mcw18.com/af/Xj9AgKFs/prpllrpn
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 mcw18.com/af/Xj9AgKFs/prpllrpn
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /af/Xj9AgKFs/prpllrpn HTTP/1.1
Host: mcw18.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 11:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 12:31:41 GMT
Location: https://mcw18.com/af/Xj9AgKFs/prpllrpn
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSxhG4gjpT%2FqZhFSR9CJO7Ea0qMKVSrKwywZWTlw0W%2BozwHXdk0LpHthVP8EIMOPut5jhUMaCY%2F%2B08420fy0kaFSArlxOdNGtMHWbQM9T2%2Bqw2s3GMdFVF8Kmoc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac65975c8e7b4eb-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13952
Expires: Thu, 23 Mar 2023 15:24:13 GMT
Date: Thu, 23 Mar 2023 11:31:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21501
Expires: Thu, 23 Mar 2023 17:30:02 GMT
Date: Thu, 23 Mar 2023 11:31:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19505
Expires: Thu, 23 Mar 2023 16:56:46 GMT
Date: Thu, 23 Mar 2023 11:31:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 11:27:32 GMT
content-type: application/json
age: 249
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zKXPJl60t2Qkgft5P+24AplJh6HSufJFJkvpPp2sGq1ntf76wNsFnWymPcSHuY6mH+wMJUuRIwM=
x-amz-request-id: 6GQAFJR9Q1MXK6RA
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 10:54:01 GMT
age: 2260
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 11:31:41 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 11:17:23 GMT
age: 858
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fullPage.js/3.0.2/fullpage.min.css
104.17.24.14200 OK 1.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fullPage.js/3.0.2/fullpage.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (3536), with CRLF line terminators
Hash bccae9a53426e0fbdf1a1aa506e52b64
b42252b279cde2cae1651c639dff2245073aa87f
56a39765bc064c467c94a5d89f1c291d22fd6d4288b5ebb140ad997e10e016f1
GET /ajax/libs/fullPage.js/3.0.2/fullpage.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 11:31:42 GMT
content-type: text/css; charset=utf-8
content-length: 1007
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6b-f31"
last-modified: Mon, 04 May 2020 16:10:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18133038
expires: Tue, 12 Mar 2024 11:31:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT9cgtUCiZuQJ4VAQaHJyBoDtR8jNqsDDBlu6IoGTPbLEyfH0oJFiVl3jy1%2FE5rJHQkqO1%2Fdl3RgQpBmwLYIAwiZm%2BOrjGLY3%2BxMALk6EUn9aErOy%2B387ko0Du84aEeCR5NxFSlJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ac6597b7d850b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
104.17.24.14200 OK 9.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (42862)
Hash 42a2ee3da19d236df26093c57cc4cf2f
2e8d1e1f5304113684417d85b0c22f73d0773a55
a78adc4dc908508947a6f8551e0f85372655de2280bdae263a399b1068517ecf
GET /ajax/libs/slick-carousel/1.8.1/slick.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 11:31:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 9283
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-a76f"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1167981
expires: Tue, 12 Mar 2024 11:31:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUUZIHrvcomaGHJAtyvG0zqyY%2FdKjtJaEYAHSJSRPsT9AqZ1vbvmaPrUfiEIM%2B2LcEknDQtFpmG71BF796QYvrWfUFtPNUm4Ec0P0UUTL%2BNhZ2QZCNiHK%2F22AwVhUeJASXNdAmsO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ac6597b9d9b0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15748
Expires: Thu, 23 Mar 2023 15:54:10 GMT
Date: Thu, 23 Mar 2023 11:31:42 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery-noty/2.1.0/jquery.noty.js
104.17.24.14200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-noty/2.1.0/jquery.noty.js
IP 104.17.24.14:0
Hash f7753f78e3cd5f86198786814598e8cc
a1e7b90ba1e4c4c041a25bc316758febb4fb19ed
c32cc887c7f921230d301afc362c319f81428967b5d996550652b4949e71486b
GET /ajax/libs/jquery-noty/2.1.0/jquery.noty.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 11:31:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 3291
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-4421"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 142894
expires: Tue, 12 Mar 2024 11:31:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REbBrXgBySiGfKPEQ9NHX8WjR9kJ00YjGDzmQx4XzZmjsskTMWOE85%2FteVfETNFOMZbDNKwxVvbdI3M8tiGm0pu1OBCxCw9m23W3SGCheMcIYLoqf7qd7VGV1ctcnKNbSZrN8qqX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ac6597badba0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-QH00L0BVFE
142.250.74.72200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-QH00L0BVFE
IP 142.250.74.72:0
File type ASCII text, with very long lines (21772)
Hash a079d84fd632ca3ec84b7048976e6294
d96d4b309fe35a56be9ff8793aa8108fa0d81d12
b4ddf9fec246b3d62032095c90e0eb77a40a25a3a07c75f718a77404403ead3a
GET /gtag/js?id=G-QH00L0BVFE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 11:31:42 GMT
expires: Thu, 23 Mar 2023 11:31:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mcw18.com/af/Xj9AgKFs/prpllrpn
188.114.97.1200 OK 21 kB URL HTTP/2 mcw18.com/af/Xj9AgKFs/prpllrpn
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2569)
Hash caf360115cdfc7e4a0c797195238dc4a
05593030f039ac2014ca77ba96ff80e44f56119b
d1f13e15e2b39b7ac4785a8a05358c452875fcb0e97ec182fea2b628aeb267ba
GET /af/Xj9AgKFs/prpllrpn HTTP/1.1
Host: mcw18.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 23 Mar 2023 11:31:41 GMT
content-type: text/html;charset=UTF-8
cache-control: NO-CACHE
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
pragma: NO-CACHE
expires: Thu, 01 Jan 1970 00:00:00 UTC
vary: Accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbQ2AzzU8sjjJoDFqPAXZnD7FCbVL7PuAWuhdb6qgUPz4afhFwuJ%2FfVSK%2FEphcM%2BtoHEQXNErnwDBMCdlkYKPZ34U8%2F1UxXD0Vks8qqpYCHjhcludQsHWQh6FuU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: affCodeCookie=Xj9AgKFs; Max-Age=86400; Expires=Fri, 24-Mar-2023 11:31:41 GMT; Domain=mcw18.com; Path=/; HttpOnly
affLinkCookie=prpllrpn; Max-Age=86400; Expires=Fri, 24-Mar-2023 11:31:41 GMT; Domain=mcw18.com; Path=/; HttpOnly
affInternalCookie=true; Max-Age=86400; Expires=Fri, 24-Mar-2023 11:31:41 GMT; Domain=mcw18.com; Path=/; HttpOnly
affDomainCookie=mcw18.com; Max-Age=86400; Expires=Fri, 24-Mar-2023 11:31:41 GMT; Domain=mcw18.com; Path=/; HttpOnly
route=inhouseweb02; Path=/
JSESSIONID=B4867EE50CE354F6774D23A32695457A; Domain=mcw18.com; Path=/; HttpOnly
__cflb=02DiuGPt8FWwejnoGG4JTHH4hUsG3t8VSqhLeZWXevM3i; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 10:31:41 GMT; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ac659777da7b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.187.127101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.187.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /4pxWruAn7oVQQMkkv+Vgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5k7rZeQIF7do+JtFnypY9mWSF1Q=
region1.analytics.google.com/g/collect?v=2&tid=G-QH00L0BVFE>m=45je33k0&_p=245311437&_gaz=1&cid=2141221395.1679571110&ul=en-us&sr=1280x1024&_s=1&sid=1679571110&sct=1&seg=0&dl=https%3A%2F%2Fmcw18.com%2Faf%2FXj9AgKFs%2Fprpllrpn&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
216.239.32.36204 No Content 24 kB URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-QH00L0BVFE>m=45je33k0&_p=245311437&_gaz=1&cid=2141221395.1679571110&ul=en-us&sr=1280x1024&_s=1&sid=1679571110&sct=1&seg=0&dl=https%3A%2F%2Fmcw18.com%2Faf%2FXj9AgKFs%2Fprpllrpn&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
IP 216.239.32.36:0
Hash cc094bf510fcd76d46e32af019cb764e
17454fd38e656dcce092aabe061d7f5651204260
2ebdbb6186270f2f6ef71d5c25a841e09ee2e14e5e5b9d4e7a74fad44c944388
POST /g/collect?v=2&tid=G-QH00L0BVFE>m=45je33k0&_p=245311437&_gaz=1&cid=2141221395.1679571110&ul=en-us&sr=1280x1024&_s=1&sid=1679571110&sct=1&seg=0&dl=https%3A%2F%2Fmcw18.com%2Faf%2FXj9AgKFs%2Fprpllrpn&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mcw18.com
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mcw18.com
date: Thu, 23 Mar 2023 11:31:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5cd8c9b1a21861daf74c130682cea34e
32ceecbbe8fdfc999e4169771cf7633fdaa1f083
328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-QH00L0BVFE&cid=2141221395.1679571110>m=45je33k0&aip=1
209.85.233.157204 No Content 1.9 kB URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-QH00L0BVFE&cid=2141221395.1679571110>m=45je33k0&aip=1
IP 209.85.233.157:0
Hash 00eef490696efa79518ed606649dfc1f
d2864e42f4610d3140a65dc797b7b57e2669ef52
d316e9aa6f4b2c8b1377d510518209e9a293eb05ef3b86d1b18299c04c60f4a9
POST /g/collect?v=2&tid=G-QH00L0BVFE&cid=2141221395.1679571110>m=45je33k0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mcw18.com
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mcw18.com
date: Thu, 23 Mar 2023 11:31:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 1.2 kB IP 216.58.211.3:0
Hash 3465a9a3de9b2213ca5efe8ce73862eb
3dba9f68287590c338731dc68c5db9be78be1700
135dfc5b8c619c85a40e1a235911bdff523ab235accca0cf379fd90e215d4105
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7ed0d2398eeec8cfde1cea76ca417169
0230aa11d5ff8c40aecb90f64fd0c372bec5c453
9f43a82f0001010376915ed7133303c8f7f34d9b69666dab1400a2801710183f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14466
Expires: Thu, 23 Mar 2023 15:32:49 GMT
Date: Thu, 23 Mar 2023 11:31:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14466
Expires: Thu, 23 Mar 2023 15:32:49 GMT
Date: Thu, 23 Mar 2023 11:31:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14466
Expires: Thu, 23 Mar 2023 15:32:49 GMT
Date: Thu, 23 Mar 2023 11:31:43 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Material+Icons+Outlined
172.217.21.170200 OK 867 B URL HTTP/2 fonts.googleapis.com/css2?family=Material+Icons+Outlined
IP 172.217.21.170:0
Hash 75c23b875624096b3b7277390ee29db1
36fb62fff5d7ca24efa620cc642d39ee6f1568d8
7f97567c3d51157107fda8e789605aff17d6d9bc4b9f0a49f03400d59d87718c
GET /css2?family=Material+Icons+Outlined HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 11:31:42 GMT
date: Thu, 23 Mar 2023 11:31:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: k6VaCG5oTQnKOvKJnleVqxIIc9yOgdOL0oPcL0ZSVw7DZQ8_GzFoZQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:43 GMT
age: 49440
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 13039
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 54608
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:02:44 GMT
age: 57605
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 49439
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d24dfcd9f0afe0e4077384f16cc494
76213c7d5c759471ed3823888860f918ac7e8f13
fbbbef0498ddf14bc9b204273a3cd416c357dceed20339c3e8c64a16b0be3caf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7083
x-amzn-requestid: 52c38747-4a30-4831-87ca-7e72e5602ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHY_gFu8IAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64193b96-49c53b7c2e5ed4fc0217e357;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 05:07:34 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: XUrSSF8TgZSClR4MqJ0kuXGO-8KIguNmGe5lmVwzKXZO6CN0F9mimg==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:51:03 GMT
age: 49240
etag: "76213c7d5c759471ed3823888860f918ac7e8f13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8795e5b287f501dc39ee441cd6bd7125
9d420cfc40477940eff7fcfc1aee2c7731fd17a5
a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH00L0BVFE&cid=2141221395.1679571110>m=45je33k0&aip=1&z=615703294
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH00L0BVFE&cid=2141221395.1679571110>m=45je33k0&aip=1&z=615703294
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH00L0BVFE&cid=2141221395.1679571110>m=45je33k0&aip=1&z=615703294 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 11:31:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8795e5b287f501dc39ee441cd6bd7125
9d420cfc40477940eff7fcfc1aee2c7731fd17a5
a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 3.5 kB URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash e55f3ca16cd20272d04a1b9b15197db3
961eabb5a707b3bcb99abac845468a086546b1dd
5248aab89d21f8eaef2bcbc8dabc182565a5406a3c643b60c1690c7189fd48d1
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170370
Date: Thu, 23 Mar 2023 11:31:44 GMT
Etag: "641c24b5-1d7"
Expires: Sat, 25 Mar 2023 10:51:14 GMT
Last-Modified: Thu, 23 Mar 2023 10:06:45 GMT
Server: ECAcc (bsa/EAF6)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7bhvznroam5idtaWbPaHgrz8fQ06-eEgsa5QdfnR4J30rUM7BU4qYA==
Age: 2669
d313lzv9559yp9.cloudfront.net/6f6c7faae0e50a098198441f725d8616.js
54.230.111.21200 OK 42 kB URL HTTP/2 d313lzv9559yp9.cloudfront.net/6f6c7faae0e50a098198441f725d8616.js
IP 54.230.111.21:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fb95d56b6ade5a6612640fa602de5226
6b19b433da503eca3138a3c1a461c3f7f2627ded
0d9fb4cccb79dc6a537a359fdcfb319bec7c0940aa5f6b63c0af6eb9178dd74a
GET /6f6c7faae0e50a098198441f725d8616.js HTTP/1.1
Host: d313lzv9559yp9.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 22 Mar 2023 00:00:14 GMT
last-modified: Fri, 04 Feb 2022 07:06:42 GMT
etag: W/"88cb9226f8023d9ebdf06530f39e8631"
x-amz-meta-md5-hash: 88cb9226f8023d9ebdf06530f39e8631
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x6mFyl8WmlkNCU_RxK9U1v7JxH4PZXZ5suN_NYz6FHSCfFvivgxDSg==
age: 127891
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sc.adelement.com/setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en
52.18.89.54302 Found 548 B URL HTTP/2 sc.adelement.com/setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en
IP 52.18.89.54:0
Hash fb5355ae7814845fadd4644c10256f91
c9119e681effa7cecdef597d63519359fa166c18
7e5da9c64eca3b7ec1277a3cd2f7fe006676f1f370aba167055fcd741fef3791
GET /setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en HTTP/1.1
Host: sc.adelement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 11:31:44 GMT
location: https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=6f6c7faae0e50a098198441f725d8616&depth=0&event_type=home_page&country_code=in&lang_code=en&_aeset=1
server: nginx/1.18.0 (Ubuntu)
set-cookie: OAID=l7fu3aLiFVJZFbYZY8NBiMfW; expires=Fri, 22-Mar-2024 11:31:44 GMT; Domain=.adelement.com; SameSite=None; Secure
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27bDdmdTNhTGlGVkpaRmJZWlk4TkJpTWZX%27&google_tc=
142.250.74.130302 Found 239 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27bDdmdTNhTGlGVkpaRmJZWlk4TkJpTWZX%27&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c6e56f979c17237f2e21f5959d68e8ca
e11c209142617b45ceee574ba68399a212bef1ee
29d69f8c119d517c443f4112cfeed028551b352f1921664db223f23bf5a70330
GET /pixel?google_nid=adl&google_cm=&google_hm=b%27bDdmdTNhTGlGVkpaRmJZWlk4TkJpTWZX%27&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://sc.adelement.com/cs?google_error=3
date: Thu, 23 Mar 2023 11:31:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=29403057&t=2
185.89.210.244307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=29403057&t=2
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=29403057&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 23 Mar 2023 11:31:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29403057%26t%3D2
AN-X-Request-Uuid: a0be482c-beba-40bf-ae72-01ee580ab71f
Set-Cookie: uuid2=299485394131729847; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Jun-2023 11:31:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 3.8 kB IP 216.58.211.3:0
Hash 28ca183ad6f7da516fc2836279e4c3f0
44717f3ebe79fd510d370589d55544c47d49a8e4
6e9b55ea28f55942b7143d8b296dee60515a78809356a72cccd7ba5b5d0ef7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:31:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29403057%26t%3D2
185.89.210.244200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29403057%26t%3D2
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D29403057%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 23 Mar 2023 11:31:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6e046b2e-a559-464d-b907-82e0ea013300
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?eiHPX!!]tbP6j2F-XstGt!@Dz5$zlr+; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Jun-2023 11:31:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sc.adelement.com/cs?google_error=3
52.18.89.54302 Found 0 B URL HTTP/2 sc.adelement.com/cs?google_error=3
IP 52.18.89.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs?google_error=3 HTTP/1.1
Host: sc.adelement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Cookie: OAID=l7fu3aLiFVJZFbYZY8NBiMfW; _ae_rt_tt=eu-west-1; _ae_rt_te=; _ae_rt_dt=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 23 Mar 2023 11:31:45 GMT
location: https://ib.adnxs.com/setuid?entity=389&code=l7fu3aLiFVJZFbYZY8NBiMfW
server: nginx/1.18.0 (Ubuntu)
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D389%26code%3Dl7fu3aLiFVJZFbYZY8NBiMfW
185.89.211.12200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D389%26code%3Dl7fu3aLiFVJZFbYZY8NBiMfW
IP 185.89.211.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D389%26code%3Dl7fu3aLiFVJZFbYZY8NBiMfW HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 23 Mar 2023 11:31:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: fda45c5a-d6cc-4d00-b181-86aa97adc20d
Set-Cookie: anj=dTM7k!M41.E:2jUF']wIg2E?eiHPX!!]tbPl1Mu5QgUl$=0ZHA]okB]0ix_p2)=Jr4.PdmhVMA'2V5bFey(V4/X%W#.wL4W1Qw129q%`D; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Jun-2023 11:31:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
widget.intercom.io/widget/cz9vuj8s
54.230.111.119200 OK 3.3 kB URL HTTP/2 widget.intercom.io/widget/cz9vuj8s
IP 54.230.111.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8520), with no line terminators
Hash 77cb939aaad9181aa31ff2babf58d9b8
8b0ade1f9a18d4b625949373c447a901b55a65a7
a13e4bbf2ddd4f162c052f182de93853f7fd5776206c51b90abce0b75cacc8eb
GET /widget/cz9vuj8s HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 3265
last-modified: Wed, 22 Mar 2023 15:05:13 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: CJAcizWtaNnAXXPlU90yBqSs86lF9zZc
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 11:19:11 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "77cb939aaad9181aa31ff2babf58d9b8"
x-cache: Error from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JDgBfXf0P48MD1IOQ0IGMuRiFfbH1BuROikZzLpgfnn-bbmwe_8hMQ==
age: 810
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.a1a37c6c.js
54.230.111.33200 OK 144 kB URL HTTP/2 js.intercomcdn.com/frame.a1a37c6c.js
IP 54.230.111.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 144 kB (144031 bytes)
Hash 1037b12b9b1d3b05551cd3cc45dc2d7e
4fc1a1b05f670f87676e971253d8663a1c2c5be4
e334e40af6b3efede8b1c282e0b897b78628d7a33f24a5102eccb98a150ca6a0
GET /frame.a1a37c6c.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 144031
last-modified: Wed, 22 Mar 2023 15:02:41 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: PJ4QptkmTcEX4S2JrxBt93akBXqm71yQ
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 11:12:45 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "1037b12b9b1d3b05551cd3cc45dc2d7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IbdKILgCT7bOvq-u-LNtACbRzFZU1WeOo2KQb68ATzhDrmyNW_Vb6A==
age: 1141
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash e585c17fa566e2bfb6f469cc72cca9bb
eda39a235209a9cc61253d9aa80908124576ce3a
4a955d2fe454548b4ae22487534e62956e1e823a82daa4cfcd450089b3091f23
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155269
Date: Thu, 23 Mar 2023 11:31:45 GMT
Etag: "641bde8b-1d7"
Expires: Sat, 25 Mar 2023 06:39:34 GMT
Last-Modified: Thu, 23 Mar 2023 05:07:23 GMT
Server: ECAcc (bsa/EACA)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m8Tq9Wqmw5-44y216FAWzhCDRLQH1xgK1vQjaAWvUt6tDP1_ns9I2A==
Age: 5531
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 34f4765d4d6b70ee67d80f5805eabc95
74a140e6614adb395c45b5f57aa164ad5dc8fd34
64c2cd6d4d6f59b71bc7537b2de86593eff911a80f089d536cc88933709244d9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142324
Date: Thu, 23 Mar 2023 11:31:45 GMT
Etag: "641bb5a8-1d7"
Expires: Sat, 25 Mar 2023 03:03:49 GMT
Last-Modified: Thu, 23 Mar 2023 02:12:56 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iOSdv2yzreAh0RyNKJjLRTO65pDHt7fTu3W8tJ7XpX0oahGBb6X1Vw==
Age: 3053
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash af4bfe873d6e107fa2735826987cd190
4b931785b4aec30c821a15c4302d316efbe0580a
5a4b0133182f13e593f1710be5791da17cf1d4ca3ebb781904f339693570bb14
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86760
Date: Thu, 23 Mar 2023 11:31:46 GMT
Etag: "641ada47-1d7"
Expires: Fri, 24 Mar 2023 11:37:46 GMT
Last-Modified: Wed, 22 Mar 2023 10:36:55 GMT
Server: ECAcc (nya/7993)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xnAKIdWUMtlqDIE7wsfAN_g0mz_IEFrVfbya_rHl6szgw5xhHP75KQ==
Age: 3651
collector-cps-live.omnitrend.biz/session/
107.154.76.179200 OK 218 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/session/
IP 107.154.76.179:0
Hash 5e09927a5a5dc52b9287f11c8c6702f2
f46b7cc6467cd60908494d0cbc902df07cbde79d
3a4b650b13053b3be15808dac768f6cfa9cbc50d08b386792364069d73c3d3ac
OPTIONS /session/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: bu-project,bu-session,bu-uid,ot-guest,ot-timestamp,ot-token
Referer: https://mcw18.com/
Origin: https://mcw18.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 11:31:45 GMT
server: uvicorn
content-type: text/html; charset=utf-8
content-length: 0
vary: Origin
access-control-allow-origin: *
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, ot-token, ot-guest, ot-timestamp, bu-session, bu-project, bu-uid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=cWd2ocwUQ7GiL9QTi6pZT6E4HGQAAAAAQUIPAAAAAADDjRaUpCu8+Uhpc8+FJYdA; expires=Thu, 21 Mar 2024 22:42:59 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2885031=benKN8RaSxYHDIA1lDJeOwAAAADV/4ZQKPKoj0LBNVlbdJs+; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=jQlSPEf+7ggPcyfzkVHFCKI4HGQAAAAAyObWcxPfQs0rT51ipGdtZA==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 7-1179813-1179814 NNNN CT(237 478 0) RT(1679571105112 20) q(0 0 7 0) r(9 9) U24
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash a6a57b7d857613003a6488ce4826fe29
0ec0f22c3d63ab80464c3af5130a4fe5aeaf075d
eda6fd9c3c6e5c7f920744ceecdd4a5033d992b1b095edcb8540ba32d941ec51
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 23 Mar 2023 11:31:47 GMT
Server: ECAcc (dcb/7EDD)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wBB8Q4zbKMkaGRSMFaiW24nhyWQQvhBWBLtxitbyYdbViBP7ooRsuA==
collector-cps-live.omnitrend.biz/session/
107.154.76.179201 Created 320 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/session/
IP 107.154.76.179:0
File type JSON data\012- , ASCII text, with very long lines (568), with no line terminators
Hash 463e9a8a835bb3ae50e910c6dcf067e9
802ca4a1508d72ddebdf10a3787dca0e3d266fb4
fb154e1bc219de4dbc5384c498f46394503f5f2e16e97e6eff30485311fd0c5b
GET /session/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
bu-project: j&3-xc4)%%72f4_nfn-v9_n-07t_qw$@8!o&x75v-b=4=*^j3q
bu-session: undefined
bu-uid: undefined
ot-guest: null
ot-timestamp: 1679571113.540
ot-token: null
Origin: https://mcw18.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
date: Thu, 23 Mar 2023 11:31:47 GMT
server: uvicorn
content-type: application/json
vary: Origin
access-control-allow-origin: *
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=cWd2ocwUQ7GiL9QTi6pZT6E4HGQAAAAAQUIPAAAAAADDjRaUpCu8+Uhpc8+FJYdA; expires=Thu, 21 Mar 2024 22:42:59 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2885031=AY88f+fESHT9M1yvlDJeOwAAAABHv7f/hTv4rQ9FiDOfQFt/; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=UpvtACxqoD0PcyfzkVHFCKM4HGQAAAAA9tFUYJQxkN2ntCm9GybJYQ==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Iinfo: 5-10857606-10857704 NNYN CT(243 492 0) RT(1679571105112 988) q(0 1 8 0) r(10 10) U24
cz9vuj8s.nexus.intercom-chat.com/pubsub/5-D8e6cvvuMSqHYPBjTeeSboity7HPssx9qbCrGbWtnLl25aBlSRT4Q-NL87LuTTaiWfgxN1Xuh8oTcsGrRWFBW_W8vwHD11RMc_SB?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
54.230.111.56101 Switching Protocols 0 B URL HTTP/1.1 cz9vuj8s.nexus.intercom-chat.com/pubsub/5-D8e6cvvuMSqHYPBjTeeSboity7HPssx9qbCrGbWtnLl25aBlSRT4Q-NL87LuTTaiWfgxN1Xuh8oTcsGrRWFBW_W8vwHD11RMc_SB?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 54.230.111.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-D8e6cvvuMSqHYPBjTeeSboity7HPssx9qbCrGbWtnLl25aBlSRT4Q-NL87LuTTaiWfgxN1Xuh8oTcsGrRWFBW_W8vwHD11RMc_SB?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: cz9vuj8s.nexus.intercom-chat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://mcw18.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WA1AXWHZQ6WfiR1s1AjcaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: upgrade
Server: nginx
Date: Thu, 23 Mar 2023 11:31:47 GMT
Upgrade: websocket
Sec-WebSocket-Accept: B4sMhgMFBJCr5nSyNI4uVPENZIk=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: REfbFD6cjSL8XwRKaYb7Z0vEjEYaf99OqxEz910jKUYCgrDF1zWLOA==
collector-cps-live.omnitrend.biz/info/
107.154.76.179200 OK 0 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/info/
IP 107.154.76.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /info/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bu-project,bu-session,bu-uid,ot-guest,ot-timestamp,ot-token
Referer: https://mcw18.com/
Origin: https://mcw18.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
date: Thu, 23 Mar 2023 11:31:47 GMT
server: uvicorn
content-type: text/html; charset=utf-8
content-length: 0
vary: Origin
access-control-allow-origin: *
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, ot-token, ot-guest, ot-timestamp, bu-session, bu-project, bu-uid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=Noyax+0yTvGRH1mSgfe1laM4HGQAAAAAQUIPAAAAAAAwHYQxVnrgRDMoos2/0a0W; expires=Thu, 21 Mar 2024 22:42:59 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=lPcSYU5a6yi7cyfzkVHFCKM4HGQAAAAA2V4qqZfWDqNK0MRtQnf1Aw==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 5-10857606-10857704 SNNN RT(1679571105112 1989) q(0 0 0 -1) r(2 2) U24
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash a6a57b7d857613003a6488ce4826fe29
0ec0f22c3d63ab80464c3af5130a4fe5aeaf075d
eda6fd9c3c6e5c7f920744ceecdd4a5033d992b1b095edcb8540ba32d941ec51
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165901
Date: Thu, 23 Mar 2023 11:31:48 GMT
Etag: "641c1db1-1d7"
Expires: Sat, 25 Mar 2023 09:36:49 GMT
Last-Modified: Thu, 23 Mar 2023 09:36:49 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z34q7FwG6RZfot3DEwPcPixOCG3rg9bo5zTpCPkkSahSfTo2Y96-wA==
collector-cps-live.omnitrend.biz/info/
107.154.76.179204 No Content 0 B URL HTTP/1.1 collector-cps-live.omnitrend.biz/info/
IP 107.154.76.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /info/ HTTP/1.1
Host: collector-cps-live.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcw18.com/
bu-project: j&3-xc4)%%72f4_nfn-v9_n-07t_qw$@8!o&x75v-b=4=*^j3q
bu-session: undefined
bu-uid: undefined
ot-guest: YzIyYTM3ZjUtZjVlZi00Mzc5LWE0ODMtNzU2OWYzZTcxYzRmOjkxLjkwLjQyLjE1NDoxNjc5NTcxMTA3LjY1Mjg5NzpNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMDpqJjMteGM0KSUlNzJmNF9uZm4tdjlfbi0wN3RfcXckQDghbyZ4NzV2LWI9ND0qXmozcQ==
ot-timestamp: 1679571115.652
ot-token: MmE1ZDU2NjgtNzQwMi00NmVkLWI5YWItZWM2ODRiZGI0MmY0OjkxLjkwLjQyLjE1NDoxNjc5NTcxMTA3LjY1Mzg5MTpNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMDpqJjMteGM0KSUlNzJmNF9uZm4tdjlfbi0wN3RfcXckQDghbyZ4NzV2LWI9ND0qXmozcQ==
Content-Type: text/plain;charset=UTF-8
Origin: https://mcw18.com
Content-Length: 318
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Thu, 23 Mar 2023 11:31:47 GMT
server: uvicorn
content-type: text/html; charset=utf-8
content-length: 0
vary: Origin
access-control-allow-origin: *
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2885031=+qYqQg03Qg+jz6HvrJYpb6M4HGQAAAAAQUIPAAAAAAAnDtDqNS4L93+Ftrh7BPi1; expires=Thu, 21 Mar 2024 22:42:59 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
incap_ses_632_2885031=L/SRa/obFBDMcyfzkVHFCKM4HGQAAAAA5/BurATeuZgVj5FZJJXfnA==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 5-10857606-10857704 SNNN RT(1679571105112 2246) q(0 0 0 -1) r(3 3) U24
js.intercomcdn.com/vendor.be6897a8.js
54.230.111.33200 OK 0 B URL HTTP/2 js.intercomcdn.com/vendor.be6897a8.js
IP 54.230.111.33:0
GET /vendor.be6897a8.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108559
last-modified: Wed, 22 Mar 2023 15:02:41 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: t9CZ347Itz3d0Vr69UVu9w_ro4La0qfW
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 09:58:56 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "378807b8e8c9dbd15e28e6539e2a1e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: k7yth0oSKOsRPuEPbmoIhmCpQpI3Oh68GvA0IWa6dgVD_Sr1ydkuIw==
age: 5569
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
cz9vuj8s.intercom-messenger.com/messenger/web/ping
107.23.173.97200 OK 0 B URL HTTP/2 cz9vuj8s.intercom-messenger.com/messenger/web/ping
IP 107.23.173.97:0
POST /messenger/web/ping HTTP/1.1
Host: cz9vuj8s.intercom-messenger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 427
Origin: https://mcw18.com
Connection: keep-alive
Referer: https://mcw18.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 11:31:46 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1679571110
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 12811
access-control-allow-origin: https://mcw18.com
vary: Accept,Accept-Encoding
x-intercom-version: 8fb2c8c32b9fc258731cfe1275087a8cf08e1382
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 0001rjk6v2ktojkk2060
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"05456a76ff3bc2df5c085e3ea87ff0f6"
x-runtime: 0.323936
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-087c2d0cb2ae07534
X-Firefox-Spdy: h2