
40990f178cd4f75913b8ff5396af457ac9b561f1
18d43a14dece260c7071f7c854ff096c9531dfdfc03d2e8941d762681cde72bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5092
Cache-Control: max-age=98352
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6380d727-1d7"
Expires: Sun, 27 Nov 2022 16:19:22 GMT
Last-Modified: Fri, 25 Nov 2022 14:54:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30
52.28.76.191302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30
IP 52.28.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=20cec519-bc34-4c57-a084-e1a9b51fd79a; path=/; expires=Sun, 26-Nov-2023 13:00:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669467610; path=/; expires=Sun, 26-Nov-2023 13:00:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669467610; path=/; expires=Sun, 26-Nov-2023 13:00:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669467610; path=/; expires=Sun, 26-Nov-2023 13:00:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
3.248.130.194302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 3.248.130.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-017ef7714.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=80347797551235243771846353729154972310; Max-Age=15552000; Expires=Thu, 25 May 2023 13:00:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: i8J/CBKCQBw=
Content-Length: 0
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-LWlxSyjMFgTkuzRdlD6g7u-ray3JEzTi2yKGTA
37.157.3.28200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-LWlxSyjMFgTkuzRdlD6g7u-ray3JEzTi2yKGTA
IP 37.157.3.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-LWlxSyjMFgTkuzRdlD6g7u-ray3JEzTi2yKGTA HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 17 Apr 2019 14:00:27 GMT
etag: "5cb7317b-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:10 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNoNgmMCED-unSsjC2dIEKi9uPgFKAwFEgEBAQFfg2OLYwAAAAAA_eMAAA&S=AQAAApAU6xiPz3OnKwHhL2FnW7Q; Expires=Sun, 26 Nov 2023 19:00:10 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a01ea4b2c4fbc74e37cf85a5c8d0edd5
c3ab62121f7320f1f90a986143a0bcffe7123329
bc4a105f5fa68a51c7e8491c57887903856055727cc5b6fc64afb6c686b84775
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC4A105F5FA68A51C7E8491C57887903856055727CC5B6FC64AFB6C686B84775"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13873
Expires: Sat, 26 Nov 2022 16:51:23 GMT
Date: Sat, 26 Nov 2022 13:00:10 GMT
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30
52.28.76.191200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30
IP 52.28.76.191:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-xMtkdijMFgTkuzRdlD6g7u-ray1iv5DLayBgpw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3c49e689c34b9390c24cb4d29c134c88
092b6bc08745ae4842dc56d81e4dc1f5b5b5835c
814bb5c1e2e8579e861849ec6b2889eac79a87da651c433b0773862460fc6f4b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92056
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6380bc9d-1d7"
Expires: Sun, 27 Nov 2022 14:34:26 GMT
Last-Modified: Fri, 25 Nov 2022 13:01:17 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lTUULgP-llTzu1TI7_dDx0NmOWXnlQEWY3bcsvvRNC409WIoRv9RDg==
Age: 5589
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1a05b0b8812c894b56cd8dad83d15702
9256eced3d878a58f6e5cd99eaef24a312e43d5b
7bd6436c53dc22deaedc8fcbb678a619b472c089c1d343dd887811e3088120d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4711
Cache-Control: max-age=165291
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6381de1e-1d7"
Expires: Mon, 28 Nov 2022 10:55:01 GMT
Last-Modified: Sat, 26 Nov 2022 09:36:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fef181349a0dd9c4320c1fe7bbdce92b
338f720af51516010986d28d5b450f5fee08ad39
bb671ecb45dbfcd9216e90c5fa89ab966468b5979d091f62f4299185b314108d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:11:52 GMT
Expires: Wed, 30 Nov 2022 03:11:51 GMT
Etag: "338f720af51516010986d28d5b450f5fee08ad39"
Cache-Control: max-age=309700,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702ce36a86eb523-OSL
id5-sync.com/s/966/9.gif?puid=k-BzuB9yjMFgTkuzRdlD6g7u-ray2TpHLo2nmC0w
162.19.138.119200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-BzuB9yjMFgTkuzRdlD6g7u-ray2TpHLo2nmC0w
IP 162.19.138.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-BzuB9yjMFgTkuzRdlD6g7u-ray2TpHLo2nmC0w HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sat, 26-Nov-2022 13:05:10 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sat, 26-Nov-2022 13:05:10 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sat, 26-Nov-2022 13:05:10 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sat, 26-Nov-2022 13:05:10 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sat, 26-Nov-2022 13:05:10 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sat, 26-Nov-2022 13:05:10 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sat, 26 Nov 2022 13:00:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-WFHa-CjMFgTkuzRdlD6g7u-ray1h2BBnHD70zg&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 13:00:10 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNoNgmMCEJfBUnqYN4_uaeaySx_D7XoFEgEBAQFfg2OLYwAAAAAA_eMAAA&S=AQAAAm8UIH2VWLIH-vlpMZGvE5s; Expires=Sun, 26 Nov 2023 19:00:10 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-mQXlpCjMFgTkuzRdlD6g7u-ray1bwiCFtwFDPA
23.61.208.154204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-mQXlpCjMFgTkuzRdlD6g7u-ray1bwiCFtwFDPA
IP 23.61.208.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-mQXlpCjMFgTkuzRdlD6g7u-ray1bwiCFtwFDPA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Fri, 25 Nov 2022 13:00:10 GMT
Date: Sat, 26 Nov 2022 13:00:10 GMT
Connection: keep-alive
Set-Cookie: id=a68767fa-967a-4736-9798-28b22e5451e5; Path=/; Domain=yieldlab.net; Expires=Sun, 26-Nov-2023 13:00:10 GMT; Max-Age=31536000; Secure; SameSite=None
eb2.3lift.com/xuid?mid=2711&xuid=k-VrJDMCjMFgTkuzRdlD6g7u-ray2NBpB-1Mbfjg&dongle=013b
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-VrJDMCjMFgTkuzRdlD6g7u-ray2NBpB-1Mbfjg&dongle=013b
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-VrJDMCjMFgTkuzRdlD6g7u-ray2NBpB-1Mbfjg&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
3.248.130.194200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 3.248.130.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Zau1QDz0Soc=
Content-Length: 59
Connection: keep-alive
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-iro9ZijMFgTkuzRdlD6g7u-ray0Do2wSJ8bGew
185.64.189.110502 Bad Gateway 166 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-iro9ZijMFgTkuzRdlD6g7u-ray0Do2wSJ8bGew
IP 185.64.189.110:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 261b1f079fa0a5c0c32d181e43440c05
300ee04911225728b015abd82d7ca5f43f999b79
c79255f6cb550eaa07d6e90d859b8c1abe81658115ae8175e74b67ac22c7ed87
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-iro9ZijMFgTkuzRdlD6g7u-ray0Do2wSJ8bGew HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
server: nginx
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: text/html; charset=UTF-8
content-length: 166
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-csfM7ijMFgTkuzRdlD6g7u-ray1orpKyxz0LcQ
64.202.112.159200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-csfM7ijMFgTkuzRdlD6g7u-ray1orpKyxz0LcQ
IP 64.202.112.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-csfM7ijMFgTkuzRdlD6g7u-ray1orpKyxz0LcQ HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:00:10 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 393d5ff944947acea53f071237ceccf4
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:10 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 849402
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a748f881d7773ad5eba59aabe2151f4c
d65cde092f45ba249f083d9f89d88e2449268b2d
8984dd5bd1a179f29b57ec4f72388c17b24e670e91189d5d70ccd0f3c12875f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147998
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "63819d7d-1d7"
Expires: Mon, 28 Nov 2022 06:06:48 GMT
Last-Modified: Sat, 26 Nov 2022 05:00:45 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PqT4xN9BojsEKvH_DRRoiMQ3LAHaeC0uGGineI_hprAQRpd9etHPKg==
Age: 3963
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iXItfijMFgTkuzRdlD6g7u-ray1YHa8J6TDOOw
35.157.236.74204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iXItfijMFgTkuzRdlD6g7u-ray1YHa8J6TDOOw
IP 35.157.236.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iXItfijMFgTkuzRdlD6g7u-ray1YHa8J6TDOOw HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 13:00:10 GMT
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k--zBKRyjMFgTkuzRdlD6g7u-ray3_gk1nlk9moQ
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k--zBKRyjMFgTkuzRdlD6g7u-ray3_gk1nlk9moQ
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k--zBKRyjMFgTkuzRdlD6g7u-ray3_gk1nlk9moQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=e522a72b36b42eaeee8a9f8a13c0832f; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 13:00:10 GMT
content-length: 49
x-envoy-upstream-service-time: 42
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash b187c41800599d96d74369f76d2b18dc
5b5e6596f645227eea8a9245c611e258ac1459bd
89287bfaad7fa23f2e1ff213b4b99f2f05529bc734ee5f0392476f6f3f6e4165
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170335
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "63820006-1d7"
Expires: Mon, 28 Nov 2022 12:19:05 GMT
Last-Modified: Sat, 26 Nov 2022 12:01:10 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Xj8K7u4ZvWpZd-xajDq69cR8SiIqC2V7nqi53FhFtDMb5OkRWnUhvw==
Age: 1075
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d105310171fc11d10c09db8518895e69
93b6ff8db5f654a191bca5e15803cb8d5809069a
d2e5c335bd17f55a22bae5c36c642484342314f4a7c1d52eb7bb14be83c83285
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104277
Date: Sat, 26 Nov 2022 13:00:10 GMT
Etag: "6380f7a4-1d7"
Expires: Sun, 27 Nov 2022 17:58:07 GMT
Last-Modified: Fri, 25 Nov 2022 17:13:08 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q5Ua3Nw10AXifc1_vrUBMUezSOdZKXTMDTos8hnjr3pweOCJMqiFBw==
Age: 2699
sync-criteo.ads.yieldmo.com/sync?id=k-y9Lz7SjMFgTkuzRdlD6g7u-ray0qyaFtT59oBg&pn_id=criteo&ext=1
52.17.209.100200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-y9Lz7SjMFgTkuzRdlD6g7u-ray0qyaFtT59oBg&pn_id=criteo&ext=1
IP 52.17.209.100:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-y9Lz7SjMFgTkuzRdlD6g7u-ray0qyaFtT59oBg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g902cbf777ea1aa37f34%7C1669467610845%7C0%7C; Domain=.yieldmo.com; Expires=Sun, 26-Nov-2023 13:00:10 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-y9Lz7SjMFgTkuzRdlD6g7u-ray0qyaFtT59oBg; Domain=ads.yieldmo.com; Expires=Sun, 26-Nov-2023 13:00:10 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 91cb3b84a550abfc9a8db3131cb6840d
f9e7decdcc40b3c03e9a4cd18b6b9426c1a1fa7f
6b5aff27c1f9f0c1299180b666fc8bd00a0f4a9fa68386fa6c885ba3f15b9ffb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5485
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:00:10 GMT
Last-Modified: Sat, 26 Nov 2022 11:28:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.209.49.216204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.209.49.216:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 13:00:10 GMT
set-cookie: _kuid_=PONB6e2K; Expires=Thu, 25-May-23 13:00:10 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n002-dub-prod.krxd.net
x-request-time: D=43 t=1669467610
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:10 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 610972
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 8095b9e80d1a5bb91524e6fab43ea37c
10247e5664ca450b6013d90d34176e35d0038443
41891408e35812026d2691e0987320732442252da16625cdfd64e381d980c05a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "41891408E35812026D2691E0987320732442252DA16625CDFD64E381D980C05A"
Last-Modified: Sat, 26 Nov 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1408
Expires: Sat, 26 Nov 2022 13:23:39 GMT
Date: Sat, 26 Nov 2022 13:00:11 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.18.206.73200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.18.206.73:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:11 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 42ea7710-6d8a-11ed-8b71-0000ac170031
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-yhnJ_SjMFgTkuzRdlD6g7u-ray3cTQna1mBbm5ePFFgzrrlg
3.71.169.66204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-yhnJ_SjMFgTkuzRdlD6g7u-ray3cTQna1mBbm5ePFFgzrrlg
IP 3.71.169.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-yhnJ_SjMFgTkuzRdlD6g7u-ray3cTQna1mBbm5ePFFgzrrlg HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sat, 26 Nov 2022 13:00:11 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 03396c0dbbf7ff9934dd718fe7a5b6e4
b79cf64dbda945ab0e6640137421c22f55bc0283
80e3553db296aca10867ff19855d80bee6268a3da21253515716b1b0f6cda51f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 13:00:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 06:34:17 GMT
Expires: Sun, 27 Nov 2022 06:34:17 GMT
ETag: "b79cf64dbda945ab0e6640137421c22f55bc0283"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-F1KZtyjMFgTkuzRdlD6g7u-ray0PgvnF0ko2jV1pVxUjaAdN
52.57.252.14200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-F1KZtyjMFgTkuzRdlD6g7u-ray0PgvnF0ko2jV1pVxUjaAdN
IP 52.57.252.14:0
GET /usersync/push?partner=criteo&partnerId=k-F1KZtyjMFgTkuzRdlD6g7u-ray0PgvnF0ko2jV1pVxUjaAdN HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22424dc1e0-6d8a-11ed-bced-fdb9dfd646ea%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 10 Dec 2022 13:00:10 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22424dc1e0-6d8a-11ed-bced-fdb9dfd646ea%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 10 Dec 2022 13:00:10 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22424dc1e0-6d8a-11ed-bced-fdb9dfd646ea%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 10 Dec 2022 13:00:10 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22424dc1e0-6d8a-11ed-bced-fdb9dfd646ea%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 10 Dec 2022 13:00:10 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-F1KZtyjMFgTkuzRdlD6g7u-ray0PgvnF0ko2jV1pVxUjaAdN%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sat, 10 Dec 2022 13:00:10 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=HZlrZl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czF0UjQlMkZDZiUyQjY2RU1sVVZub213UzlUV0dUZ0pGN0xmVGhwcEhLRWFNaGolMkY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=O-WAWF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czF0UjQlMkZDZiUyQjY2RU1sVVZub213UzlTT0lNcW9WanYyOFdrNEViWGRqZ1dK; expires=Thu, 21 Dec 2023 13:00:09 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 166221
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.5200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.5:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 60824
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0Tvo_yjMFgTkuzRdlD6g7u-ray22w--kX2QOsA&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 357241
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-4LsnjyjMFgTkuzRdlD6g7u-ray34l4_8srXTDA
3.208.157.225200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-4LsnjyjMFgTkuzRdlD6g7u-ray34l4_8srXTDA
IP 3.208.157.225:0
GET /sync?UICR=k-4LsnjyjMFgTkuzRdlD6g7u-ray34l4_8srXTDA HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:10 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
widgets.trustedshops.com/assets/trustbadge.js
143.204.55.72200 OK 0 B URL HTTP/2 widgets.trustedshops.com/assets/trustbadge.js
IP 143.204.55.72:0
GET /assets/trustbadge.js HTTP/1.1
Host: widgets.trustedshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 13:43:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 26 Nov 2022 12:12:33 GMT
cache-control: max-age=3600
etag: W/"e4b54a7cf2e70224be109de713bf6141"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OTC_P2Lp51iI06HdwhYl66OWQ6qEB088KFGiLQxVTp81QRVQphwRaQ==
age: 2857
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.80200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.80:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 95836
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
track.webgains.com/click.html?wgcampaignid=192821&wgprogramid=13633&clickref=221126621687a7fa8b5123&wgtarget=http%3A%2F%2Fcrispbln.com
13.41.118.175302 Found 0 B URL HTTP/2 track.webgains.com/click.html?wgcampaignid=192821&wgprogramid=13633&clickref=221126621687a7fa8b5123&wgtarget=http%3A%2F%2Fcrispbln.com
IP 13.41.118.175:0
GET /click.html?wgcampaignid=192821&wgprogramid=13633&clickref=221126621687a7fa8b5123&wgtarget=http%3A%2F%2Fcrispbln.com HTTP/1.1
Host: track.webgains.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.brandreward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 13:00:07 GMT
content-type: text/html; charset=UTF-8
location: http://crispbln.com?wgu=13633_192821_16694676072845_a9b1a0348d&wgexpiry=1701003607&source=webgains&siteid=192821
server: nginx
x-powered-by: PHP/7.4.26
expires: Sat, 26 Nov 2022 13:01:07 GMT
last-modified: Sat, 26 Nov 2022 13:00:07 GMT
cache-control: private, max-age=60
x-wg-cache: cache-not-used
access-control-allow-origin: *
access-control-allow-headers: Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-itr7bijMFgTkuzRdlD6g7u-ray2ro9zUaEmiaw
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-itr7bijMFgTkuzRdlD6g7u-ray2ro9zUaEmiaw
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-itr7bijMFgTkuzRdlD6g7u-ray2ro9zUaEmiaw HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:00:10 GMT
x-fastly-to-nlb-rtt: 22288
access-control-allow-credentials: true
X-Firefox-Spdy: h2
api.webgains.io/cache
3.11.196.201200 OK 0 B IP 3.11.196.201:0
GET /cache HTTP/1.1
Host: api.webgains.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.crispbln.com/
Origin: https://www.crispbln.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:08 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-powered-by: PHP/7.4.26
cache-control: max-age=7776000, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.webgains.io/tracking-event
3.11.196.201200 OK 0 B URL HTTP/2 api.webgains.io/tracking-event
IP 3.11.196.201:0
POST /tracking-event HTTP/1.1
Host: api.webgains.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.crispbln.com/
Content-Type: application/json
Origin: https://www.crispbln.com
Content-Length: 532
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: application/json
server: nginx
x-powered-by: PHP/7.4.26
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 2681359
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.malimora.com/fashion/?fashion=https://r.brandreward.com/?key=690888d974a715942ab6b37c487f9a02&url=http%3A%2F%2Fcrispbln.com&id=we5b1o4ohvdnndok2s2m5ma0
104.21.27.39200 OK 0 B URL HTTP/2 www.malimora.com/fashion/?fashion=https://r.brandreward.com/?key=690888d974a715942ab6b37c487f9a02&url=http%3A%2F%2Fcrispbln.com&id=we5b1o4ohvdnndok2s2m5ma0
IP 104.21.27.39:0
GET /fashion/?fashion=https://r.brandreward.com/?key=690888d974a715942ab6b37c487f9a02&url=http%3A%2F%2Fcrispbln.com&id=we5b1o4ohvdnndok2s2m5ma0 HTTP/1.1
Host: www.malimora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:00:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.26
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1jUBkMcMQ433K314egc4q2yT9%2Fm7mcW5Rd7GtCY0d%2FkWqHmx0Muq5vJU%2Fg2a6QrzGdcSiJ7Xan2N8ReJKGjm%2BfegRa%2BEhAOXKFVkDaywuDoEG5g%2FfhUzxk5eUhXMhfqgZvt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702ce15af7cb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.trustedshops.com/js/XB478B545204C2462CE56EC9B6AA71849.js
143.204.55.72200 OK 0 B URL HTTP/2 widgets.trustedshops.com/js/XB478B545204C2462CE56EC9B6AA71849.js
IP 143.204.55.72:0
GET /js/XB478B545204C2462CE56EC9B6AA71849.js HTTP/1.1
Host: widgets.trustedshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.crispbln.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Sat, 26 Nov 2022 13:00:09 GMT
last-modified: Sat, 26 Nov 2022 05:05:43 GMT
etag: W/"c8879858629741f7fc067ae81a2de2f7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tMtjRhMbR9tkqZfKAgy0rHWYmXzOIWHF_onMCn2WzfewOF2w8y7Hsg==
X-Firefox-Spdy: h2