ocsp.sectigo.com/
200 OK 471 B IP
Hash 5e2887abd2da13ffeda2660e219a7a47
ed290cf04020b53ef7bf4de7bfe164ad20f69c30
481b0b2984e212b06aa65abf7d42b8e9a9386cf802702d6f9f721d4663a1a570
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 10:40:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 03:10:16 GMT
Expires: Mon, 27 Mar 2023 03:10:15 GMT
Etag: "ed290cf04020b53ef7bf4de7bfe164ad20f69c30"
Cache-Control: max-age=490800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab5935b8e39b524-OSL
lcnjottagr7-wixsite-com.filesusr.com/html/840e9e_f65e770dcadbddfc30424e95668ff274.html
200 OK 378 kB URL HTTP/2 lcnjottagr7-wixsite-com.filesusr.com/html/840e9e_f65e770dcadbddfc30424e95668ff274.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32224)
Size 378 kB (378520 bytes)
Hash f65e770dcadbddfc30424e95668ff274
854209a6926963f5b12f288198539c591d863849
e4b7348d56db1a2eb5306e0dacce019150c341db2b7929b361de3d9b861dfca9
Analyzer Verdict Alert openphish Mercado Livre
fortinet Phishing
GET /html/840e9e_f65e770dcadbddfc30424e95668ff274.html HTTP/1.1
Host: lcnjottagr7-wixsite-com.filesusr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.21.4.1
content-length: 378520
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-77bc6f7769-crx7s
via: 1.1 google
date: Tue, 21 Mar 2023 00:19:07 GMT
expires: Tue, 21 Mar 2023 01:15:13 GMT
cache-control: public, max-age=15552000, immutable
age: 37267
last-modified: Tue, 25 Jan 2022 21:33:08 GMT
etag: "f65e770dcadbddfc30424e95668ff274"
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5e2887abd2da13ffeda2660e219a7a47
ed290cf04020b53ef7bf4de7bfe164ad20f69c30
481b0b2984e212b06aa65abf7d42b8e9a9386cf802702d6f9f721d4663a1a570
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 10:40:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 03:10:16 GMT
Expires: Mon, 27 Mar 2023 03:10:15 GMT
Etag: "ed290cf04020b53ef7bf4de7bfe164ad20f69c30"
Cache-Control: max-age=490800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab5935cafabb524-OSL
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2
200 OK 14 kB URL HTTP/2 http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 14076, version 3.131\012- data
Hash 8e5f280b6447af2263926b0324e05852
11342c24e0abede2de649c76c19b60a7890d1dcc
8c7f42e73d1ab70c305bca15028228419e691f2ee55f8843b76c92193af9d3ee
GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2 HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
server: Tengine
x-amz-id-2: LrOuCO0ODm4a+h78AzvKuHkvIfLcmcZPf5yCePhV2STI6PW/3DgVz59jh/f7B50zDgFwrexNjG8=
x-amz-request-id: RWXQ346VPXH5GFVH
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:46 GMT
etag: "0de1fd16bf20e0b68646e390d439ab42"
x-amz-server-side-encryption: AES256
x-amz-version-id: C4CTuYdIvDB_0NcYDhbmfHFUFBfVxB.Q
accept-ranges: bytes
x-request-id: 0a5d3712-8cad-4a0f-9753-af79942a9d8d
x-request-device-id: 0a5d3712-8cad-4a0f-9753-af79942a9d8d
x-d2id: 0a5d3712-8cad-4a0f-9753-af79942a9d8d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 21 Mar 2023 10:40:15 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14099
x-cdn: a
X-Firefox-Spdy: h2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2
200 OK 14 kB URL HTTP/2 http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 13744, version 3.131\012- data
Hash 47d8ad8e357234e3ac56431b6a375e5f
20c17d806b6acb5a5a479356bb04b32efdc2aa2f
ebc9678e550b93d31b66068f7c5ad3fca5f14eb7fd9689a59ce9c3901fb4333c
GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2 HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
server: Tengine
x-amz-id-2: 5KmBx+93CR8rb/uC3jLCp6ddU0/IvaQE4mudbaO8DU7gVuq+Pz8k1xp1d12gNuzWKZjr2EVibvs=
x-amz-request-id: RWXV1BJ7DC32ZCAF
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:52 GMT
etag: "a173db3743be3e63644aab4c442c169e"
x-amz-server-side-encryption: AES256
x-amz-version-id: QXtxTjNIRBQpICBRMemGkscbfcpzhxcO
accept-ranges: bytes
x-request-id: 7c6f5123-e281-458d-947e-66a56d3f518c
x-request-device-id: 7c6f5123-e281-458d-947e-66a56d3f518c
x-d2id: 7c6f5123-e281-458d-947e-66a56d3f518c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 21 Mar 2023 10:40:15 GMT
content-length: 13767
x-cdn: a
X-Firefox-Spdy: h2
http2.mlstatic.com/frontend-assets/vpp-frontend/pdp.desktop.e894cffa.css
200 OK 50 kB URL HTTP/2 http2.mlstatic.com/frontend-assets/vpp-frontend/pdp.desktop.e894cffa.css
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (63339)
Hash 1f68ff3e3bf8f32b27ee348dcfd7df72
c722fecca4bb104cd828832b37542d60bbb8168e
11839bb9cc861fcb2073a40f549b6f8beee6bee85bb387e71ac63f69f809084d
GET /frontend-assets/vpp-frontend/pdp.desktop.e894cffa.css HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: Tengine
x-amz-id-2: /413sziuA24XhJKQDOmo6dtQLa2MMy+qemy+i6aZk1ZxS1/XLkfmkMPlbD9QahQ8A9w6TTq1GHg=
x-amz-request-id: P3EEXXXHF90DQ062
x-amz-replication-status: COMPLETED
last-modified: Fri, 04 Feb 2022 19:25:29 GMT
etag: W/"3b65d7ab35967a98ebf84520c09bc1ee"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
x-amz-version-id: ZAGtQmcHve9Fc57ypZc_kOsTnDd0f1Yz
cache-control: public, max-age=31536000, immutable
content-encoding: br
x-envoy-upstream-service-time: 955
x-request-id: 91ab9ca6-ddab-4618-a74a-5ba267a88f9a
x-request-device-id: 91ab9ca6-ddab-4618-a74a-5ba267a88f9a
x-d2id: 91ab9ca6-ddab-4618-a74a-5ba267a88f9a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
content-length: 50390
date: Tue, 21 Mar 2023 10:40:15 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
vary: Accept-Encoding
x-cdn: a
X-Firefox-Spdy: h2
http2.mlstatic.com/D_NQ_896114-MLA47305080821_082021-OO.webp
200 OK 6.2 kB URL HTTP/2 http2.mlstatic.com/D_NQ_896114-MLA47305080821_082021-OO.webp
IP
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 680x78, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69a11110550d57f232670776b351e53a
231ba9508fe7551446c322918168bf2e930e5b31
ee61a3602acf5513c95ec5d5a8d086dfcd29d2c73e2d33b847250c9b7652f548
GET /D_NQ_896114-MLA47305080821_082021-OO.webp HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 6228
server: Tengine
cache-control: public, max-age=31536000, immutable
etag: "3067878056"
last-modified: Tue Aug 31 12:47:28 UTC 2021
x-check-cacheable: YES
x-container: 896114
x-extension: webp
x-id: MLA47305080821_082021
x-progressive: false
x-server: 172.19.0.7:39508
x-site: MLA
x-smartcrop: false
x-square: false
x-version: OO
x-version2x: false
x-envoy-upstream-service-time: 39
x-envoy-decorator-operation: read.pictures-proxy-go.melifrontends.com
x-request-id: f2fc7784-8dc0-4ca0-98af-bc82c6aa7d1f
x-request-device-id: f2fc7784-8dc0-4ca0-98af-bc82c6aa7d1f
x-d2id: f2fc7784-8dc0-4ca0-98af-bc82c6aa7d1f
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
date: Tue, 21 Mar 2023 10:40:15 GMT
x-cdn: a
X-Firefox-Spdy: h2
http2.mlstatic.com/D_NQ_NP_890679-MLA46168603038_052021-O.webp
200 OK 10 kB URL HTTP/2 http2.mlstatic.com/D_NQ_NP_890679-MLA46168603038_052021-O.webp
IP
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 364x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d9d66d8f9bed93b732b72c477940c3e
2a1c34962f5728e97e55e1f061c02d37372f559c
6dfdfa04b7ada99d47075b548470358ffcaeb7b7e2d1b0c0bb0e8e3ad9b6a76c
GET /D_NQ_NP_890679-MLA46168603038_052021-O.webp HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 10228
server: Tengine
cache-control: public, max-age=31536000, immutable
etag: "4288812078"
last-modified: Wed May 26 18:19:31 UTC 2021
x-check-cacheable: YES
x-container: 890679
x-extension: webp
x-id: MLA46168603038_052021
x-progressive: false
x-server: 172.19.0.7:52626
x-site: MLA
x-smartcrop: false
x-square: false
x-version: O
x-version2x: false
x-envoy-upstream-service-time: 85
x-envoy-decorator-operation: read.pictures-proxy-go.melifrontends.com
x-request-id: 11b0c287-54ac-41ad-855d-00035650f888
x-request-device-id: 11b0c287-54ac-41ad-855d-00035650f888
x-d2id: 11b0c287-54ac-41ad-855d-00035650f888
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
date: Tue, 21 Mar 2023 10:40:15 GMT
x-cdn: a
X-Firefox-Spdy: h2
http2.mlstatic.com/frontend-assets/ui-navigation/5.18.5/mercadolibre/navigation-desktop.css
200 OK 8.1 kB URL HTTP/2 http2.mlstatic.com/frontend-assets/ui-navigation/5.18.5/mercadolibre/navigation-desktop.css
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (51865)
Hash 36d27d41b7f3271e16bf24cd16c2f8b2
60687b8a5bc507f61cbf4a77e38f82ac8c435b09
53e06d740d3fcf5c1f342955c1425e9c394dc399a90608c5799ab8cb16909b0d
GET /frontend-assets/ui-navigation/5.18.5/mercadolibre/navigation-desktop.css HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: Tengine
x-amz-id-2: zzalLK6D6PMId7JLiJ5eZcfapTUA1ZO0ySkyGidvy7xqKG60d2+R9g9tsqQZPZQBg3Oh66UT+w0=
x-amz-request-id: 6M5YST8EAJN343N3
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Jun 2022 14:02:04 GMT
etag: W/"7254185e3ab17aacc7daecaf9a794103"
x-amz-server-side-encryption: AES256
x-amz-version-id: gPPn4wry7hldNzfQRpQp7abKrQiL.Jrz
x-amz-meta-x-timestamp: 1642004194
cache-control: public, max-age=31536000, immutable
content-encoding: br
x-envoy-upstream-service-time: 127
x-request-id: 024db4d0-a07a-4a5b-b7fe-0588bac9d8be
x-request-device-id: 024db4d0-a07a-4a5b-b7fe-0588bac9d8be
x-d2id: 024db4d0-a07a-4a5b-b7fe-0588bac9d8be
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
content-length: 8103
date: Tue, 21 Mar 2023 10:40:15 GMT
vary: Accept-Encoding
x-cdn: a
X-Firefox-Spdy: h2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2
200 OK 14 kB URL HTTP/2 http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 14076, version 3.131\012- data
Hash 6c8a9a935f8302fc92ec49b1e0c3f2c5
d55240513d610c629aba62dafa55951da416a441
d2ac471b314cd74ee9f95d0125fe8adcbc56947d40b9df1a18141ff6131eb73f
GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2 HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
server: Tengine
x-amz-id-2: 3ggIgvDh78nj+lWhxyYcZt6BYRkCV2Ixg+8ncpJ09dPFKUDXLqt6IUGlQms8HwOiwSFz5jYooEM=
x-amz-request-id: RWXVQ4XH4FJ4V2BR
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:49 GMT
etag: "67ff311675dbd02ddb898f02af6fddaf"
x-amz-server-side-encryption: AES256
x-amz-version-id: MocYTiXX0FcyQ3NLXQ4zZuxDhFDOReik
accept-ranges: bytes
x-request-id: 898c2f0d-fe3b-4d09-beba-c38a4e56ee39
x-request-device-id: 898c2f0d-fe3b-4d09-beba-c38a4e56ee39
x-d2id: 898c2f0d-fe3b-4d09-beba-c38a4e56ee39
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 21 Mar 2023 10:40:15 GMT
content-length: 14099
x-cdn: a
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 10:27:24 GMT
content-type: application/json
age: 771
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3p5mVmRb+oWuNE3dQLGriWIomsUg1Z47wbAAE+Fpa69PsQB6RhAzqZOnEp0KM5YFMHBrJMbKojo=
x-amz-request-id: 3DK1HXGB2SN8D92D
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 09:53:08 GMT
age: 2827
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 10:40:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c23dfd454f1287d7f10462196b857ff1
fdfe184ca9fd07b739078fb71443d7b08754a65e
327267ec4a460305a79795d32663dbcafe83ac127a4c4c5a6afd18e3b0538926
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89053
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:15 GMT
Etag: "6418426c-1d7"
Expires: Wed, 22 Mar 2023 11:24:28 GMT
Last-Modified: Mon, 20 Mar 2023 11:24:28 GMT
Server: nginx
Content-Length: 471
js-agent.newrelic.com/nr-spa-1214.min.js
200 OK 17 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1214.min.js
IP
File type ASCII text, with very long lines (32001)
Hash 63df9ae12bef3e49e8b24a161c3993d9
721e3b6abb8f3297803ee0ee0508bc5f5181e116
46206b315e8917c67e43b83f35a7ab92455fa147f84d8fbfdec7870c43ddb77d
GET /nr-spa-1214.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6ESiXH3JhLvugr0pjJNe7GoV5OyrtiwmqhCzgUOyq4pH84fEzZczESu8KPfWFEeE3Ok1TTjwsEA=
x-amz-request-id: ECXJGT3S9XC3G822
last-modified: Tue, 04 Jan 2022 23:13:19 GMT
etag: "709ab085dc6fdf2fd4cb719608244963"
x-amz-version-id: dU7oF32BLhGI7U7W.plhnY0tWsxdaArN
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 10:40:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1679395216.014963,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 16954
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T9PL
200 OK 99 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T9PL
IP
File type ASCII text, with very long lines (44773)
Hash a3ec56cbd06c9be44633a73c7a2f695e
4aa4b8f10a4f641c4db21767b73e9edc58e0e916
7707ab3b69be126df0780113c7eda22ea236bcfab6ca443ce061850f6331f31a
GET /gtm.js?id=GTM-T9PL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 10:40:16 GMT
expires: Tue, 21 Mar 2023 10:40:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 10:14:33 GMT
age: 1543
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pw47dWc7i1esEAjyjRXeJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GSxw4gKl/WFnf7HZquaZ6/KjApk=
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 241fcbcc78fa91f1e228d715229af9e6
77aa902ed09a773796b208e4f4dcf9c3459af894
82daed2961d0b906de29364de0ede54b4647118ed40da259eb9edba5b60d70a7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 10:40:16 GMT
Etag: "6418ee37-1d7"
Last-Modified: Tue, 21 Mar 2023 09:55:00 GMT
Server: ECAcc (dcb/7F28)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: odP5Qc6BvdYjV7vNZp-JDopbTKNoVyw5vv1_ALSsJ2Z6OMw3SYpbAw==
Age: 2716
www.mercadolivre.com.br/recommendations/?client=pdp-pads-right&limit=4&site_id=MLB&category_id=MLB1055&item_id=MLB1957534435&product_id=MLB17459960&d2_id=5844e27b-5436-4efe-83cb-0dff5ee47bba&web_device=desktop&platform=desktop&q=Xiaomi%2BRedmi%2BNote%2B10%2BDual%2BSIM%2B128%2BGB%2Blake%2Bgreen%2B6%2BGB%2BRAM&min_recomms=1&RECOMMENDED.force_categories=MLB1055&RECOMMENDED.cnt=4
403 Forbidden 0 B URL HTTP/2 www.mercadolivre.com.br/recommendations/?client=pdp-pads-right&limit=4&site_id=MLB&category_id=MLB1055&item_id=MLB1957534435&product_id=MLB17459960&d2_id=5844e27b-5436-4efe-83cb-0dff5ee47bba&web_device=desktop&platform=desktop&q=Xiaomi%2BRedmi%2BNote%2B10%2BDual%2BSIM%2B128%2BGB%2Blake%2Bgreen%2B6%2BGB%2BRAM&min_recomms=1&RECOMMENDED.force_categories=MLB1055&RECOMMENDED.cnt=4
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /recommendations/?client=pdp-pads-right&limit=4&site_id=MLB&category_id=MLB1055&item_id=MLB1957534435&product_id=MLB17459960&d2_id=5844e27b-5436-4efe-83cb-0dff5ee47bba&web_device=desktop&platform=desktop&q=Xiaomi%2BRedmi%2BNote%2B10%2BDual%2BSIM%2B128%2BGB%2Blake%2Bgreen%2B6%2BGB%2BRAM&min_recomms=1&RECOMMENDED.force_categories=MLB1055&RECOMMENDED.cnt=4 HTTP/1.1
Host: www.mercadolivre.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-card-type,x-image-webp,x-recosplugin-version
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/json;charset=utf-8
content-length: 0
date: Tue, 21 Mar 2023 10:40:17 GMT
server: Tengine
set-cookie: _d2id=6e282599-f777-4775-a8a5-e2895a53c993-n; Path=/; Domain=.mercadolivre.com.br; Expires=Wed, 20 Mar 2024 10:40:17 GMT
x-envoy-upstream-service-time: 1
x-request-id: 6e282599-f777-4775-a8a5-e2895a53c993
x-request-device-id: 6e282599-f777-4775-a8a5-e2895a53c993
x-d2id: 6e282599-f777-4775-a8a5-e2895a53c993
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xIInr3gmPZbM8A549Nz7A17pTD_zWZWhJWkea-0mUIyZUBOQIiaBeA==
X-Firefox-Spdy: h2
print1.mercadoclics.com/mclics/v2/prints/external/MLB/count?d=MC05dXA9jHDlN6DBnqinV3PbM1yWwda2QwxuWU6y2r%2FDwqLRDSngXBRuUG20SMt1HL%2BKaucsVSR%2BzBTyWn%2F3hRFU2%2Bb1%2Fg3rETRoMg45a%2F7JUPRtdc6dJ%2BERk1baS1C01AdmOk3H7tvS6D93zBalgnL1FBukDV1ZgMOB1Vy0%2BJk3U2YHb20JDRt8ia5qT9IWGTchhzBL4h72FKP%2FqAMhR6MhlcotpwttAVWNEm7QiaP7mDEoGZan5yYHSA8ZK%2Bb37YK7dcn3vagzImuk1fQKX9VD4D8h0Xg0eHmdWXOk964ju4Tr2OO%2BdlHgUp8H30UTzys0Qjm02fAgAdIt
204 No Content 0 B URL HTTP/2 print1.mercadoclics.com/mclics/v2/prints/external/MLB/count?d=MC05dXA9jHDlN6DBnqinV3PbM1yWwda2QwxuWU6y2r%2FDwqLRDSngXBRuUG20SMt1HL%2BKaucsVSR%2BzBTyWn%2F3hRFU2%2Bb1%2Fg3rETRoMg45a%2F7JUPRtdc6dJ%2BERk1baS1C01AdmOk3H7tvS6D93zBalgnL1FBukDV1ZgMOB1Vy0%2BJk3U2YHb20JDRt8ia5qT9IWGTchhzBL4h72FKP%2FqAMhR6MhlcotpwttAVWNEm7QiaP7mDEoGZan5yYHSA8ZK%2Bb37YK7dcn3vagzImuk1fQKX9VD4D8h0Xg0eHmdWXOk964ju4Tr2OO%2BdlHgUp8H30UTzys0Qjm02fAgAdIt
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mclics/v2/prints/external/MLB/count?d=MC05dXA9jHDlN6DBnqinV3PbM1yWwda2QwxuWU6y2r%2FDwqLRDSngXBRuUG20SMt1HL%2BKaucsVSR%2BzBTyWn%2F3hRFU2%2Bb1%2Fg3rETRoMg45a%2F7JUPRtdc6dJ%2BERk1baS1C01AdmOk3H7tvS6D93zBalgnL1FBukDV1ZgMOB1Vy0%2BJk3U2YHb20JDRt8ia5qT9IWGTchhzBL4h72FKP%2FqAMhR6MhlcotpwttAVWNEm7QiaP7mDEoGZan5yYHSA8ZK%2Bb37YK7dcn3vagzImuk1fQKX9VD4D8h0Xg0eHmdWXOk964ju4Tr2OO%2BdlHgUp8H30UTzys0Qjm02fAgAdIt HTTP/1.1
Host: print1.mercadoclics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 10:40:17 GMT
server: Tengine
set-cookie: _d2id=26ade43f-03ce-4b79-b859-ac480abc65fe-n; Path=/; Domain=.mercadoclics.com; Expires=Wed, 20 Mar 2024 10:40:17 GMT
x-envoy-upstream-service-time: 7
x-request-id: 26ade43f-03ce-4b79-b859-ac480abc65fe
x-request-device-id: 26ade43f-03ce-4b79-b859-ac480abc65fe
x-d2id: 26ade43f-03ce-4b79-b859-ac480abc65fe
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _UQ0XCGbzOHnyrhL4z_T5cO-vc8hv4WQabcmMxz15vwYOcI5kUd4QA==
X-Firefox-Spdy: h2
www.mercadolivre.com.br/product-fe-recommendations/recommendations?site_id=MLB&product_id=MLB17459960&tracking=true&product_details=true&pdp_filters=category:MLB1055&client=pdp_comparator_navigation
403 Forbidden 0 B URL HTTP/2 www.mercadolivre.com.br/product-fe-recommendations/recommendations?site_id=MLB&product_id=MLB17459960&tracking=true&product_details=true&pdp_filters=category:MLB1055&client=pdp_comparator_navigation
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /product-fe-recommendations/recommendations?site_id=MLB&product_id=MLB17459960&tracking=true&product_details=true&pdp_filters=category:MLB1055&client=pdp_comparator_navigation HTTP/1.1
Host: www.mercadolivre.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-card-type,x-image-webp,x-recosplugin-version
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/json;charset=utf-8
content-length: 0
date: Tue, 21 Mar 2023 10:40:17 GMT
server: Tengine
set-cookie: _d2id=41cc47a5-927e-4434-b76b-5f99466a229c-n; Path=/; Domain=.mercadolivre.com.br; Expires=Wed, 20 Mar 2024 10:40:17 GMT
x-envoy-upstream-service-time: 0
x-request-id: 41cc47a5-927e-4434-b76b-5f99466a229c
x-request-device-id: 41cc47a5-927e-4434-b76b-5f99466a229c
x-d2id: 41cc47a5-927e-4434-b76b-5f99466a229c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j6mV2oNUPnXqjPOdyfMMOUcZMCmskry8JqTYwbM-tj78__34OYL7qQ==
X-Firefox-Spdy: h2
www.mercadolivre.com.br/product-fe-recommendations/recommendations?site_id=MLB&product_id=MLB17459960&tracking=true&product_details=true&pdp_filters=category:MLB1055&client=pdp_comparator
403 Forbidden 0 B URL HTTP/2 www.mercadolivre.com.br/product-fe-recommendations/recommendations?site_id=MLB&product_id=MLB17459960&tracking=true&product_details=true&pdp_filters=category:MLB1055&client=pdp_comparator
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /product-fe-recommendations/recommendations?site_id=MLB&product_id=MLB17459960&tracking=true&product_details=true&pdp_filters=category:MLB1055&client=pdp_comparator HTTP/1.1
Host: www.mercadolivre.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-card-type,x-image-webp,x-recosplugin-version
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/json;charset=utf-8
content-length: 0
date: Tue, 21 Mar 2023 10:40:17 GMT
server: Tengine
set-cookie: _d2id=4f1784d3-6970-4bce-95ca-eb6872874d7c-n; Path=/; Domain=.mercadolivre.com.br; Expires=Wed, 20 Mar 2024 10:40:17 GMT
x-envoy-upstream-service-time: 0
x-request-id: 4f1784d3-6970-4bce-95ca-eb6872874d7c
x-request-device-id: 4f1784d3-6970-4bce-95ca-eb6872874d7c
x-d2id: 4f1784d3-6970-4bce-95ca-eb6872874d7c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I7uGRZhYaPD5Edh74sihAPePXqRDNtmpjWYtbZEn3okxzgvzYWP3bA==
X-Firefox-Spdy: h2
www.mercadolivre.com.br/recommendations/?client=pdp-other-domain&limit=20&site_id=MLB&category_id=MLB1055&item_id=MLB1957534435&product_id=MLB17459960&web_device=desktop&min_recomms=2
403 Forbidden 0 B URL HTTP/2 www.mercadolivre.com.br/recommendations/?client=pdp-other-domain&limit=20&site_id=MLB&category_id=MLB1055&item_id=MLB1957534435&product_id=MLB17459960&web_device=desktop&min_recomms=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /recommendations/?client=pdp-other-domain&limit=20&site_id=MLB&category_id=MLB1055&item_id=MLB1957534435&product_id=MLB17459960&web_device=desktop&min_recomms=2 HTTP/1.1
Host: www.mercadolivre.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-card-type,x-image-webp,x-recosplugin-version
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/json;charset=utf-8
content-length: 0
date: Tue, 21 Mar 2023 10:40:17 GMT
server: Tengine
set-cookie: _d2id=7548d273-b2d2-43a5-a0e0-4e12e2993fa5-n; Path=/; Domain=.mercadolivre.com.br; Expires=Wed, 20 Mar 2024 10:40:17 GMT
x-envoy-upstream-service-time: 1
x-request-id: 7548d273-b2d2-43a5-a0e0-4e12e2993fa5
x-request-device-id: 7548d273-b2d2-43a5-a0e0-4e12e2993fa5
x-d2id: 7548d273-b2d2-43a5-a0e0-4e12e2993fa5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 74PqmOoZ6hqU5_zXpCpc5ay-fu6jP6J_C0XifyN7dei_2s_2iSrpJA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 20e0cf109126f01b80e30c2d40549641
db5eb3144ed0ac478abdf10d270f43d9cc391bc8
7f6eed19068600b6276764a56214b719bf5ed441515dec178cb692f401d1fc46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9492
x-amzn-requestid: 812019e6-0484-471d-ba54-235f77118772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CFAazGLQIAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64184778-7f71615e4ddf5c5c4defb735;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 11:46:00 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 6MwWC8zXbVjlYGnG5KGPGVH442GyWuJGnRzKUAyZD2f9AY4dX_SfDQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:13:59 GMT
age: 12379
etag: "db5eb3144ed0ac478abdf10d270f43d9cc391bc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde16c1fb-8973-46d5-a440-8527888510e4.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde16c1fb-8973-46d5-a440-8527888510e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e281be899d3a89992cd1c8493e37f77
5a5d5c6a29abd635879671dbf7607df1baa17d56
70232e33aff51589e751c478c326a4e82473c4d53f049b8b551f9dd1ba11e4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde16c1fb-8973-46d5-a440-8527888510e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5093
x-amzn-requestid: 09c682a3-b2d0-4eb8-ae9a-96ddb8716077
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9mzZFI5IAMFYiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641551af-3651fc21214db65e70caa0cf;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 05:52:47 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ZxN1WqHdI-sRwDsLZToBBzNg0QNsngEjkRSLm3FB4hZ5bM1ag8UTLA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:36:23 GMT
age: 43435
etag: "5a5d5c6a29abd635879671dbf7607df1baa17d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yQgmYjA3RIk8IVzzOoHdYl60H1BO_IeCF_7d7AmTqjuIOxQIS2dyDw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:08:29 GMT
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
age: 45109
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08f2d83ce4f0d9158f2414065924955d
76d9b0d87b9ad6f6b5ec225d46eb04154cf113c5
9d11c0726d38515d1f847423ccccbb7b06b14c65e6776741d30d5f4b5bd9cc39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7714
x-amzn-requestid: 3c48be36-11d4-4e6d-a376-b73f5836ccaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDUuEcXIAMFbUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f51-15606b16594e67e74234c992;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: na9KhnB7kMtkOdmNAGhNQWnuxxpoJf8sONM9JLoDpmgrbRIKeLDY4Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:55:43 GMT
age: 45875
etag: "76d9b0d87b9ad6f6b5ec225d46eb04154cf113c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 50f3a49a3279b7e42772b8348c3355c9
8116d3d0aded7cac519f65cbf17a18a725c1a017
eeed450f7b51b33eaa89632657394ebe03068c7899ee5fc45976fb318a209406
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2033
Cache-Control: max-age=104073
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Etag: "6418752a-1d7"
Expires: Wed, 22 Mar 2023 15:34:51 GMT
Last-Modified: Mon, 20 Mar 2023 15:00:58 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 44217
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00d5824792d2b97182c7fe2f91880eee
75e82060efb997641f24c68ebc70d0828ba90311
bc5e9cf1d7d78b14e595705eee550f5d6acd712feb4b3a9e428ae4ce863edc58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3835
x-amzn-requestid: 8f05ddb5-6a3c-4902-a3a0-f40a9e59394b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI-GjWIAMFTsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-26854db13f914e1579b9e752;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: WSEGu5KEwYTJ7DJjzIPwEKrds20Hogn6oSSiLlFP0DPPnNtKFFGn_Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:54:04 GMT
age: 45974
etag: "75e82060efb997641f24c68ebc70d0828ba90311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/core.js
200 OK 484 B IP
File type ASCII text, with very long lines (1095), with no line terminators
Hash 6e628a3f3eb4614d91617bfc9d4267a9
53131b67d1c933a30908db15fd31dfc14667dff1
b73babbf31eb0dc83fc1ea9b69901a130d14973843fa343825d23756789b189c
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "6e628a3f3eb4614d91617bfc9d4267a9"
x-amz-server-side-encryption: AES256
cache-control: max-age=7200
content-encoding: br
accept-ranges: bytes
content-type: application/javascript
content-length: 484
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6526
Cache-Control: max-age=100302
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:32:00 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
region1.analytics.google.com/g/collect?v=2&tid=G-NDJFKMJ2PD>m=45je33f0&_p=1349829414&_gaz=1&cid=1722803080.1679395220&ul=en-us&sr=1280x1024&_s=1&sid=1679395219&sct=1&seg=0&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&dt=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-NDJFKMJ2PD>m=45je33f0&_p=1349829414&_gaz=1&cid=1722803080.1679395220&ul=en-us&sr=1280x1024&_s=1&sid=1679395219&sct=1&seg=0&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&dt=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NDJFKMJ2PD>m=45je33f0&_p=1349829414&_gaz=1&cid=1722803080.1679395220&ul=en-us&sr=1280x1024&_s=1&sid=1679395219&sct=1&seg=0&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&dt=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-NDJFKMJ2PD&cid=1722803080.1679395220>m=45je33f0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-NDJFKMJ2PD&cid=1722803080.1679395220>m=45je33f0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NDJFKMJ2PD&cid=1722803080.1679395220>m=45je33f0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/feg7VC7CG5w
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/feg7VC7CG5w
IP
Hash 9c47d192b35ae033a754c3a068e3ac75
c9790448f54509fde60d6bc96e14ff340f0442f6
5206b95e3dd339d0f9ebb1d42fd0a56cea32750ea2e79132ba6693ad940ba39c
POST /s/gts1d4/feg7VC7CG5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (40607), with no line terminators
Hash 04651bf0c51742f9007b1ae2b4486dee
6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd
5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11894
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 837CBF75D5764455A084109B547EEB58 Ref B: OSL30EDGE0510 Ref C: 2023-03-21T10:40:18Z
date: Tue, 21 Mar 2023 10:40:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068879806/?random=1679395219700&cv=11&fst=1679395219700&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
200 OK 1.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1068879806/?random=1679395219700&cv=11&fst=1679395219700&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2981), with no line terminators
Hash 99b096c58cb4fd5051a05ca04b192b98
c8700fed6f6c36232a510897f186149d6dec2d10
1f0dc0ab0b4a6b9ceb6390ce01fc042980ec24f316cf78a9a64c99c98969e0b6
GET /pagead/viewthroughconversion/1068879806/?random=1679395219700&cv=11&fst=1679395219700&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1366
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 10:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Tifn6/Z1WZl4nDXygvdmCK7flvoafV4AY/lL5TDtDQQuGh9bEEUjrXPieugKhntURUjdTSZPXVS4lcPFOFQaYA==
content-length: 27907
x-fb-trip-id: 1679558926
date: Tue, 21 Mar 2023 10:40:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064806848/?random=1679395219708&cv=11&fst=1679395219708&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
200 OK 1.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1064806848/?random=1679395219708&cv=11&fst=1679395219708&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (3070), with no line terminators
Hash 990ff434a8235ae6ff57c4c2b3b8afbd
a28e37a29adee4df65c5bc8e829fff0e406037a1
9fd12283eb815babe19c1841175267f32a4e011c95ca4802d0af3bf6c6ef3904
GET /pagead/viewthroughconversion/1064806848/?random=1679395219708&cv=11&fst=1679395219708&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1412
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 10:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064806848/?random=1679395219709&cv=11&fst=1679395219709&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
200 OK 1.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1064806848/?random=1679395219709&cv=11&fst=1679395219709&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (3070), with no line terminators
Hash f9f5a509daef0e5ea680a9989ef0dbc7
62fea6a3569ab89bd496a837cd36eee87f84cc6b
2bab6e429f414a07d2f0449022fcceeb42ad08d1ef7ee2a52393671c56bb07a2
GET /pagead/viewthroughconversion/1064806848/?random=1679395219709&cv=11&fst=1679395219709&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1414
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 10:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9SJ5SBC77UADFMAH8T0&lib=ttq
200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9SJ5SBC77UADFMAH8T0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2361)
Hash 389b25d79cd09999bef0ebe47b5a0bd5
7a9687a6f635998b8d32c6a4d2c5912d36992782
26ed31c751001a5ce9be17c8e11f16d5045290cea538f7ec27552db554a038b6
GET /i18n/pixel/events.js?sdkid=C9SJ5SBC77UADFMAH8T0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2023032110401827B67D9D681A0F40FC30
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b1df072facd817b762c27bdae34c5eb0a3700927d6b26c6f85b3c1daa51d5a775368e5517e9f7dfa10d16b03510b67526b492b096185f6496a12bd4b76510a9a154beadef055bfd11c83aba8e4430655d
content-encoding: gzip
content-length: 1158
x-origin-response-time: 16,23.46.239.63
x-akamai-request-id: 5ddc95fe.25c70c6b
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NJvu3MMIRvdRvLMXSK5MEP1xLj; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-46-239-63.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=16, inner; dur=3
x-parent-response-time: 100,95.101.10.109
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068879806/?random=1679395219703&cv=11&fst=1679395219703&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
200 OK 1.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1068879806/?random=1679395219703&cv=11&fst=1679395219703&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (3070), with no line terminators
Hash 82d2f288aadfbf427efce80d6fb998db
ac916257213e696e3d98a02e8f67618c58050544
12a6494ad0514f4b31cd7fb033cbf4fa97035e9ab79fdd4f78e67f11373af2bd
GET /pagead/viewthroughconversion/1068879806/?random=1679395219703&cv=11&fst=1679395219703&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1413
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 10:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1D2UEHT0U322RQPB500&lib=ttq
200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1D2UEHT0U322RQPB500&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2313)
Hash 337dcb4f153dab1b2c5e4e24b20c5e8d
261b6650d31b610781c58309e1bf7772aa04688e
9b7ca9d9237d097de4924a3c588a3bc46eea3f4cd6466e4234448bb8ca3302f3
GET /i18n/pixel/events.js?sdkid=C1D2UEHT0U322RQPB500&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230321104018F165C843E99F5D020616
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb616c037d177ce59e2a29555d6813ad633746181570543708bb540ffb0052cc407e636b1ed582c32e6cbf245ddcca95d21e0014060b005800bd2a6fc52586114561be315791aab84f8daccaf99300c7b1f
content-encoding: gzip
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
content-length: 1149
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NJvu6T53OPVIpnICn3IJyXq1H3; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
x-origin-response-time: 96,95.101.10.109
x-akamai-request-id: 25c70c76
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068879806/?random=1679395219705&cv=11&fst=1679395219705&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
200 OK 1.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1068879806/?random=1679395219705&cv=11&fst=1679395219705&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (3068), with no line terminators
Hash 5c1982d10967c0644cb8b8c6ae6d2437
6bc938fe707dbbfc012d9e99e92c6947019d51e2
0cec8ae96518856e6414cda9b7ffaab0a49c2f5e9a01423f0a6f1496b7a7efec
GET /pagead/viewthroughconversion/1068879806/?random=1679395219705&cv=11&fst=1679395219705&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&auid=1165750927.1679395220&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1411
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 10:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6592
Cache-Control: max-age=100368
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:33:06 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
tags.creativecdn.com/BhVtiefKBANiHPESGt75.js
200 OK 1.7 kB URL HTTP/2 tags.creativecdn.com/BhVtiefKBANiHPESGt75.js
IP
File type ASCII text, with very long lines (4036), with no line terminators
Hash 7dd71e4b922b44d4a1b639cea2047fcd
31fbab12c76ba11e8f6086ca5c49a31034695db9
2f8a817aca609ee1d1de2ae6be5cbe0d1e186beb66c0cf445304da8f650b1b40
GET /BhVtiefKBANiHPESGt75.js HTTP/1.1
Host: tags.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds8Yun9GD7mXyOShczRFlZryUE6zF8Hvip_xKx4RM1LBaqZMN0lTuSOaL5qj_jIitBlzDUanFsQlTRRkQjnaZKBBMAyqAb9
x-goog-generation: 1676476576712854
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1741
content-encoding: gzip
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1741
server: UploadServer
date: Tue, 21 Mar 2023 10:03:02 GMT
cache-control: public,max-age=0
age: 2236
last-modified: Wed, 15 Feb 2023 15:56:16 GMT
etag: "7dd71e4b922b44d4a1b639cea2047fcd"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NDJFKMJ2PD&cid=1722803080.1679395220>m=45je33f0&aip=1&z=615073586
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NDJFKMJ2PD&cid=1722803080.1679395220>m=45je33f0&aip=1&z=615073586
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NDJFKMJ2PD&cid=1722803080.1679395220>m=45je33f0&aip=1&z=615073586 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C208PQQAIIHA6IQNB1JG&lib=ttq
200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C208PQQAIIHA6IQNB1JG&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2308)
Hash 1ff4b5b6c825385a7207c65d18c9d911
655d41c77f0dfd73090b0d9e631e0753b079954d
69a640dacbf52d21549deaf4f8f777f9b3386d0f7c712c05e55692e12b727f58
GET /i18n/pixel/events.js?sdkid=C208PQQAIIHA6IQNB1JG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202303211040181AB556D83A917746DEB9
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b478918a1cf80021693d95247326d0440cf3ecf99b2c9052fb0d86762ecc5207ca4a9336aacb8eaeb3b48f991ec9e5430a077c7b4db397945697ea493714ba55aa21609ee2e669166bcc29f306e6e1fb3
content-encoding: gzip
content-length: 1144
x-origin-response-time: 6,23.46.239.62
x-akamai-request-id: 342b2173.25c70c89
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-46-239-62.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=6, inner; dur=3
x-parent-response-time: 103,95.101.10.109
X-Firefox-Spdy: h2
api.mercadolibre.com/tracks
200 OK 517 B URL HTTP/2 api.mercadolibre.com/tracks
IP
Hash 0a26067e2c85b8cbca656f6eb8073395
f86de182d9d542dad876353a1368f3d94e3a0d05
228dd23b1b0b78e63e3479f0ef5c308cdee91dc2326b040988a952675ee049e1
POST /tracks HTTP/1.1
Host: api.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3630
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
date: Tue, 21 Mar 2023 10:40:16 GMT
x-api-server-time: 1679395216985
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 782540db-9895-42f3-9f58-1afe7cde655a
x-frame-options: DENY
x-xss-protection: 1; mode=block
access-control-max-age: 86400
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: frMxFD3fYZJ5GXiymMES3JM4szqkz-R53qMDLSSgSmLV9nkIJ54vOA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/lib/main.8b1025ba.js
200 OK 17 kB URL HTTP/2 s.pinimg.com/ct/lib/main.8b1025ba.js
IP
File type ASCII text, with very long lines (57777), with no line terminators
Hash cdc9076a068e07f5162c7bc891af6405
df5e2a69a2d34190d23f5a349e0a67a331f79f8e
3cf3420046d5799bb597c69ff42e34f922f5f61ba3fb22fa297aff837211846f
GET /ct/lib/main.8b1025ba.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "cdc9076a068e07f5162c7bc891af6405"
x-amz-server-side-encryption: AES256
content-encoding: br
accept-ranges: bytes
content-type: application/javascript
content-length: 17364
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1064806848/?random=1679395219709&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=4217891032&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1064806848/?random=1679395219709&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=4217891032&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1064806848/?random=1679395219709&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=4217891032&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1068879806/?random=1679395219700&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1196130284&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1068879806/?random=1679395219700&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1196130284&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1068879806/?random=1679395219700&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1196130284&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1064806848/?random=1679395219708&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2823277680&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1064806848/?random=1679395219708&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2823277680&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1064806848/?random=1679395219708&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2823277680&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=3574
200 OK 83 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=3574
IP
File type ASCII text, with very long lines (44627)
Hash d226ad93d003ac9140539af73972bde5
b3487fe5b92c84e7c948c2da8930df488ebb79de
2b3a92b8d76a6951a69c2a8291b181f735390738d566ecb80028a4d3d768eb61
GET /js/ld/ld.js?a=3574 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:17 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 2cc1557d4389098e4fb0a286d28898b7
412e14d52fb000fe55e919a9aed2d5637c438693
34164b3ca4f0b781bf510f4a9a21cf7c42d2b300d8c7ea949c9f851088e54847
GET /i18n/pixel/static/main.MTE3ZGZjMmFkMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6T53OPVIpnICn3IJyXq1H3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221145329D9E27CA0DC66C0FD94D0
x-tt-trace-host: 012f02cd23070ac00a0817281d5a7a74cf0b29783654be77f90759ecadc4cb8bb137fd4dac0c8f58f3bcb5545a4384d60b9dd421770e9499ec436fccbf366ea74c7334738d6d9d52ccbfffa3062dded125c7acd87b98eadba87c4be5c65c997d76
content-encoding: gzip
content-length: 66119
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
x-akamai-request-id: 25c70d64
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=0&msclkid=N&prodid=MLB1957534435&pagetype=product&ecomm_totalvalue=1854&gc=BRL&ea=ViewContent&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=423215
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=0&msclkid=N&prodid=MLB1957534435&pagetype=product&ecomm_totalvalue=1854&gc=BRL&ea=ViewContent&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=423215
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=0&msclkid=N&prodid=MLB1957534435&pagetype=product&ecomm_totalvalue=1854&gc=BRL&ea=ViewContent&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=423215 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=189FB360A1E26041068EA1BBA0176140; domain=.bing.com; expires=Sun, 14-Apr-2024 10:40:18 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5EEB9479BFE04C94893D061B35268E40 Ref B: OSL30EDGE0510 Ref C: 2023-03-21T10:40:18Z
date: Tue, 21 Mar 2023 10:40:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/feg7VC7CG5w
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/feg7VC7CG5w
IP
Hash 9c47d192b35ae033a754c3a068e3ac75
c9790448f54509fde60d6bc96e14ff340f0442f6
5206b95e3dd339d0f9ebb1d42fd0a56cea32750ea2e79132ba6693ad940ba39c
POST /s/gts1d4/feg7VC7CG5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&p=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&r=<=1419&evt=pageLoad&sv=1&rn=279406
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&p=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&r=<=1419&evt=pageLoad&sv=1&rn=279406
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&p=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&r=<=1419&evt=pageLoad&sv=1&rn=279406 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=044AE0E56639687400F8F23E67CC695C; domain=.bing.com; expires=Sun, 14-Apr-2024 10:40:18 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 603D5958AFBB4796A932BEA66643A272 Ref B: OSL30EDGE0510 Ref C: 2023-03-21T10:40:18Z
date: Tue, 21 Mar 2023 10:40:17 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1068879806/?random=1679395219703&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1610970960&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1068879806/?random=1679395219703&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1610970960&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1068879806/?random=1679395219703&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1610970960&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1068879806/?random=1679395219705&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=663854961&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1068879806/?random=1679395219705&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=663854961&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1068879806/?random=1679395219705&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=663854961&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/21024398.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21024398.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21024398.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF7A033A0F2E4300AE58609369DCAD82 Ref B: OSL30EDGE0510 Ref C: 2023-03-21T10:40:18Z
date: Tue, 21 Mar 2023 10:40:17 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1068879806/?random=1679395219703&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1610970960&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1068879806/?random=1679395219703&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1610970960&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1068879806/?random=1679395219703&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1610970960&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1068879806/?random=1679395219700&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1196130284&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1068879806/?random=1679395219700&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1196130284&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1068879806/?random=1679395219700&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=1196130284&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1068879806/?random=1679395219705&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=663854961&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1068879806/?random=1679395219705&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=663854961&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1068879806/?random=1679395219705&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=663854961&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1064806848/?random=1679395219708&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2823277680&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1064806848/?random=1679395219708&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2823277680&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1064806848/?random=1679395219708&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=1KOPCO7f_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=2823277680&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1064806848/?random=1679395219709&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=4217891032&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1064806848/?random=1679395219709&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=4217891032&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1064806848/?random=1679395219709&cv=11&fst=1679392800000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&label=-JoGCMne_FUQvp_X_QM&frm=0&url=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&tiba=Xiaomi%20Redmi%20Note%2010%20Dual%20SIM%20128%20GB%20lake%20green%206%20GB%20RAM%20%7C%20Parcelamento%20sem%20juros&data=ecomm_prodid%3DMLB1957534435%3Becomm_totalvalue%3D1854%3Becomm_pagetype%3Dproduct&fmt=3&is_vtc=1&random=4217891032&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 10:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.mercadolibre.com/tracks/recommendations
200 OK 111 kB URL HTTP/2 api.mercadolibre.com/tracks/recommendations
IP
File type JSON data\012- , ASCII text, with very long lines (62500)
Size 111 kB (110760 bytes)
Hash 7a26b91b43c140265ebdec11a72be62b
97e9a6a8db63f477e3f86bdf947deaa08ad5a3de
d7976f1b10e21eac210e398ab17631a7e93a3b763fbdae86a2d93133171c9bb9
POST /tracks/recommendations HTTP/1.1
Host: api.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4236
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
date: Tue, 21 Mar 2023 10:40:17 GMT
x-api-server-time: 1679395216982
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 35d3b2d6-15db-4462-9c01-69dfb01642e4
x-frame-options: DENY
x-xss-protection: 1; mode=block
access-control-max-age: 86400
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 16FaJB5nye12Iynaj_kQyHxHcFRLhm5syqxC4MvNlMqv21jjLTNS6Q==
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash fb6593acf6980819b1e523c5b227b9d3
65ee92619d1c809274ae96e3b73d40dfbc2566b9
00d74b2b8ddfef286c1f0985ad3755f5f2198f8dc8ce6a001920d9fc082c4043
GET /i18n/pixel/static/identify_cab4d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221145330D9E27CA0DC66C0FD94DA
x-tt-trace-host: 012f02cd23070ac00a0817281d5a7a74cf0b29783654be77f90759ecadc4cb8bb137fd4dac0c8f58f3bcb5545a4384d60b640e9332326312d6639f7259fcc215b67393ff35c0ddd1454cfcc77b4c1be8e9f6ec824693450e69fde7ecdace525083
content-encoding: gzip
content-length: 30762
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
x-akamai-request-id: 25c70deb
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 897
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202303211040183330E540FADCD3167835
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b1df072facd817b762c27bdae34c5eb0a4df07da15651fde9be0fece0a27e7f7dd0d327a9258929c7ccd30cffab629cecb822bfa81b86339513f208a07ab81c0ef86e6bc94325dbef2b79a01db35bd533
x-origin-response-time: 16,23.46.239.63
x-akamai-request-id: 5ddc9806.25c70e20
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-cache-remote: TCP_MISS from a23-46-239-63.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=16, inner; dur=14
x-parent-response-time: 107,95.101.10.109
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 849e90f2174a6f2a0f1b345990c023b3
8b718e46e5b946ba941feaf769271956a7aed0cf
9a402eb2ff80153a7862eb80e542e7f2c5955f9d254fc1f6406a9ed18093c12c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6011
Cache-Control: max-age=144778
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Etag: "641904a1-1d7"
Expires: Thu, 23 Mar 2023 02:53:16 GMT
Last-Modified: Tue, 21 Mar 2023 01:13:05 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 897
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202303211040189100C9B6AFB8E44F6428
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b5ef2a0948fa97f4ab5428354cf742a98946e400788c8dd48e90d9ba3c170ead9d303f24b596a982af8514b897734e0d4bd88e8aa80dca35f9d2a8ffa078a54bfd9f081202b456cbf32ba637a19181d7c
x-origin-response-time: 16,23.46.239.70
x-akamai-request-id: 17edabb1.25c70e2e
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-cache-remote: TCP_MISS from a23-46-239-70.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=16, inner; dur=14
x-parent-response-time: 110,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 835
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023032110401878640C674A41B1317CF8
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b1df072facd817b762c27bdae34c5eb0a3700927d6b26c6f85b3c1daa51d5a7758b5a87199357f1da92735ab40aff7d14864e2e512410c63d635554230d5991abcf560dd98fb9b41ca0e6306808d51f7f
x-origin-response-time: 21,23.46.239.63
x-akamai-request-id: 5ddc9731.25c70e29
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-cache-remote: TCP_MISS from a23-46-239-63.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=20, inner; dur=16
x-parent-response-time: 116,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 835
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230321104018C7CDD2B91A827921B25C
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b1df072facd817b762c27bdae34c5eb0a953f3cae8ed5bbd9df590b1307c9a8d69577f47dcc75c5257441e172bbbba7b2d402d553bf1b88257ed54529ea21caa9e03b2ff1d4b74572fc05a9a1e2b2e7a4
x-origin-response-time: 21,23.46.239.63
x-akamai-request-id: 5ddc917f.25c70e2f
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-cache-remote: TCP_MISS from a23-46-239-63.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=20, inner; dur=17
x-parent-response-time: 117,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 897
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230321104018EB2E8A84FBFFA16BD29D
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bac2a3d7470a3649d0cdb3ec83715b6dfdb342edb037a776362aec7b9c14577ebabb0c2d0207f88fc3f08f194dfe41b41139469c7620b9a1373f1b5ad3d312e2d983952bc8ad40491d9502ff59f315038
x-origin-response-time: 28,23.46.239.68
x-akamai-request-id: 2ac2e8e6.25c70e33
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-cache-remote: TCP_MISS from a23-46-239-68.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=28, inner; dur=17
x-parent-response-time: 119,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 835
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Cookie: _ttp=2NJvu6ht3NA4x06wAYNlc3IFqcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230321104018E68032676E5711101342
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b5ef2a0948fa97f4ab5428354cf742a9851567d70f10eca9b1b958bff00b6b30edc07bd37ed815c2b8c932c3a5b83b4722cefd3ec4aa84bb2a92c9748d73ef2b95d3d1f7c737120f6eed720fbeb02c1a6
x-origin-response-time: 21,23.46.239.70
x-akamai-request-id: 17eda36b.25c70e38
expires: Tue, 21 Mar 2023 10:40:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:18 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-cache-remote: TCP_MISS from a23-46-239-70.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=21, inner; dur=17
x-parent-response-time: 117,95.101.10.109
X-Firefox-Spdy: h2
us.creativecdn.com/tags/v2?type=json
200 OK 0 B URL HTTP/2 us.creativecdn.com/tags/v2?type=json
IP
ASN #203690 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tags/v2?type=json HTTP/1.1
Host: us.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:18 GMT
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
access-control-allow-headers: content-type
content-length: 0
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22MLB1957534435%22%2C%22product_category%22%3A%22MLB1055%22%7D%5D%7D&tid=2613911516476&cb=1679395221161&dep=5%2CEVENT_TAGS_ABSENT
200 OK 372 B URL HTTP/2 ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22MLB1957534435%22%2C%22product_category%22%3A%22MLB1055%22%7D%5D%7D&tid=2613911516476&cb=1679395221161&dep=5%2CEVENT_TAGS_ABSENT
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043
GET /user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22MLB1957534435%22%2C%22product_category%22%3A%22MLB1055%22%7D%5D%7D&tid=2613911516476&cb=1679395221161&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU0yWTNNekZsTVRZdE56TTVOQzAwWlRFeUxXSTNaVEV0WWpaaU56ZzBNelU0TjJObA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1083079506059332
date: Tue, 21 Mar 2023 10:40:18 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1679395218.2defa3e2
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613911516476&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1679395221158&dep=2%2CPAGE_LOAD
200 OK 372 B URL HTTP/2 ct.pinterest.com/user/?tid=2613911516476&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1679395221158&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043
GET /user/?tid=2613911516476&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1679395221158&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU5tTmtOVFF3TnpJdFlqZGxNaTAwTkRjekxXSTRaRGd0TXpVMFlqQXpZMlJqWldKaw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 4746062853103977
date: Tue, 21 Mar 2023 10:40:18 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1679395218.2defa3fe
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613911516476&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1679395221163
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613911516476&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1679395221163
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613911516476&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1679395221163 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1760717609203224
date: Tue, 21 Mar 2023 10:40:18 GMT
akamai-grn: 0.274f2417.1679395218.2defa59d
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1481750885409598&ev=VIP-CategoryPath&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&rl=&if=false&ts=1679395221380&cd[L1]=MLB1051&cd[L2]=MLB1055&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&fbp=fb.1.1679395221378.1826865941&it=1679395221109&coo=false&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1481750885409598&ev=VIP-CategoryPath&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&rl=&if=false&ts=1679395221380&cd[L1]=MLB1051&cd[L2]=MLB1055&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&fbp=fb.1.1679395221378.1826865941&it=1679395221109&coo=false&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1481750885409598&ev=VIP-CategoryPath&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&rl=&if=false&ts=1679395221380&cd[L1]=MLB1051&cd[L2]=MLB1055&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&fbp=fb.1.1679395221378.1826865941&it=1679395221109&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 21 Mar 2023 10:40:18 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1481750885409598&ev=ViewContent&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&rl=&if=false&ts=1679395221385&cd[content_ids]=%5B%22MLB17459951-product%22%5D&cd[content_type]=product_group&cd[page_type]=PDP&cd[L1]=MLB1051&cd[L2]=MLB1055&sw=1280&sh=1024&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679395221378.1826865941&it=1679395221109&coo=false&eid=bb9532c7-5ac3-4b2c-b123-271a6001e61e-ViewContent&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1481750885409598&ev=ViewContent&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&rl=&if=false&ts=1679395221385&cd[content_ids]=%5B%22MLB17459951-product%22%5D&cd[content_type]=product_group&cd[page_type]=PDP&cd[L1]=MLB1051&cd[L2]=MLB1055&sw=1280&sh=1024&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679395221378.1826865941&it=1679395221109&coo=false&eid=bb9532c7-5ac3-4b2c-b123-271a6001e61e-ViewContent&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1481750885409598&ev=ViewContent&dl=https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html&rl=&if=false&ts=1679395221385&cd[content_ids]=%5B%22MLB17459951-product%22%5D&cd[content_type]=product_group&cd[page_type]=PDP&cd[L1]=MLB1051&cd[L2]=MLB1055&sw=1280&sh=1024&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679395221378.1826865941&it=1679395221109&coo=false&eid=bb9532c7-5ac3-4b2c-b123-271a6001e61e-ViewContent&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 21 Mar 2023 10:40:18 GMT
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22MLB1957534435%22%2C%22product_category%22%3A%22MLB1055%22%7D%5D%7D&tid=2613911516476&cb=1679395221500&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22MLB1957534435%22%2C%22product_category%22%3A%22MLB1055%22%7D%5D%7D&tid=2613911516476&cb=1679395221500&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22MLB1957534435%22%2C%22product_category%22%3A%22MLB1055%22%7D%5D%7D&tid=2613911516476&cb=1679395221500&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Flcnjottagr7-wixsite-com.filesusr.com%2Fhtml%2F840e9e_f65e770dcadbddfc30424e95668ff274.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
referrer-policy: origin
x-pinterest-rid: 1263028978882850
date: Tue, 21 Mar 2023 10:40:18 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZON2tYZmYrTktFVERGQWFwTGh5SGtDQ1c4NXhiKytEY1crU0NsNmNPVXdsQUJKbzVlSmdJR1ZIWndZS1VmTlpDUU51bi9IS0VGcEltbklXeVRDK21FeTFqV3NDWTFtanU2SGx1UDFzanFzND0mQTJ6YnFVdGhwWTNKRFhOMHNvZGxaT1RSZjcwPQ=="; Expires=Wed, 20 Mar 2024 10:40:18 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1679395218.2defa5e7
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a49520022c09b30af5561def37504c1e
a24e2ffb61958ec9f8ec5c3472bb9500b27d3353
46ffa457d3584550e25ab42b9744dbb29e0b44037d03b595f7408089215ba598
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Last-Modified: Tue, 21 Mar 2023 09:00:14 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 5027360350696969
date: Tue, 21 Mar 2023 10:40:18 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1679395218.2defa665
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 02084dc65c4e4572378d5ef9da1c1415
254968fdadbc064f3000d1ce98492a9f2df691cf
1f0e28598f8ee60e8edac804622a21f060fa1d16bde31bd873fc9d19e4ebb6ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Last-Modified: Tue, 21 Mar 2023 10:05:12 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 02084dc65c4e4572378d5ef9da1c1415
254968fdadbc064f3000d1ce98492a9f2df691cf
1f0e28598f8ee60e8edac804622a21f060fa1d16bde31bd873fc9d19e4ebb6ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4807
Cache-Control: max-age=160827
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:18 GMT
Etag: "64194806-13a"
Expires: Thu, 23 Mar 2023 07:20:45 GMT
Last-Modified: Tue, 21 Mar 2023 06:00:38 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?topUrl=lcnjottagr7-wixsite-com.filesusr.com&origin=onetag
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=lcnjottagr7-wixsite-com.filesusr.com&origin=onetag
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash c09d13292bc5ce239a3a223445bed4f7
c5fe62da739db0cc99cf16af1c309286f3916673
aee6bd52fe4fe4a5379a39cc689f36a6e3e49490884d84e995388727f9bee0b5
GET /syncframe?topUrl=lcnjottagr7-wixsite-com.filesusr.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:17 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=456bd46b-c794-4926-bb2e-6ad9aa682f5a; expires=Sun, 14 Apr 2024 10:40:17 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 342880
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
us.creativecdn.com/tags/v2?type=json
307 Temporary Redirect 0 B URL HTTP/2 us.creativecdn.com/tags/v2?type=json
IP
ASN #203690 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tags/v2?type=json HTTP/1.1
Host: us.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Content-Length: 309
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 21 Mar 2023 10:40:18 GMT
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=cwdu6UnUhMOpHcSG8Tk7;Path=/;Domain=.creativecdn.com;Expires=Wed, 20-Mar-2024 10:40:18 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1679395218;Path=/;Domain=.creativecdn.com;Expires=Wed, 20-Mar-2024 10:40:18 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
content-length: 0
X-Firefox-Spdy: h2
us.creativecdn.com/tags/v2?type=json&tc=1
200 OK 0 B URL HTTP/2 us.creativecdn.com/tags/v2?type=json&tc=1
IP
ASN #203690 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tags/v2?type=json&tc=1 HTTP/1.1
Host: us.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:19 GMT
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
access-control-allow-headers: content-type
content-length: 0
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 40 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 104c2ec8b05596df5cb46b82019c9a45
586e694691ab7fe63707e9fc7f79a272885f0ae1
a94807f9f93ba093073238cf78e77455e88de5e38cca1b90a081f9220a2621e2
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 90378
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
us.creativecdn.com/tags/v2?type=json&tc=1
204 No Content 0 B URL HTTP/2 us.creativecdn.com/tags/v2?type=json&tc=1
IP
ASN #203690 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tags/v2?type=json&tc=1 HTTP/1.1
Host: us.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 309
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 862faced01a7434b1c4c563d91ec523f
615d8fc4be95cbb94508c2e891c342ea5db1ffeb
fc0537ac55b0e2f287b8a27638e7a122d81a10548b083e0c2b8e189bee7b383f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:19 GMT
Last-Modified: Tue, 21 Mar 2023 08:51:25 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Tue, 21 Mar 2023 11:28:15 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15290
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14882
Expires: Tue, 21 Mar 2023 14:48:21 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Tue, 21 Mar 2023 11:28:15 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8520
Expires: Tue, 21 Mar 2023 13:02:19 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12995
Expires: Tue, 21 Mar 2023 14:16:54 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15290
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15290
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15290
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15290
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e2281cccb4eaff498218cb2e3233776d
ecb9bb2e33bfc0c0cf0a69d827e6bf7d6d0d6e10
f487e24729710d69df876dad05c9d2cd4a030b94cdd816637dfcee6051f55cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F487E24729710D69DF876DAD05C9D2CD4A030B94CDD816637DFCEE6051F55CC9"
Last-Modified: Mon, 20 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8192
Expires: Tue, 21 Mar 2023 12:56:51 GMT
Date: Tue, 21 Mar 2023 10:40:19 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-QMGWyykAHY7ySO5uxq8E4L-7_TvRlix97KFS2g
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-QMGWyykAHY7ySO5uxq8E4L-7_TvRlix97KFS2g
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-QMGWyykAHY7ySO5uxq8E4L-7_TvRlix97KFS2g HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Tue, 21 Mar 2023 10:40:19 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:40:19 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 461392
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d9a2c0701984ba66270e82df7c1e3b39
a0317a3e709a15ac57af50163ab656e7bb2de5ea
8e2371582dd835e5e1c51aad62fcd58ba13e28afecd6768e23d64a3fde824c04
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm=&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ&google_tc=
date: Tue, 21 Mar 2023 10:40:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 10:55:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-LZf40ikAHY7ySO5uxq8E4L-7_TuLEF2ekgTcpA
200 OK 237 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-LZf40ikAHY7ySO5uxq8E4L-7_TuLEF2ekgTcpA
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 74378edf31ef26cd97c236ad08d05fa3
fdd52cdbf193d1dfd1031978667689f3414b49ed
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
GET /cksync.php?cs=3&type=crt&ovsid=k-LZf40ikAHY7ySO5uxq8E4L-7_TuLEF2ekgTcpA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 237
content-type: image/gif
set-cookie: visitor-id=3223968193580240000V10; Expires=Wed, 20 Mar 2024 10:40:19 GMT; domain=.media.net; Path=/;
data-c-ts=1679395219;Expires=Thu, 20 Apr 2023 10:40:19 GMT;path=/;domain=.media.net;
data-c=k-LZf40ikAHY7ySO5uxq8E4L-7_TuLEF2ekgTcpA~~3;Expires=Thu, 20 Apr 2023 10:40:19 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Tue, 21 Mar 2023 10:40:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:19 GMT
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-9qXFqCkAHY7ySO5uxq8E4L-7_TtqyglnlT3C5w
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-9qXFqCkAHY7ySO5uxq8E4L-7_TtqyglnlT3C5w
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-9qXFqCkAHY7ySO5uxq8E4L-7_TtqyglnlT3C5w HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.10
content-length: 23
expires: Tue, 21 Mar 2023 10:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 10:40:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f7cdda0a50c9373619534f721e3fa839
50f3f9ebc144172526dc347bdd6cf87ecf00fbe2
373ecbde815717f7870b1bede265d8e54f7af09fa53ca19767dd105ee8c83946
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5453
Cache-Control: max-age=158271
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "64193b86-1d7"
Expires: Thu, 23 Mar 2023 06:38:11 GMT
Last-Modified: Tue, 21 Mar 2023 05:07:18 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm=&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm=&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ab2ad6ed3ec23e40c8215eacfc7cbc28
229eab67e59bcb2c056df1a63f30d172d59d06cc
98cd36e24838eccb82a84192d772f57591180eb7887a5617ed1ff26606a3d1d7
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_cm=&google_hm=ay1vaFAwR2lrQUhZN3lTTzV1eHE4RTRMLTdfVHNwNVktTHQybENRUQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_error=3
date: Tue, 21 Mar 2023 10:40:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 10:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: d3703d2e-a77e-48ed-9fff-7d49fd6b4cd2
Set-Cookie: uuid2=5188463231841483201; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Jun-2023 10:40:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lvUCkSkAHY7ySO5uxq8E4L-7_TuAN1bP5---GQ&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lvUCkSkAHY7ySO5uxq8E4L-7_TuAN1bP5---GQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-lvUCkSkAHY7ySO5uxq8E4L-7_TuAN1bP5---GQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
secure.adnxs.com/setuid?entity=52&code=k-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/setuid?entity=52&code=k-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=52&code=k-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 10:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ
AN-X-Request-Uuid: 3544c53d-0b74-4402-a9ea-68f2d38f32b3
Set-Cookie: uuid2=8064395075494759860; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Jun-2023 10:40:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 44842c13a6dc50212231f202fb269958
68d70032fff3b4b012f683c4e47d649bc3acbf73
30d5a2dfab28c6d7e07ef93d0914457a1eb51128f39b7ec33d6d07fbcd4e4fc0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30D5A2DFAB28C6D7E07EF93D0914457A1EB51128F39B7EC33D6D07FBCD4E4FC0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17844
Expires: Tue, 21 Mar 2023 15:37:44 GMT
Date: Tue, 21 Mar 2023 10:40:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash a2dfb44f1016fb3a6bec735a928a6cd2
a86ebae4010a7fc51ec544d1541bcd5ca5150a43
ffa0656f87a8426eb3c295239326457cc14217c940bd4889726d79cfbc457674
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6559
Cache-Control: max-age=94232
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "64183d0e-1d7"
Expires: Wed, 22 Mar 2023 12:50:52 GMT
Last-Modified: Mon, 20 Mar 2023 11:01:34 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
id5-sync.com/s/966/9.gif?puid=k-U48IWCkAHY7ySO5uxq8E4L-7_TuiNkqgI1JU1Q
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-U48IWCkAHY7ySO5uxq8E4L-7_TuiNkqgI1JU1Q
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-U48IWCkAHY7ySO5uxq8E4L-7_TuiNkqgI1JU1Q HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Tue, 21-Mar-2023 10:45:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Tue, 21-Mar-2023 10:45:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Tue, 21-Mar-2023 10:45:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Tue, 21-Mar-2023 10:45:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Tue, 21-Mar-2023 10:45:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Tue, 21-Mar-2023 10:45:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Tue, 21 Mar 2023 10:40:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:40:20 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJSJGWQCEJM18hPu43uhKN617eo6OucFEgEBAQHbGmQjZAAAAAAA_eMAAA&S=AQAAAgLHfLQwFZPrlDQ_6D_vlI0; Expires=Wed, 20 Mar 2024 16:40:20 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 10:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: a0566e19-da97-4295-b716-e83140e7bb47
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash b6179d7b7654b5569579d3eba8821d8f
ab4d9f98aba8e8b20e7f1ac962059d675a251438
8c9618abfb910332c26752ec52bf5df85b480b95a4e01c064f69ae12676f9a61
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 10:40:20 GMT
Last-Modified: Tue, 21 Mar 2023 08:50:31 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nVNqqIMkbtxzMB5pg0SmzHKozsxSFoy3hIeeY1gn53UvKoSqXvLE1Q==
Age: 6589
secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-fCn-0SkAHY7ySO5uxq8E4L-7_TtLVoyRop9NUQ HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 10:40:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c8665cdb-2e14-48e2-97b5-701bdc690786
Set-Cookie: anj=dTM7k!M4/rCxrEQF']wIg2GTtkuVMX!]tbPl@/D!9hy6]/Cr.S6Ha9P6<?m-id'CkmrFggi+.BS<*XojYw7[6cK:7Tcx]pr>lmL/F.-C?*bpRz*qF1`*b`yc+AVZ.; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Jun-2023 10:40:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e2281cccb4eaff498218cb2e3233776d
ecb9bb2e33bfc0c0cf0a69d827e6bf7d6d0d6e10
f487e24729710d69df876dad05c9d2cd4a030b94cdd816637dfcee6051f55cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F487E24729710D69DF876DAD05C9D2CD4A030B94CDD816637DFCEE6051F55CC9"
Last-Modified: Mon, 20 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8191
Expires: Tue, 21 Mar 2023 12:56:51 GMT
Date: Tue, 21 Mar 2023 10:40:20 GMT
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-tlIDQikAHY7ySO5uxq8E4L-7_TvhpnGs7H0v7Q&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 10:40:20 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJSJGWQCEM6xfkvFR75IlAykJIs7dNkFEgEBAQHbGmQjZAAAAAAA_eMAAA&S=AQAAAgphKHcAXAqc-knTJ8uZySM; Expires=Wed, 20 Mar 2024 16:40:20 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash a14415b7f1558fb6b09cbb98adcd02b0
9fd9864c0a76772202e9157d8d8d4bfdc897630f
d7c78b6f1e68a40a4e80f0e59ea83f27522da3b23baf5a4ffac81f7d790824d8
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152444
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "64192bf0-1d7"
Expires: Thu, 23 Mar 2023 05:01:04 GMT
Last-Modified: Tue, 21 Mar 2023 04:00:48 GMT
Server: ECAcc (nya/1C1E)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: enmG3Uf_hiw4hNE-sKrdTXJiXnmA4Md-QAw90Xp-vx5P4FcveWGHTg==
Age: 3616
eb2.3lift.com/xuid?mid=2711&xuid=k-ndtx4CkAHY7ySO5uxq8E4L-7_TutYUX7li6yqg&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-ndtx4CkAHY7ySO5uxq8E4L-7_TutYUX7li6yqg&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-ndtx4CkAHY7ySO5uxq8E4L-7_TutYUX7li6yqg&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash c3cbd67cdb8567c010ec763a36ad6fc3
fd40f7f62a70270dd6cf4b756d1a376c20553a6c
9a6c5a32e10fc98dffc2c16c950718fefdcb0c84cb3400cd83191a7c668df095
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 10:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 01:56:51 GMT
Expires: Sat, 25 Mar 2023 01:56:50 GMT
Etag: "fd40f7f62a70270dd6cf4b756d1a376c20553a6c"
Cache-Control: max-age=313589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab5937d4bf5b524-OSL
ocsp.digicert.com/
200 OK 312 B IP
Hash 9ce86fbf4606b2e8f0d32de6c6aa924a
373e097c8d2a4801b740f0276b1a9319f4d86480
217946ac054e7b56420cf2a4d99f89e7a1a1fcfec5f52c6779bcded1bd05991c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3615
Cache-Control: max-age=153883
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "64193190-138"
Expires: Thu, 23 Mar 2023 05:25:03 GMT
Last-Modified: Tue, 21 Mar 2023 04:24:48 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 312
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 757d018cb3865bfdbf076c5dfe75a2ca
e2c9e8a77bc7f01fcea91942e0c8c090c0b8a095
19d955a2697526fca2f9d41ac1ae692f6967f41b22e6a1c6bf9ed3768340c753
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 10:40:20 GMT
Last-Modified: Tue, 21 Mar 2023 09:27:15 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JSKGl0GiMnwEy-Dnen9Ze1v4_JnJBayJKUcnHidW__NjM4itODK47Q==
Age: 4385
x.bidswitch.net/sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:40:20 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=51139452-6d5d-4167-94ce-f5b5511157ca; path=/; expires=Wed, 20-Mar-2024 10:40:20 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679395220; path=/; expires=Wed, 20-Mar-2024 10:40:20 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1679395220; path=/; expires=Wed, 20-Mar-2024 10:40:20 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679395220; path=/; expires=Wed, 20-Mar-2024 10:40:20 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash bd6dd1e4145b102be0605c7bf73510de
aea2d5be6f1da68a4ecf30d18742ec2105576bfb
dd3903d5020665dc5e85aa0dcce1da29f7ab6cf796be44759e07795e53c2987b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5215
Cache-Control: max-age=170595
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "64196c98-1d7"
Expires: Thu, 23 Mar 2023 10:03:35 GMT
Last-Modified: Tue, 21 Mar 2023 08:36:40 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-QA_ocSkAHY7ySO5uxq8E4L-7_TtBPsu12UODrQ
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-QA_ocSkAHY7ySO5uxq8E4L-7_TtBPsu12UODrQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-QA_ocSkAHY7ySO5uxq8E4L-7_TtBPsu12UODrQ HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 10:40:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8985a972c00f9f53b82336f5eba2a27d
a3b08130ee04b846718f40c6fe5222cc38a84c92
e687a038ca84c19c9346b0c5a66d17453d343b11265843739939c08d136027fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Last-Modified: Tue, 21 Mar 2023 08:55:16 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash bafe79c3c0bdc2d7714dd82a6af942a6
f369b5b8376e5a0ade8be5ad5aa515d67153d067
af7f34990631dfcf2fb64a41cae2e2cc42e934764813494f4113fc34c543640f
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140123
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "6418feef-1d7"
Expires: Thu, 23 Mar 2023 01:35:43 GMT
Last-Modified: Tue, 21 Mar 2023 00:48:47 GMT
Server: ECAcc (nya/790B)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: C6zo5qalg2EihXefkFcpkSBCv8YPeiYy5IdtPYYwvRy13FcHB1GFng==
Age: 2816
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-XMQb6SkAHY7ySO5uxq8E4L-7_TuwrfaTx51Cmw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Yz-N1CkAHY7ySO5uxq8E4L-7_TuVD1zp-M-2AA
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Yz-N1CkAHY7ySO5uxq8E4L-7_TuVD1zp-M-2AA
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-Yz-N1CkAHY7ySO5uxq8E4L-7_TuVD1zp-M-2AA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Tue, 21 Mar 2023 10:40:20 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=6581394807201194150; expires=Sun, 21 Apr 2024 10:40:20 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 21 Apr 2024 10:40:20 GMT; domain=smartadserver.com; path=/
csync=79:k-Yz-N1CkAHY7ySO5uxq8E4L-7_TuVD1zp-M-2AA; expires=Thu, 21 Mar 2024 10:40:20 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ad.yieldlab.net/m?dt_id=8664&ext_id=k-2o2R9CkAHY7ySO5uxq8E4L-7_TssdXAgiIMMYQ
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-2o2R9CkAHY7ySO5uxq8E4L-7_TssdXAgiIMMYQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-2o2R9CkAHY7ySO5uxq8E4L-7_TssdXAgiIMMYQ HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-application-context: application
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Mon, 20 Mar 2023 10:40:20 GMT
Date: Tue, 21 Mar 2023 10:40:20 GMT
Connection: keep-alive
Set-Cookie: id=53e5719c-db6b-456a-a5c8-5b1822ec7bd1; Path=/; Domain=prod.svc.y6b.de; Expires=Wed, 20-Mar-2024 10:40:20 GMT; Max-Age=31536000; Secure; SameSite=None
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 10:40:19 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA&KRTB&23144-uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA&KRTB&23286-uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA&KRTB&23287-uid:k-9h3GFSkAHY7ySO5uxq8E4L-7_TsnWM9wLuuKEA; domain=pubmatic.com; secure; expires=Thu, 20-Apr-2023 10:40:19 GMT; path=/
PugT=1679395219; domain=pubmatic.com; secure; expires=Thu, 20-Apr-2023 10:40:19 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v046-0ff0e17f0.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=72336311931458211024393743462021338865; Max-Age=15552000; Expires=Sun, 17 Sep 2023 10:40:20 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TPhxN+TFQ2c=
Content-Length: 0
Connection: keep-alive
status.thawte.com/
200 OK 471 B IP
Hash ac6e734bd85624156a1512ab7a8e1b4d
ec3bbd801b4fc49db898268dc9daa9782fb6a4cf
612d8a40f3b521e828cea72ffb73fdf856cd985cc67b3dd2f5cf4aabc206a1f5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "6418be72-1d7"
Last-Modified: Tue, 21 Mar 2023 09:10:32 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 4cdb361203728ad14e834b1067a14a31
f3efa54f73671a48a7293c89bc06afae4492ed45
46e1c58081d4456a896e14b5f7b6f8fa3c4c297f9f0d0dfc4c96204c07653621
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125842
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "6418cdcb-1d7"
Expires: Wed, 22 Mar 2023 21:37:42 GMT
Last-Modified: Mon, 20 Mar 2023 21:19:07 GMT
Server: ECAcc (bsa/EA9A)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pEBO--rWEAbN1dlH16cdqcRLFEE19GMo_TkVK8CbQhYl-F_wvcitTw==
Age: 1115
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og
set-cookie: tuuid=715bec1b-b66b-4440-b050-b7aa449b2b5e; Expires=Mon, 19 Jun 2023 10:40:20 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1679395220; Expires=Mon, 19 Jun 2023 10:40:20 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v046-0decf6b17.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: yFxkRK1KSCc=
Content-Length: 59
Connection: keep-alive
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_error=3
200 OK 514 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d327ab59956e2ffebfa93f1f2759fb24
64aeb4cf2a77dd7b797555bd9fc23e6b0dc30ae7
595fe6899f5d985d9d453b89c3ef55098ca4875e8c8a1b64ec3da3f3d2303327
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ohP0GikAHY7ySO5uxq8E4L-7_Tsp5Y-Lt2lCQQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:19 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 111629
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 3b7e00d3365427eac621f1aea7e8539b
1ad3108bb6b40e9695f5277c6959bf151e5dcf1a
78a5728289113e31896141c358045c9dee0b3fc3697702b9b8eca5584cbf2ece
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "6418b328-1d7"
Last-Modified: Tue, 21 Mar 2023 09:56:04 GMT
Server: ECAcc (bsa/EAF6)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WEsG1oOslkTTJs6QLRfsr2JGX3PIzh_IFupKPbHpdfikVZbl8F-nNg==
Age: 2656
sync-criteo.ads.yieldmo.com/sync?id=k-S8KoSCkAHY7ySO5uxq8E4L-7_Ts6AW6Ptn13EA&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-S8KoSCkAHY7ySO5uxq8E4L-7_Ts6AW6Ptn13EA&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-S8KoSCkAHY7ySO5uxq8E4L-7_Ts6AW6Ptn13EA&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g4327b3e0f44ee95dbc2%7C1679395220412%7C0%7C; Domain=.yieldmo.com; Expires=Wed, 20-Mar-2024 10:40:20 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-S8KoSCkAHY7ySO5uxq8E4L-7_Ts6AW6Ptn13EA; Domain=ads.yieldmo.com; Expires=Wed, 20-Mar-2024 10:40:20 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-svLxYikAHY7ySO5uxq8E4L-7_Tt78-8zHvf8Og HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:40:20 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 387014
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-y_g3eCkAHY7ySO5uxq8E4L-7_TsOkbvYwX8kig
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-y_g3eCkAHY7ySO5uxq8E4L-7_TsOkbvYwX8kig
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-y_g3eCkAHY7ySO5uxq8E4L-7_TsOkbvYwX8kig HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=50e722b43013009cfed1654b9660a6c6; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 10:40:20 GMT
content-length: 49
x-envoy-upstream-service-time: 8
server: ayl-lb-fra02
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-LyMtiykAHY7ySO5uxq8E4L-7_TukAXV9pIsEmA&initiator=partner
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-LyMtiykAHY7ySO5uxq8E4L-7_TukAXV9pIsEmA&initiator=partner
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-LyMtiykAHY7ySO5uxq8E4L-7_TukAXV9pIsEmA&initiator=partner HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 10:40:20 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 0dd85fac49e4e77d3f2ecdd7703ef229
ocsp.digicert.com/
200 OK 471 B IP
Hash aa376176080625d9de098842c0435599
4feaa1cc55de1761f3a1752d0ce7c43656c2ffdf
df8e740fa3c5c9eccc9b5deb2736215d18d386924277d4e448efa3908b56586c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2087
Cache-Control: max-age=128235
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "6418d358-1d7"
Expires: Wed, 22 Mar 2023 22:17:35 GMT
Last-Modified: Mon, 20 Mar 2023 21:42:48 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 10:40:20 GMT
set-cookie: _kuid_=PcpnFCgm; Expires=Sun, 17-Sep-23 10:40:20 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n021-dub-prod.krxd.net
x-request-time: D=29 t=1679395220
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:40:20 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 253636
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e0d2e4196adab6e1d1ceebeac9b86aec
fd6e4f14b56ef90454216e154b6d0427754f10bc
fa5d21277cdc562fcc0b5b66c6ce75d1fed73274c38a1edb2c9e3052da635503
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5403
Cache-Control: max-age=103463
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 10:40:20 GMT
Etag: "641865a0-1d7"
Expires: Wed, 22 Mar 2023 15:24:43 GMT
Last-Modified: Mon, 20 Mar 2023 13:54:40 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
cm.adform.net/pixel?adform_pid=15&adform_pc=k-srxy9ykAHY7ySO5uxq8E4L-7_Ts5iKxCKyE9mQ
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-srxy9ykAHY7ySO5uxq8E4L-7_Ts5iKxCKyE9mQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-srxy9ykAHY7ySO5uxq8E4L-7_Ts5iKxCKyE9mQ HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 22 May 2018 12:14:37 GMT
etag: "5b0409ad-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 7b842bbc5341cdc2da5bff3a5727ddc3
f4cecc0a6f803957a22d37374012606db37867fa
e1d480102591c40dcce5271655fd834cd53e7cea3e509635d0025095a2a5ed51
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "E1D480102591C40DCCE5271655FD834CD53E7CEA3E509635D0025095A2A5ED51"
Last-Modified: Tue, 21 Mar 2023 02:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3583
Expires: Tue, 21 Mar 2023 11:40:04 GMT
Date: Tue, 21 Mar 2023 10:40:21 GMT
Connection: keep-alive
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng
302 Found 0 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 21 Mar 2023 10:40:21 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=ZBmJlQyT29luGeHjdA5gGQAA; Path=/; Domain=casalemedia.com; Expires=Wed, 20 Mar 2024 10:40:21 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4358; Path=/; Domain=casalemedia.com; Expires=Mon, 19 Jun 2023 10:40:21 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4358; Path=/; Domain=casalemedia.com; Expires=Mon, 19 Jun 2023 10:40:21 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:21 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: c7754920-c7d4-11ed-aa60-0000ac1702e3
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng&C=1
200 OK 43 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-MOv1yCkAHY7ySO5uxq8E4L-7_Tt4ZOvX89J2ng&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 10:40:21 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bf8c2d17e3f842a466319caac06e4b31
cd555d76c2fc693417f0f55d057ecd858b27f9b1
a6bf0f4896141b253de742fc5eab24f1d02e7db114f1db71f0efa878e89938cb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 21 Mar 2023 10:40:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 20 Mar 2023 21:53:07 GMT
Expires: Tue, 21 Mar 2023 21:53:07 GMT
ETag: "cd555d76c2fc693417f0f55d057ecd858b27f9b1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
bat.bing.com/actionp/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=0&msclkid=N&evt=pageHide
204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=0&msclkid=N&evt=pageHide
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=21024398&Ver=2&mid=02f29adb-d36f-4ef4-9fd0-eb470164dd49&sid=c762b4f0c7d411edbeec09fab3764988&vid=c762c910c7d411edaad6419f114cc681&vids=0&msclkid=N&evt=pageHide HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2ED6E338FBE269BF2670F1E3FA176809; domain=.bing.com; expires=Sun, 14-Apr-2024 10:40:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FE0FB129EB5455E945E8C53A9A690B6 Ref B: OSL30EDGE0510 Ref C: 2023-03-21T10:40:23Z
date: Tue, 21 Mar 2023 10:40:22 GMT
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=3574&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26ci%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3DMLB1957534435&p3=e%3Ddis&adce=1&bundle=_ZjaaV94MkVvZUVOZVFkUHBjcEh1WGVtQnBjWnFlbkRUaW1FZVRXNmZ5V1VwYmZTMmZVNTFMWmR4ZGxKWDklMkYlMkI0M0NDVmVnSDBpenBnUGF4bDVRMG9SQnNPbTZKSkhmT3pJclMlMkJZQzA0ZURtWUFaTWI0MDF5RzMyR2JXa1RQenhaRXhPckpkQzdTUGtoOGY2dE0lMkIyNVVVeHh5QSUzRCUzRA&tld=filesusr.com&dy=1&fu=https%253A%252F%252Flcnjottagr7-wixsite-com.filesusr.com%252Fhtml%252F840e9e_f65e770dcadbddfc30424e95668ff274.html&dtycbr=94867
200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=3574&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26ci%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3DMLB1957534435&p3=e%3Ddis&adce=1&bundle=_ZjaaV94MkVvZUVOZVFkUHBjcEh1WGVtQnBjWnFlbkRUaW1FZVRXNmZ5V1VwYmZTMmZVNTFMWmR4ZGxKWDklMkYlMkI0M0NDVmVnSDBpenBnUGF4bDVRMG9SQnNPbTZKSkhmT3pJclMlMkJZQzA0ZURtWUFaTWI0MDF5RzMyR2JXa1RQenhaRXhPckpkQzdTUGtoOGY2dE0lMkIyNVVVeHh5QSUzRCUzRA&tld=filesusr.com&dy=1&fu=https%253A%252F%252Flcnjottagr7-wixsite-com.filesusr.com%252Fhtml%252F840e9e_f65e770dcadbddfc30424e95668ff274.html&dtycbr=94867
IP
GET /event?a=3574&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26ci%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3DMLB1957534435&p3=e%3Ddis&adce=1&bundle=_ZjaaV94MkVvZUVOZVFkUHBjcEh1WGVtQnBjWnFlbkRUaW1FZVRXNmZ5V1VwYmZTMmZVNTFMWmR4ZGxKWDklMkYlMkI0M0NDVmVnSDBpenBnUGF4bDVRMG9SQnNPbTZKSkhmT3pJclMlMkJZQzA0ZURtWUFaTWI0MDF5RzMyR2JXa1RQenhaRXhPckpkQzdTUGtoOGY2dE0lMkIyNVVVeHh5QSUzRCUzRA&tld=filesusr.com&dy=1&fu=https%253A%252F%252Flcnjottagr7-wixsite-com.filesusr.com%252Fhtml%252F840e9e_f65e770dcadbddfc30424e95668ff274.html&dtycbr=94867 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:19 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 26621124
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=tXWzdF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hwOXpGJTJGZG5hSDVVM1BPS1hxZnRYNHF1cFl2M3RvcFlneENya0M2MlglMkJP
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HgyNa180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hwOXpGJTJGZG5hSDVVM1BPS1hxZnRYNU1IanNxZUIzSmFhcnBpd09xUnptdA; expires=Sun, 14 Apr 2024 10:40:18 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 195767
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-i98BLykAHY7ySO5uxq8E4L-7_TtL4cKT5Ioaa_3CS0BUPhCw
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-i98BLykAHY7ySO5uxq8E4L-7_TtL4cKT5Ioaa_3CS0BUPhCw
IP
GET /usersync/push?partner=criteo&partnerId=k-i98BLykAHY7ySO5uxq8E4L-7_TtL4cKT5Ioaa_3CS0BUPhCw HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22c6e14680-c7d4-11ed-838b-afe4b170137b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 04 Apr 2023 10:40:20 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22c6e14680-c7d4-11ed-838b-afe4b170137b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 04 Apr 2023 10:40:20 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22c6e14680-c7d4-11ed-838b-afe4b170137b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 04 Apr 2023 10:40:20 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22c6e14680-c7d4-11ed-838b-afe4b170137b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 04 Apr 2023 10:40:20 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-i98BLykAHY7ySO5uxq8E4L-7_TtL4cKT5Ioaa_3CS0BUPhCw%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Tue, 04 Apr 2023 10:40:20 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-BJu3mykAHY7ySO5uxq8E4L-7_TsiQYzVNWKjxw
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-BJu3mykAHY7ySO5uxq8E4L-7_TsiQYzVNWKjxw
IP
GET /sync?UICR=k-BJu3mykAHY7ySO5uxq8E4L-7_TsiQYzVNWKjxw HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:20 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
set-cookie: tvid=377ccdaaec5147f9a4867c7758e5450e; Domain=.tremorhub.com; Expires=Wed, 20-Mar-2024 16:28:40 GMT; Path=/; Secure; SameSite=None
tv_UICR=k-BJu3mykAHY7ySO5uxq8E4L-7_TsiQYzVNWKjxw; Domain=.tremorhub.com; Expires=Thu, 20-Apr-2023 10:40:20 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
api.mercadolibre.com/tracks
400 Bad Request 0 B URL HTTP/2 api.mercadolibre.com/tracks
IP
POST /tracks HTTP/1.1
Host: api.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1717
Origin: https://lcnjottagr7-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://lcnjottagr7-wixsite-com.filesusr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: application/json;charset=UTF-8
date: Tue, 21 Mar 2023 10:40:16 GMT
x-api-server-time: 1679395216214
access-control-allow-origin: https://lcnjottagr7-wixsite-com.filesusr.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 110a2dbb-cc86-437f-bacb-9814a2a9b82f
x-frame-options: DENY
x-xss-protection: 1; mode=block
access-control-max-age: 86400
x-cache: Error from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -_rqDwdarELcoy6MKcc0pfIRSBQwO-Fy8RjBCgLWzIC5A0EhA-xZXQ==
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 46277
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-GjCWEykAHY7ySO5uxq8E4L-7_TueoZhEJjzIAg
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-GjCWEykAHY7ySO5uxq8E4L-7_TueoZhEJjzIAg
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-GjCWEykAHY7ySO5uxq8E4L-7_TueoZhEJjzIAg HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 10:40:20 GMT
x-fastly-to-nlb-rtt: 22199
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:40:19 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 265942
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
34.102.176.152
18.195.173.152
2.18.172.195
157.240.205.11
185.64.189.110
141.226.228.48
178.250.1.13
34.255.162.196
104.18.32.68
185.184.10.30
185.80.36.245
37.157.6.246
23.13.245.180