r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Tue, 22 Nov 2022 00:28:47 GMT
Date: Mon, 21 Nov 2022 20:50:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6503
Cache-Control: max-age=142128
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:52 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 12:19:40 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 20:09:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2495
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12762
Expires: Tue, 22 Nov 2022 00:23:34 GMT
Date: Mon, 21 Nov 2022 20:50:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DYnpcdlcDm2O/W76rtNvBRjeDVe946Of5XTC51SVhx17IQzgyVtVP1DrYjsRFncftbHEsFZTd9E=
x-amz-request-id: EHCT562WFC950RJG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 20:39:17 GMT
age: 695
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 20:50:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 20:08:47 GMT
cache-control: public,max-age=3600
age: 2525
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4b1f1004a9839efd5f3e0d542e2743d5
848dadb9151bac54b931a6439d89bef2473da09b
8790f1dfb9a9709a68411f9cb26dbc9ac37de2dc02f2cccd0a961816b1e7f50f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121730
Date: Mon, 21 Nov 2022 20:50:52 GMT
Etag: "637b0769-1d7"
Expires: Wed, 23 Nov 2022 06:39:42 GMT
Last-Modified: Mon, 21 Nov 2022 05:06:49 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7tuydaG_OYRN17Fr3vsy574wdjRdTyiTh_NI7k3DTsTtJudzW1FedA==
Age: 5573
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3986
Cache-Control: max-age=134548
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:52 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 10:13:20 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
url.avanan.click/v2/___https:/getdivvy.com/sweepstakes-international-payments/___.YXAzOmF0bGFzaHA6YTpvOjU4MGExOTYxODExODAyODkzMTI5NTRkZTk4NGUwMGUxOjY6Y2YwZjo5OTkzNmU2MmEzNjVkZmYwMzRkNThkMDA4NTRhOTNhYmYzZTIwMzZhMjA3MDhlNzMwZDFkMjNiNWM5ZTU3ZmJiOmg6VA
52.22.197.215302 Found 0 B URL HTTP/2 url.avanan.click/v2/___https:/getdivvy.com/sweepstakes-international-payments/___.YXAzOmF0bGFzaHA6YTpvOjU4MGExOTYxODExODAyODkzMTI5NTRkZTk4NGUwMGUxOjY6Y2YwZjo5OTkzNmU2MmEzNjVkZmYwMzRkNThkMDA4NTRhOTNhYmYzZTIwMzZhMjA3MDhlNzMwZDFkMjNiNWM5ZTU3ZmJiOmg6VA
IP 52.22.197.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/___https:/getdivvy.com/sweepstakes-international-payments/___.YXAzOmF0bGFzaHA6YTpvOjU4MGExOTYxODExODAyODkzMTI5NTRkZTk4NGUwMGUxOjY6Y2YwZjo5OTkzNmU2MmEzNjVkZmYwMzRkNThkMDA4NTRhOTNhYmYzZTIwMzZhMjA3MDhlNzMwZDFkMjNiNWM5ZTU3ZmJiOmg6VA HTTP/1.1
Host: url.avanan.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 21 Nov 2022 20:50:53 GMT
content-length: 0
location: https://getdivvy.com/sweepstakes-international-payments/
apigw-requestid: b-CrCjrFIAMEVTw=
set-cookie: x-cloud-sec-ctp = ab90412f-bf6b-4a85-8688-00aacb6f2b0a; Secure; HttpOnly; path=/; expires=21-Nov-2023 20:50:53 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1aa5389b95470f06438694c1f3b71b4d
25031b7050be5f5400fe3ad0a3f093238197bf62
f0452f1ab00e5035fefd7f128b2aacb93ef1b337a4343951930d899fff315aaf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120482
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:53 GMT
Etag: "637b184f-118"
Expires: Wed, 23 Nov 2022 06:18:55 GMT
Last-Modified: Mon, 21 Nov 2022 06:18:55 GMT
Server: nginx
Content-Length: 280
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p0uxCOyc6v8ppgNvJvSYQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 69VJu0s9HwqXO4/qmmatu5fFu/c=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7c00e058dc0f39781eb30d18ed863def
8568d29a567f52d266b320731affc1c1ea9c53ba
07ba861a12855ff49d22249924fccf4583259726e06c9a3aa8259d07b93d1114
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2124
Cache-Control: max-age=122989
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Etag: "637b19cf-117"
Expires: Wed, 23 Nov 2022 07:00:43 GMT
Last-Modified: Mon, 21 Nov 2022 06:25:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
cdn-cfojb.nitrocdn.com/jdVUvNAagxcDlwFoRwekSNRHWyXQwqms/assets/static/source/rev-eaaff68/wp-content/themes/salient/css/fonts/3ea6edc8d25534c4ffb726002177caa4.fontawesome-webfont.ttf
172.64.147.148200 OK 166 kB URL HTTP/2 cdn-cfojb.nitrocdn.com/jdVUvNAagxcDlwFoRwekSNRHWyXQwqms/assets/static/source/rev-eaaff68/wp-content/themes/salient/css/fonts/3ea6edc8d25534c4ffb726002177caa4.fontawesome-webfont.ttf
IP 172.64.147.148:0
File type TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size 166 kB (165548 bytes)
Hash b06871f281fee6b241d60582ae9369b9
13b1eab65a983c7a73bc7997c479d66943f7c6cb
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
GET /jdVUvNAagxcDlwFoRwekSNRHWyXQwqms/assets/static/source/rev-eaaff68/wp-content/themes/salient/css/fonts/3ea6edc8d25534c4ffb726002177caa4.fontawesome-webfont.ttf HTTP/1.1
Host: cdn-cfojb.nitrocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:54 GMT
content-type: application/octet-stream
content-length: 165548
etag: "636ac124-28747"
last-modified: Tue, 08 Nov 2022 20:50:44 GMT
link: <https://getdivvy.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.ttf?v=4.2>; rel="canonical"
vary: Accept-Encoding
cache-control: max-age=31536000, public
access-control-allow-origin: *
cf-cache-status: HIT
age: 1060207
accept-ranges: bytes
server: cloudflare
cf-ray: 76dc4ce12a6e0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7c00e058dc0f39781eb30d18ed863def
8568d29a567f52d266b320731affc1c1ea9c53ba
07ba861a12855ff49d22249924fccf4583259726e06c9a3aa8259d07b93d1114
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2124
Cache-Control: max-age=122989
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Etag: "637b19cf-117"
Expires: Wed, 23 Nov 2022 07:00:43 GMT
Last-Modified: Mon, 21 Nov 2022 06:25:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=OPT-N7LSP79
142.250.74.46200 OK 47 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-N7LSP79
IP 142.250.74.46:0
File type ASCII text, with very long lines (2926)
Hash c499e2ded9471a7d214d749d62b32c0a
986bce8d3ee66d729eaf90d15e6382a1808f65a3
6c80caf56912f7792e1174ed4bfd4522ebed9e81470814ee7c525720c3c89181
GET /optimize.js?id=OPT-N7LSP79 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 21 Nov 2022 20:50:54 GMT
expires: Mon, 21 Nov 2022 20:50:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12722
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 20:50:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12722
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 20:50:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12722
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 20:50:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a8070a1aa0d48b75c639fa24eec3d96
14a81b4e2bdcdcdd951aa6660dc640c0292a2109
70b29ce3872a0c46d8d0e61f2801df1a98c8ea6e516adb1c2fe1bdad35f654f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 02203d7e-e15a-40d8-a09e-c40299c6f332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bu2bSH6xoAMF1FA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375d114-79f15fbc1c64941e54c6d5e3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 06:13:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YHoIX9fgjqNaOq_84IdURDMNigg62C8616_qky56Xx7ok4LJvvqEfw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 12:54:30 GMT
age: 28584
etag: "14a81b4e2bdcdcdd951aa6660dc640c0292a2109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96135f96986369533c0362367c1e6fd8
bc8b0612b79cb30817880fac9728318f837854b4
f4eab133baf21daae8b809966e8ffbe64a2414fd334538a226a2a39ab39c3d46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5045
x-amzn-requestid: 93295168-385b-4b26-92e0-65858db59541
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0PgfGfVoAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377f936-7d3d9e44191051f454bd53ca;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:29:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hYkfj6mcRyzHioX7RAjvhpITDBX_CXLhum92tHz6ilGAY2C0fNi48g==
via: 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 08:37:09 GMT
age: 44025
etag: "bc8b0612b79cb30817880fac9728318f837854b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PkFAourr7ixQ5NYcdMugerMxFTdCLgIAaBz6erANuppgzE2Tm4yVpA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 22:34:27 GMT
age: 80187
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 901093397261ec8888c61a6c88f8b7cd
1f07e8182159f68134776366e0bea78a130c5b85
9982e83a02d1595431c397a00a0a339067681fdbcb7538ca40ffd7138c7aa9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11271
x-amzn-requestid: 144705ac-0cc1-46ba-a6a9-3942bf3c9433
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b61qlFriIAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9ca9-27e45603577195a2769b3fc3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qql-MEI9tkdxS-lGdnkBCB8h39ZgJBi7ODA2TMUYn8kqEjP8AjMCZg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:50:50 GMT
age: 82804
etag: "1f07e8182159f68134776366e0bea78a130c5b85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131cae0245e456c2497833b48cc1be0e
01b7bf2cfcdac73911dbd0a570d262978a43daf1
539cc2fdefb049df026b18d450c56d85b7821b8723ea0070efa460096669576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7996
x-amzn-requestid: af3a6545-f0ad-40de-b1f6-56b9607242f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1BvREKZoAMFzDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63784994-2659c8ec5fc04c510ea0e643;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 03:12:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UU9m-kzHM4oKCHNiK2q4NWftsCueXeiBpJkk0cDv3et4v3MpF6eCtQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 04:04:43 GMT
age: 60371
etag: "01b7bf2cfcdac73911dbd0a570d262978a43daf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:36:36 GMT
age: 83658
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
216.58.207.195200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 39372, version 1.0\012- data
Hash 40b6965b5cd26213faf61e5ab6765bb9
8b040e0fc0c40e0e7ce54eba07eda98f35512948
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:52:38 GMT
expires: Tue, 21 Nov 2023 18:52:38 GMT
cache-control: public, max-age=31536000
age: 7096
last-modified: Mon, 15 Aug 2022 18:20:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce572f8aeac239a6a4a3256980e7cd78
3d4f2da9a3fae98fbaf4d5d172fcb1ff73d8fef4
4ce9e5dec2ea54ddf0d0dc866c4cf7b52a90c0e84355f374ca4f6bff8ba8747e
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:54 GMT
Last-Modified: Mon, 21 Nov 2022 19:20:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
to.getnitropack.com/
194.242.11.186200 OK 6.6 kB IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 7128d79b233c178d2fb178ac5562d65e
760d4ee2a9ffc8e8ab89dd359c18f5bae5a00d60
e29d972b0e6216afcdcc0eb241c12a6a5601af98866e16284e0dff57ae666089
POST / HTTP/1.1
Host: to.getnitropack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------9093975799645147821350019866
Content-Length: 443
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:54 GMT
content-type: text/html; charset=UTF-8
content-length: 20
server: BunnyCDN-NO1-830
cdn-pullzone: 234442
cdn-uid: b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=0
content-encoding: none
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f2b64c49c42c0e2320f1355cf46d1815
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ceaffa5960e841df061dccb4b486f21
42f98fa6e1c2d36915f03c37cddc0bfd4b9b1246
63e1226304d60de20b5eed6ea81b8af6ec8fb680f3ed4d49a91737c88dab1aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63E1226304D60DE20B5EED6EA81B8AF6EC8FB680F3ED4D49A91737C88DAB1AEF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 21 Nov 2022 23:11:34 GMT
Date: Mon, 21 Nov 2022 20:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ceaffa5960e841df061dccb4b486f21
42f98fa6e1c2d36915f03c37cddc0bfd4b9b1246
63e1226304d60de20b5eed6ea81b8af6ec8fb680f3ed4d49a91737c88dab1aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63E1226304D60DE20B5EED6EA81B8AF6EC8FB680F3ED4D49A91737C88DAB1AEF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 21 Nov 2022 23:11:34 GMT
Date: Mon, 21 Nov 2022 20:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ceaffa5960e841df061dccb4b486f21
42f98fa6e1c2d36915f03c37cddc0bfd4b9b1246
63e1226304d60de20b5eed6ea81b8af6ec8fb680f3ed4d49a91737c88dab1aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63E1226304D60DE20B5EED6EA81B8AF6EC8FB680F3ED4D49A91737C88DAB1AEF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 21 Nov 2022 23:11:34 GMT
Date: Mon, 21 Nov 2022 20:50:55 GMT
Connection: keep-alive
j.6sc.co/6si.min.js
23.61.214.147200 OK 9.9 kB IP 23.61.214.147:0
File type ASCII text, with very long lines (31553), with no line terminators
Hash cf96abf5444fef6fe908006a0549e46a
b9b8d45bafcf87cc4d31a3752bbd596e9fff1c13
235a86248a30ae4b29d17b195a613cc6892d781dc3c0ba57655c73db62b89be5
GET /6si.min.js HTTP/1.1
Host: j.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
etag: "623bb4eb-7b41"
last-modified: Thu, 24 Mar 2022 00:01:47 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, no-cache, proxy-revalidate
expires: Mon, 21 Nov 2022 20:50:55 GMT
date: Mon, 21 Nov 2022 20:50:55 GMT
content-length: 9853
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ceaffa5960e841df061dccb4b486f21
42f98fa6e1c2d36915f03c37cddc0bfd4b9b1246
63e1226304d60de20b5eed6ea81b8af6ec8fb680f3ed4d49a91737c88dab1aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63E1226304D60DE20B5EED6EA81B8AF6EC8FB680F3ED4D49A91737C88DAB1AEF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 21 Nov 2022 23:11:34 GMT
Date: Mon, 21 Nov 2022 20:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ceaffa5960e841df061dccb4b486f21
42f98fa6e1c2d36915f03c37cddc0bfd4b9b1246
63e1226304d60de20b5eed6ea81b8af6ec8fb680f3ed4d49a91737c88dab1aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63E1226304D60DE20B5EED6EA81B8AF6EC8FB680F3ED4D49A91737C88DAB1AEF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 21 Nov 2022 23:11:34 GMT
Date: Mon, 21 Nov 2022 20:50:55 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-MVJKMQP
142.250.74.168200 OK 104 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MVJKMQP
IP 142.250.74.168:0
File type ASCII text, with very long lines (6087), with no line terminators
Size 104 kB (103546 bytes)
Hash 878ffb3aa4e038b011cec199446d77ef
ec2490c49eee3c8f378629272a4b83efe62a97e1
5e54ca8cabbb015a536c1dd54f1b8e26be6811cfdaa81952dc998de922b4f723
GET /gtm.js?id=GTM-MVJKMQP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 21 Nov 2022 20:50:55 GMT
expires: Mon, 21 Nov 2022 20:50:55 GMT
cache-control: private, max-age=900
last-modified: Mon, 21 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2e2741a411d3c71c91a2daea81750e56
ba630e09fe2e5403d325f8cd8e60d7d735366e0f
8bf06986da8f77189d322482a6eed0ff00bb57ee5d81ecdd2f9d675a07b6ca39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: max-age=137174
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637b4da6-117"
Expires: Wed, 23 Nov 2022 10:57:09 GMT
Last-Modified: Mon, 21 Nov 2022 10:06:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
c.6sc.co/
23.61.214.147200 OK 7 B IP 23.61.214.147:0
File type ASCII text, with no line terminators
Hash d97623d172f087d9640da9acd38830ff
515bd358bb7d990930f0e2b3de399db1787a2567
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
GET / HTTP/1.1
Host: c.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 7
date: Mon, 21 Nov 2022 20:50:55 GMT
access-control-allow-origin: https://getdivvy.com
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
secure.adnxs.com/getuidj
185.89.210.46200 OK 11 B IP 185.89.210.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 096dc398f48c9a61584478fea3ee50a1
7d0a5f87833db711b2eb52c73638c5e14538a969
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
GET /getuidj HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 20:50:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 11
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://getdivvy.com
AN-X-Request-Uuid: 1aed8e0f-e673-421b-bc65-a1d0f8909707
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
j.6sc.co/6si.min.js
23.61.214.147200 OK 9.9 kB IP 23.61.214.147:0
File type ASCII text, with very long lines (30464), with no line terminators
Hash 38464864f877ada0b389fe8a6351aff3
5b7c93a98cb0dda7b384b3b3934565836886367e
734af076269c4367d8366ddf2103db9f429c32bccd5eb0a72d6c9ebdd394dae2
GET /6si.min.js HTTP/1.1
Host: j.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 24 Mar 2022 00:01:47 GMT
If-None-Match: "623bb4eb-7b41"
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
etag: "63360652-7700"
last-modified: Thu, 29 Sep 2022 20:55:46 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, no-cache, proxy-revalidate
expires: Mon, 21 Nov 2022 20:50:55 GMT
date: Mon, 21 Nov 2022 20:50:55 GMT
content-length: 9869
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0017/5946/site/getdivvy.com.json?t=1
104.19.148.8200 OK 1.6 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0017/5946/site/getdivvy.com.json?t=1
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with very long lines (4158), with no line terminators
Hash 7a02678a9d9439ef0539d65dfd55591c
93e64259d8c86cf420c5c6d248b060cd83e491cb
a348dfbb8fcd10d8a537613134c9bdc8007641e7bfb6d65dce2c06e432fb830d
GET /pages/data-scripts/0017/5946/site/getdivvy.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:55 GMT
content-type: application/json
content-length: 1608
access-control-expose-headers: CE-Version
ce-version: 11.5.3
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Mon, 21 Nov 2022 15:09:15 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76dc4ce6de40b517-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d2b8e2009f47219a5547c5ea0d7a2429
8778f559558384c3c912f00f1169e104a19c8e4f
139310e509d4ca53c82329a3a3d74735535a2b7b27fd78152f30ce74f5f5f526
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6212
Cache-Control: max-age=86716
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637a7c27-117"
Expires: Tue, 22 Nov 2022 20:56:11 GMT
Last-Modified: Sun, 20 Nov 2022 19:12:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
c.6sc.co/
23.61.214.147200 OK 7 B IP 23.61.214.147:0
File type ASCII text, with no line terminators
Hash d97623d172f087d9640da9acd38830ff
515bd358bb7d990930f0e2b3de399db1787a2567
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
GET / HTTP/1.1
Host: c.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 7
date: Mon, 21 Nov 2022 20:50:55 GMT
access-control-allow-origin: https://getdivvy.com
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
ipv6.6sc.co/
2.23.139.23200 OK 4 B IP 2.23.139.23:0
ASN #1299 Telia Company AB
File type ASCII text, with no line terminators
Hash 37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
GET / HTTP/1.1
Host: ipv6.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 4
expires: Mon, 21 Nov 2022 20:50:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 21 Nov 2022 20:50:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
6si-ipv6: null
access-control-allow-origin: https://getdivvy.com
vary: Origin
X-Firefox-Spdy: h2
widget.intercom.io/widget/gh17um10
54.230.111.53200 OK 6.2 kB URL HTTP/2 widget.intercom.io/widget/gh17um10
IP 54.230.111.53:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash 1b4c40fdf26f6c7f0f8e9a4bb5ec1d90
4c5b6bf6d6d552df2990e31fe9b82f70d7452026
2e11f51fd184790da6ec73b545fbb1a9424acfb6c2cf7308fcef139f4b048041
GET /widget/gh17um10 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6172
last-modified: Mon, 21 Nov 2022 14:54:29 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: m2Ugvz3gyGCCgA_jZR3aLX1IbD0PrbOT
accept-ranges: bytes
server: AmazonS3
date: Mon, 21 Nov 2022 20:36:17 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "1b4c40fdf26f6c7f0f8e9a4bb5ec1d90"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DXn2ovCkadNA84iS3pvxAUcCm6I8-SiKx0l1CctbpdIlU22EYI3TfA==
age: 923
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash b43cb4137baf1b5da521a07c878a7f87
d2ef8c8c86ecb6e9610d6b4053d2bcd60ff9aeb8
97e7721654ccea3806c2369409ebecfe321d22e954ede8a45ac7beaaa8accb01
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149832
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637b767b-1d7"
Expires: Wed, 23 Nov 2022 14:28:07 GMT
Last-Modified: Mon, 21 Nov 2022 13:00:43 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qDBiaXMhi7bx9maEGYvLQqvSF6PN5xit9Wull4UyO-l0T3d-6MCmYQ==
Age: 5244
ob.cheqzone.com/clicktrue_invocation.js?id=10979
54.230.111.38200 OK 30 kB URL HTTP/2 ob.cheqzone.com/clicktrue_invocation.js?id=10979
IP 54.230.111.38:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash e0600da052732721e567bcf03c3a0cff
bee098174fed1a889d28d27d6bbd22ee4ae53ccc
194fd6fac93251c9ac2a0454eb344fe000f0275aaf55b717b25b1112c8656e1d
GET /clicktrue_invocation.js?id=10979 HTTP/1.1
Host: ob.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 30173
content-encoding: gzip
server: Caddy
date: Mon, 21 Nov 2022 10:11:18 GMT
cache-control: max-age=43200
expires: Mon, 21 Nov 2022 22:06:02 GMT
etag: "14307-1/wRe7tvrc2MlFoCkEy1zo5hTyc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AjS-StlxXIrY6eZH87mVyMTfrJMAvspVZT5MdM8_dB96IBgBMQXoqA==
age: 38693
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1227fd101f9c95b2028984892fe9cfcb
5c3bf59e8e498f078dbe1a6e96be3bf10e87fc8c
bf041d6c308ed8c4c7d3725bc9e0581feb784465385478fa9a444b0e9414a26b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF041D6C308ED8C4C7D3725BC9E0581FEB784465385478FA9A444B0E9414A26B"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6897
Expires: Mon, 21 Nov 2022 22:45:52 GMT
Date: Mon, 21 Nov 2022 20:50:55 GMT
Connection: keep-alive
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 21 Nov 2022 01:07:28 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qKc27FtuwDcrPYYmhfiEaNrZjqOTP3NHxx4Kh0HXzlYsgnyAU-dLVw==
Age: 71008
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash d79a8b7bdb7694f853bfdc8d9191e24e
6b53860c00f344fd988b416b456af90f36350753
1ac6f237edbccc912dc486afab42749eeae2c370ea7a87d568e3bad6e619f8d2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111893
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637ae015-1d7"
Expires: Wed, 23 Nov 2022 03:55:48 GMT
Last-Modified: Mon, 21 Nov 2022 02:19:01 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -uAw-hmIYhXLKgbWPZrbNu_UI_AFcvkDzu1v2T_gpPgWk9v3xGXY-A==
Age: 5807
b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A55%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
23.61.214.147200 OK 43 B URL HTTP/2 b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A55%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
IP 23.61.214.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A55%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "60bb2e15-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Mon, 21 Nov 2022 20:50:55 GMT
set-cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500; expires=Wed, 20-Nov-2024 20:50:55 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin:
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.14c688fe.js
54.230.111.84200 OK 108 kB URL HTTP/2 js.intercomcdn.com/vendor.14c688fe.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (65431)
Size 108 kB (108162 bytes)
Hash a67aa8646459d76e971d6d1369a215cf
ce55b15d3a8da365fc9e23fc2f84cde447f10448
379b6bbd81dd9af5e5ad77457c5b62fffe44e71386bc06026cef07f39231e847
GET /vendor.14c688fe.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108162
last-modified: Mon, 21 Nov 2022 12:39:22 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: KIX9VdMIPlzs6ca3rcYcDhQkpzbuWVeE
accept-ranges: bytes
server: AmazonS3
date: Mon, 21 Nov 2022 20:41:02 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "a67aa8646459d76e971d6d1369a215cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WZHKMBbCxsKxGaKtxIf8blH6xI8FTRaW-W5FaK4CzPe28_SAWD3Xcw==
age: 594
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
5b0882b61bd94e51a5be84c2c5a89a0b.js.ubembed.com/
151.101.85.131200 OK 138 kB URL HTTP/2 5b0882b61bd94e51a5be84c2c5a89a0b.js.ubembed.com/
IP 151.101.85.131:0
File type ASCII text, with very long lines (2028), with no line terminators
Size 138 kB (137898 bytes)
Hash fef1591c38753af49c71674311a0e7b2
64135bb39a2e90b658c8604667e1790d94a7a5bf
c743ca88710167737fdf0580cc27d82bfa45d45bf2a11b62a0306fd05c308632
GET / HTTP/1.1
Host: 5b0882b61bd94e51a5be84c2c5a89a0b.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
x-amz-apigw-id: b96lOFGpjoEFkVA=
x-amz-cf-pop: ARN54-C1
x-backend-region: eu_west_1
date: Mon, 21 Nov 2022 20:50:55 GMT
age: 3317
x-cache: Miss from cloudfront, HIT
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
vary: Accept-Encoding, Referer
etag: W/55fab975c142b43ce6c2e33162f2a568-v0.179.2
content-encoding: br
accept-ranges: none
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22299722de5d14e29a5674782c359134
e801cbdfc273a7a7194714b650c58dd9b1fa4e39
484df350b9ec892d80566be469824f36512c7005d7d0c0622d2b3efaa9e8d9b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 46
Cache-Control: max-age=167697
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637bd092-1d7"
Expires: Wed, 23 Nov 2022 19:25:52 GMT
Last-Modified: Mon, 21 Nov 2022 19:25:06 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash c48ce5e112417802267a394ea82cf134
55122f2eb875cb8b232b200d8e62e3936af86184
68621ea6b822921e226b7a01ec585aeb14c67d83390307568f1eba2c1bb75305
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159181
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637ba65c-1d7"
Expires: Wed, 23 Nov 2022 17:03:56 GMT
Last-Modified: Mon, 21 Nov 2022 16:25:00 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eMKTpLpQZfemRAAxvoN8kqoOYUpWhdo6IzrVHi2nGu9Wak9Exwb-YQ==
Age: 2336
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 461ebc79086a87dbe2911b19ba8a2db5
99dbac6e835e778701ba5f2c40d594b91d13a63c
2c6fef590a9190b338c7f1f0e72ef8c69817f6243be42dc5d9a55defc043f0a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146732
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637b65c7-1d7"
Expires: Wed, 23 Nov 2022 13:36:27 GMT
Last-Modified: Mon, 21 Nov 2022 11:49:27 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pcaMmu2fc7xsvU52ynLu9A8z4bp1ZfyZYNJKWNqugRyQlDvO5gAROw==
Age: 6420
q.quora.com/_/ad/0d500babdd3444f3bd9f0a00fe86716b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F
100.25.7.120200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/0d500babdd3444f3bd9f0a00fe86716b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F
IP 100.25.7.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/0d500babdd3444f3bd9f0a00fe86716b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Mon, 21 Nov 2022 20:50:55 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,587cf10aacfe3e3955baab4d3ba7a34a,10.0.0.34,61908,91.90.42.154,,79782342610,1,1669063855.693,0.002,,.,0,0,0.000,0.004,-,0,0,197,131,65,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
api4299.d41.co/sync/
3.211.152.26204 No Content 0 B IP 3.211.152.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/ HTTP/1.1
Host: api4299.d41.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://getdivvy.com
Cache-control: no-store
Date: Mon, 21 Nov 2022 20:50:55 GMT
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Connection: keep-alive
cdn-0.d41.co/tags/dnb_coretag_v4.min.js
54.230.111.116200 OK 76 kB URL HTTP/1.1 cdn-0.d41.co/tags/dnb_coretag_v4.min.js
IP 54.230.111.116:0
File type Unicode text, UTF-8 text, with very long lines (65460)
Hash c5b0d60b7c887bcae6d8897835a15d14
250d49ae2d975f1e84027c6c0bd5a5614ea0d4f8
52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183
GET /tags/dnb_coretag_v4.min.js HTTP/1.1
Host: cdn-0.d41.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 76079
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 14:57:32 GMT
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 21 Nov 2022 20:47:11 GMT
ETag: "c5b0d60b7c887bcae6d8897835a15d14"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Gz347NDcBEUZQjnVlBVylgb6bWCV00Y-blJHFEOiOwFNHBL1gDIaiA==
Age: 293
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb53d8cca75e2814a7acd87a21acf4aa
3b969e99a956bbd34ae32e341e93c3f9f1df78ee
9d3f7c25d268aa78139c172296cb6cb8e3aa7be019e6be497f137db5bae6cc97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160797
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:55 GMT
Etag: "637bb5cc-1d7"
Expires: Wed, 23 Nov 2022 17:30:52 GMT
Last-Modified: Mon, 21 Nov 2022 17:30:52 GMT
Server: nginx
Content-Length: 471
intof.io/itag
54.156.254.128301 Moved Permanently 238 B IP 54.156.254.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8badbb7684537eeeb2c76372f9f256ae
b9f09b9d687196c7daf67743214430f68c36bc21
95436383d1efe7bb26bcb5f7a0fc466e55ee73b470ebe91b5ed7f05a36ec84c6
GET /itag HTTP/1.1
Host: intof.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Mon, 21 Nov 2022 20:50:56 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Location: https://intof.io/itag/?id=itag
Content-Length: 238
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
obs.cheqzone.com/ct?id=10979&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669063855672&hl=1&op=0&ag=1317291471&rand=540112920122611107062558011709790272107088192985188919126002101188021621228&fs=1152x836&fst=1152x836&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDk4NjJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMSwyLDQsMSwxLDAsMSwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwyLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsNCJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCIxMCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImhyZWZcIixcIk5QU0hcIixcIk5pdHJvU2Nyb2xsSGVscGVyXCIsXCJOUFJMXCIsXCJOaXRyb1Jlc291cmNlTG9hZGVyXCIsXCJOUGhcIixcIk5pdHJvUGFja0hlbHBlclwiLFwiYWRkRXZlbnRMaXN0ZW5lcmxvYWRcIixcInJlbW92ZUV2ZW50TGlzdGVuZXJsb2FkXCIsXCJ0cmlnZ2VyTml0cm9FdmVudGxvYWRcIixcIm9nQWRkRXZlbnRMaXN0ZW5lclwiLFwib2dSZW1vdmVFdmVudExpc3RlbmVyXCIsXCJhZGRFdmVudExpc3RlbmVyXCIsXCJyZW1vdmVFdmVudExpc3RlbmVyXCIsXCJ0cmlnZ2VyTml0cm9FdmVudFwiLFwiYWRkRXZlbnRMaXN0ZW5lcnBhZ2VzaG93XCIsXCJyZW1vdmVFdmVudExpc3RlbmVycGFnZXNob3dcIixcInRyaWdnZXJOaXRyb0V2ZW50cGFnZXNob3dcIixcImFkZEV2ZW50TGlzdGVuZXJET01Db250ZW50TG9hZGVkXCIsXCJyZW1vdmVFdmVudExpc3RlbmVyRE9NQ29udGVudExvYWRlZFwiLFwidHJpZ2dlck5pdHJvRXZlbnRET01Db250ZW50TG9hZGVkXCIsXCJkYXRhTGF5ZXJcIixcIklTX05JVFJPUEFDS1wiLFwiTklUUk9QQUNLX1NUQVRFXCIsXCJuaXRyb19sYXp5U2l6ZXNDb25maWdcIixcImxhenlTaXplc1wiLFwibG9hZENTU1wiLFwid2ViVml0YWxzXCIsXCJwcm94eVB1cmdlT25seVwiLFwibml0cm9EYXRhXCIsXCJ4aHJcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiZ29vZ2xlX29wdGltaXplXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJpc1ByZWxvYWRcIixcIm9uU3R5bGVzTG9hZEV2ZW50XCIsXCJfd3BlbW9qaVNldHRpbmdzXCIsXCIkXCIsXCJqUXVlcnlcIixcIk1rdG9Gb3JtczJcIixcImpxb2JqUHJpbWVcIixcInNob3dfZXJyb3JfY29tYmluZWRcIixcImx2X29mZnNldFwiLFwiTGl2ZVZhbGlkYXRpb25cIixcIkxpdmVWYWxpZGF0aW9uRm9ybVwiLFwiVmFsaWRhdGVcIixcImNoZWNrRGF5XCIsXCJoYXNDbGFzc1wiLFwicGhvbmVmb3JtYXRcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAyNCwxMjgwLDEwMjQsMTE1Miw5MjEsMTE1Miw4MzYsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNDk4MTQ1NjAuMTY2OTA2Mzg1NiJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTA2Mzg1NTY0MSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsNzQ0LDAsMSwwLDUzLDU5LDk5MywtMSw0LCwxOTg3LDMxODcsMzE4NyJdLFstMzksIltcIjIwMTAwMTAxXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjE3NzAwNTAwODEiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDExMTEwMDEwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCIwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbLTU0LCJ7XCJoXCI6W1wiXzJcIixcIjM2MDcwODEwMlwiLFwiXzNcIixcIjMyOTk5MTM2OVwiXSxcImRcIjpbXSxcImJcIjpbXCIzODE0NTYyNjg5XCIsXCI3OTUzOTU3MDlcIixcIjc2NzY2NzU2MlwiLFwiMzI0MzMwNDE3MVwiLFwiMjMwOTIzOTcyNFwiLFwiMzMwODQ5NzIxMVwiLFwiMjU4ODU2MzIwXCIsXCIxMzA2OTMxNzI0XCIsXCIxOTc1NTg5NDgwXCIsXCIxODQ1NzU5MzQxXCIsXCIzNjkwMTk5ODUzXCIsXCIzNDM1OTM5MjYyXCIsXCIyNDYwNTkwNjgxXCIsXCIxNzgwMTU2NTc4XCIsXCI5OTI3NjIyNDlcIixcIjIwNDk0MDcxOTBcIixcIjMyOTkzNDgyNjlcIixcIjQwNTU2Mjc5MTdcIixcIjIxMjY3NzA1MjhcIixcIjMyNDMzMDQxNzFcIixcIjM5MDI4MDkwOTBcIixcIjM4Mjc2OTk5MjFcIixcIjQwNTUyNTkwNzlcIixcIjIxNjg5NzgwMDZcIixcIjMzMTg0NTA2NTNcIixcIjEyMTI1MDExNzBcIixcIjMzMDQxMzQ5OTRcIixcIjE3ODk0NjYwODFcIixcIjMzNDY2MDc4NzdcIixcIjM0MzU5MzkyNjJcIixcIjQxNTQ0NjE5MDhcIixcIjE0NzkwNDE4NzFcIixcIjI3OTI0NjQ4OThcIixcIjM0MzU5MzkyNjJcIixcIjMwMjU1OTgxMzNcIixcIjkyNDg3NTU3MlwiLFwiNDcwMjk0MzU0XCIsXCI3OTUzOTU3MDlcIixcIjExNTM3MTg0NDZcIixcIjExNzQ5ODk1NTlcIixcIjI5NDI4MjMxNTBcIixcIjE3ODk0NjYwODFcIixcIjQyMjU3MTg5MlwiLFwiNzk1Mzk1NzA5XCIsXCI2MDY3MjYwMjJcIixcIjc5NTM5NTcwOVwiLFwiMjA5Nzk5MDUyMVwiLFwiMTE3NDk4OTU1OVwiLFwiODQzNzg5NzhcIixcIjExNzQ5ODk1NTlcIixcIjM2OTA2MDMxNTNcIixcIjExNzQ5ODk1NTlcIixcIjE0MTc5MTUxODFcIixcIjExNzQ5ODk1NTlcIixcIjU4NTUxODI5NFwiLFwiMTYyOTE3ODEyMVwiLFwiNDI3MDM4MzI5OFwiLFwiMTMwNjkzMTcyNFwiLFwiMzI5OTYwMzcwXCIsXCIzMjQzMzA0MTcxXCIsXCIyNzIzMDQ3OTMxXCIsXCI3OTUzOTU3MDlcIixcIjE5OTI2Mzc3NzFcIixcIjMwNjg5NzExODZcIixcIjE2ODE2MDMyNVwiLFwiMTE3NDk4OTU1OVwiLFwiNTY2ODI4MDgwXCIsXCIyNjAzMzIyNTM3XCIsXCIyNzc5NTk5NjE5XCIsXCIxMjEyNTAxMTcwXCIsXCIzOTk2MjQxNjk0XCIsXCIxNjc3NDI4MTg2XCIsXCIzNTYxNjk5NDA2XCIsXCI3OTUzOTU3MDlcIixcIjMyNjg3NTM3MTBcIixcIjEyMTI1MDExNzBcIixcIjIxNzk0NjI2MjVcIixcIjkzMzM5MTEyMlwiLFwiNDE3NjQ2ODQ0M1wiLFwiMTIxMjUwMTE3MFwiLFwiMzg4ODgzMzk1NlwiLFwiNzk1Mzk1NzA5XCIsXCJfMlwiLFwiMjg1MDIxOTM4OVwiXSxcInNcIjoxfSJdLFsiZGRiIiwiMCwxMCwwLDEsMywzLDAsMCwwLDEsMCwwLDAsMCwzLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMSwzLDAsMCwwLDAsMCwxLDEsMSwzLDAsMTgsMCwxLDAsMCwwLDAsMSJdLFsiYm5jaCIsODZdLFsiYWJuY2giLDg3XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=V3HEPtEp7x&pto=3218&ver=48&gac=149814560.1669063856&mei=&ap=&duid=1.1669063855.IqAytkA7X3EGKvFz&suid=1.1669063855.e5oVvOFuqbLuKP3S&tuid=1.1669063855.GdkDnvjmK4Fmw6WS&fbc=->m=W10%3D&it=69%2C2871%2C195&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
54.83.110.109200 OK 947 B URL HTTP/2 obs.cheqzone.com/ct?id=10979&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669063855672&hl=1&op=0&ag=1317291471&rand=540112920122611107062558011709790272107088192985188919126002101188021621228&fs=1152x836&fst=1152x836&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDk4NjJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMSwyLDQsMSwxLDAsMSwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwyLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsNCJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCIxMCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImhyZWZcIixcIk5QU0hcIixcIk5pdHJvU2Nyb2xsSGVscGVyXCIsXCJOUFJMXCIsXCJOaXRyb1Jlc291cmNlTG9hZGVyXCIsXCJOUGhcIixcIk5pdHJvUGFja0hlbHBlclwiLFwiYWRkRXZlbnRMaXN0ZW5lcmxvYWRcIixcInJlbW92ZUV2ZW50TGlzdGVuZXJsb2FkXCIsXCJ0cmlnZ2VyTml0cm9FdmVudGxvYWRcIixcIm9nQWRkRXZlbnRMaXN0ZW5lclwiLFwib2dSZW1vdmVFdmVudExpc3RlbmVyXCIsXCJhZGRFdmVudExpc3RlbmVyXCIsXCJyZW1vdmVFdmVudExpc3RlbmVyXCIsXCJ0cmlnZ2VyTml0cm9FdmVudFwiLFwiYWRkRXZlbnRMaXN0ZW5lcnBhZ2VzaG93XCIsXCJyZW1vdmVFdmVudExpc3RlbmVycGFnZXNob3dcIixcInRyaWdnZXJOaXRyb0V2ZW50cGFnZXNob3dcIixcImFkZEV2ZW50TGlzdGVuZXJET01Db250ZW50TG9hZGVkXCIsXCJyZW1vdmVFdmVudExpc3RlbmVyRE9NQ29udGVudExvYWRlZFwiLFwidHJpZ2dlck5pdHJvRXZlbnRET01Db250ZW50TG9hZGVkXCIsXCJkYXRhTGF5ZXJcIixcIklTX05JVFJPUEFDS1wiLFwiTklUUk9QQUNLX1NUQVRFXCIsXCJuaXRyb19sYXp5U2l6ZXNDb25maWdcIixcImxhenlTaXplc1wiLFwibG9hZENTU1wiLFwid2ViVml0YWxzXCIsXCJwcm94eVB1cmdlT25seVwiLFwibml0cm9EYXRhXCIsXCJ4aHJcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiZ29vZ2xlX29wdGltaXplXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJpc1ByZWxvYWRcIixcIm9uU3R5bGVzTG9hZEV2ZW50XCIsXCJfd3BlbW9qaVNldHRpbmdzXCIsXCIkXCIsXCJqUXVlcnlcIixcIk1rdG9Gb3JtczJcIixcImpxb2JqUHJpbWVcIixcInNob3dfZXJyb3JfY29tYmluZWRcIixcImx2X29mZnNldFwiLFwiTGl2ZVZhbGlkYXRpb25cIixcIkxpdmVWYWxpZGF0aW9uRm9ybVwiLFwiVmFsaWRhdGVcIixcImNoZWNrRGF5XCIsXCJoYXNDbGFzc1wiLFwicGhvbmVmb3JtYXRcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAyNCwxMjgwLDEwMjQsMTE1Miw5MjEsMTE1Miw4MzYsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNDk4MTQ1NjAuMTY2OTA2Mzg1NiJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTA2Mzg1NTY0MSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsNzQ0LDAsMSwwLDUzLDU5LDk5MywtMSw0LCwxOTg3LDMxODcsMzE4NyJdLFstMzksIltcIjIwMTAwMTAxXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjE3NzAwNTAwODEiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDExMTEwMDEwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCIwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbLTU0LCJ7XCJoXCI6W1wiXzJcIixcIjM2MDcwODEwMlwiLFwiXzNcIixcIjMyOTk5MTM2OVwiXSxcImRcIjpbXSxcImJcIjpbXCIzODE0NTYyNjg5XCIsXCI3OTUzOTU3MDlcIixcIjc2NzY2NzU2MlwiLFwiMzI0MzMwNDE3MVwiLFwiMjMwOTIzOTcyNFwiLFwiMzMwODQ5NzIxMVwiLFwiMjU4ODU2MzIwXCIsXCIxMzA2OTMxNzI0XCIsXCIxOTc1NTg5NDgwXCIsXCIxODQ1NzU5MzQxXCIsXCIzNjkwMTk5ODUzXCIsXCIzNDM1OTM5MjYyXCIsXCIyNDYwNTkwNjgxXCIsXCIxNzgwMTU2NTc4XCIsXCI5OTI3NjIyNDlcIixcIjIwNDk0MDcxOTBcIixcIjMyOTkzNDgyNjlcIixcIjQwNTU2Mjc5MTdcIixcIjIxMjY3NzA1MjhcIixcIjMyNDMzMDQxNzFcIixcIjM5MDI4MDkwOTBcIixcIjM4Mjc2OTk5MjFcIixcIjQwNTUyNTkwNzlcIixcIjIxNjg5NzgwMDZcIixcIjMzMTg0NTA2NTNcIixcIjEyMTI1MDExNzBcIixcIjMzMDQxMzQ5OTRcIixcIjE3ODk0NjYwODFcIixcIjMzNDY2MDc4NzdcIixcIjM0MzU5MzkyNjJcIixcIjQxNTQ0NjE5MDhcIixcIjE0NzkwNDE4NzFcIixcIjI3OTI0NjQ4OThcIixcIjM0MzU5MzkyNjJcIixcIjMwMjU1OTgxMzNcIixcIjkyNDg3NTU3MlwiLFwiNDcwMjk0MzU0XCIsXCI3OTUzOTU3MDlcIixcIjExNTM3MTg0NDZcIixcIjExNzQ5ODk1NTlcIixcIjI5NDI4MjMxNTBcIixcIjE3ODk0NjYwODFcIixcIjQyMjU3MTg5MlwiLFwiNzk1Mzk1NzA5XCIsXCI2MDY3MjYwMjJcIixcIjc5NTM5NTcwOVwiLFwiMjA5Nzk5MDUyMVwiLFwiMTE3NDk4OTU1OVwiLFwiODQzNzg5NzhcIixcIjExNzQ5ODk1NTlcIixcIjM2OTA2MDMxNTNcIixcIjExNzQ5ODk1NTlcIixcIjE0MTc5MTUxODFcIixcIjExNzQ5ODk1NTlcIixcIjU4NTUxODI5NFwiLFwiMTYyOTE3ODEyMVwiLFwiNDI3MDM4MzI5OFwiLFwiMTMwNjkzMTcyNFwiLFwiMzI5OTYwMzcwXCIsXCIzMjQzMzA0MTcxXCIsXCIyNzIzMDQ3OTMxXCIsXCI3OTUzOTU3MDlcIixcIjE5OTI2Mzc3NzFcIixcIjMwNjg5NzExODZcIixcIjE2ODE2MDMyNVwiLFwiMTE3NDk4OTU1OVwiLFwiNTY2ODI4MDgwXCIsXCIyNjAzMzIyNTM3XCIsXCIyNzc5NTk5NjE5XCIsXCIxMjEyNTAxMTcwXCIsXCIzOTk2MjQxNjk0XCIsXCIxNjc3NDI4MTg2XCIsXCIzNTYxNjk5NDA2XCIsXCI3OTUzOTU3MDlcIixcIjMyNjg3NTM3MTBcIixcIjEyMTI1MDExNzBcIixcIjIxNzk0NjI2MjVcIixcIjkzMzM5MTEyMlwiLFwiNDE3NjQ2ODQ0M1wiLFwiMTIxMjUwMTE3MFwiLFwiMzg4ODgzMzk1NlwiLFwiNzk1Mzk1NzA5XCIsXCJfMlwiLFwiMjg1MDIxOTM4OVwiXSxcInNcIjoxfSJdLFsiZGRiIiwiMCwxMCwwLDEsMywzLDAsMCwwLDEsMCwwLDAsMCwzLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMSwzLDAsMCwwLDAsMCwxLDEsMSwzLDAsMTgsMCwxLDAsMCwwLDAsMSJdLFsiYm5jaCIsODZdLFsiYWJuY2giLDg3XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=V3HEPtEp7x&pto=3218&ver=48&gac=149814560.1669063856&mei=&ap=&duid=1.1669063855.IqAytkA7X3EGKvFz&suid=1.1669063855.e5oVvOFuqbLuKP3S&tuid=1.1669063855.GdkDnvjmK4Fmw6WS&fbc=->m=W10%3D&it=69%2C2871%2C195&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 54.83.110.109:0
File type ASCII text, with very long lines (2751), with no line terminators
Hash c34b1d65b9bc21a10c119bd0be6130bc
1cf6a9aa2da64350df1dcbd4c0039324419292a0
a604da1ae0e3f9a89f1b9cda71ab27bf062215e878f3c71ecf16cee2f2c8304d
GET /ct?id=10979&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669063855672&hl=1&op=0&ag=1317291471&rand=540112920122611107062558011709790272107088192985188919126002101188021621228&fs=1152x836&fst=1152x836&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDk4NjJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMSwyLDQsMSwxLDAsMSwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwyLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsNCJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCIxMCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImhyZWZcIixcIk5QU0hcIixcIk5pdHJvU2Nyb2xsSGVscGVyXCIsXCJOUFJMXCIsXCJOaXRyb1Jlc291cmNlTG9hZGVyXCIsXCJOUGhcIixcIk5pdHJvUGFja0hlbHBlclwiLFwiYWRkRXZlbnRMaXN0ZW5lcmxvYWRcIixcInJlbW92ZUV2ZW50TGlzdGVuZXJsb2FkXCIsXCJ0cmlnZ2VyTml0cm9FdmVudGxvYWRcIixcIm9nQWRkRXZlbnRMaXN0ZW5lclwiLFwib2dSZW1vdmVFdmVudExpc3RlbmVyXCIsXCJhZGRFdmVudExpc3RlbmVyXCIsXCJyZW1vdmVFdmVudExpc3RlbmVyXCIsXCJ0cmlnZ2VyTml0cm9FdmVudFwiLFwiYWRkRXZlbnRMaXN0ZW5lcnBhZ2VzaG93XCIsXCJyZW1vdmVFdmVudExpc3RlbmVycGFnZXNob3dcIixcInRyaWdnZXJOaXRyb0V2ZW50cGFnZXNob3dcIixcImFkZEV2ZW50TGlzdGVuZXJET01Db250ZW50TG9hZGVkXCIsXCJyZW1vdmVFdmVudExpc3RlbmVyRE9NQ29udGVudExvYWRlZFwiLFwidHJpZ2dlck5pdHJvRXZlbnRET01Db250ZW50TG9hZGVkXCIsXCJkYXRhTGF5ZXJcIixcIklTX05JVFJPUEFDS1wiLFwiTklUUk9QQUNLX1NUQVRFXCIsXCJuaXRyb19sYXp5U2l6ZXNDb25maWdcIixcImxhenlTaXplc1wiLFwibG9hZENTU1wiLFwid2ViVml0YWxzXCIsXCJwcm94eVB1cmdlT25seVwiLFwibml0cm9EYXRhXCIsXCJ4aHJcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiZ29vZ2xlX29wdGltaXplXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJpc1ByZWxvYWRcIixcIm9uU3R5bGVzTG9hZEV2ZW50XCIsXCJfd3BlbW9qaVNldHRpbmdzXCIsXCIkXCIsXCJqUXVlcnlcIixcIk1rdG9Gb3JtczJcIixcImpxb2JqUHJpbWVcIixcInNob3dfZXJyb3JfY29tYmluZWRcIixcImx2X29mZnNldFwiLFwiTGl2ZVZhbGlkYXRpb25cIixcIkxpdmVWYWxpZGF0aW9uRm9ybVwiLFwiVmFsaWRhdGVcIixcImNoZWNrRGF5XCIsXCJoYXNDbGFzc1wiLFwicGhvbmVmb3JtYXRcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAyNCwxMjgwLDEwMjQsMTE1Miw5MjEsMTE1Miw4MzYsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNDk4MTQ1NjAuMTY2OTA2Mzg1NiJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTA2Mzg1NTY0MSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsNzQ0LDAsMSwwLDUzLDU5LDk5MywtMSw0LCwxOTg3LDMxODcsMzE4NyJdLFstMzksIltcIjIwMTAwMTAxXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjE3NzAwNTAwODEiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDExMTEwMDEwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCIwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbLTU0LCJ7XCJoXCI6W1wiXzJcIixcIjM2MDcwODEwMlwiLFwiXzNcIixcIjMyOTk5MTM2OVwiXSxcImRcIjpbXSxcImJcIjpbXCIzODE0NTYyNjg5XCIsXCI3OTUzOTU3MDlcIixcIjc2NzY2NzU2MlwiLFwiMzI0MzMwNDE3MVwiLFwiMjMwOTIzOTcyNFwiLFwiMzMwODQ5NzIxMVwiLFwiMjU4ODU2MzIwXCIsXCIxMzA2OTMxNzI0XCIsXCIxOTc1NTg5NDgwXCIsXCIxODQ1NzU5MzQxXCIsXCIzNjkwMTk5ODUzXCIsXCIzNDM1OTM5MjYyXCIsXCIyNDYwNTkwNjgxXCIsXCIxNzgwMTU2NTc4XCIsXCI5OTI3NjIyNDlcIixcIjIwNDk0MDcxOTBcIixcIjMyOTkzNDgyNjlcIixcIjQwNTU2Mjc5MTdcIixcIjIxMjY3NzA1MjhcIixcIjMyNDMzMDQxNzFcIixcIjM5MDI4MDkwOTBcIixcIjM4Mjc2OTk5MjFcIixcIjQwNTUyNTkwNzlcIixcIjIxNjg5NzgwMDZcIixcIjMzMTg0NTA2NTNcIixcIjEyMTI1MDExNzBcIixcIjMzMDQxMzQ5OTRcIixcIjE3ODk0NjYwODFcIixcIjMzNDY2MDc4NzdcIixcIjM0MzU5MzkyNjJcIixcIjQxNTQ0NjE5MDhcIixcIjE0NzkwNDE4NzFcIixcIjI3OTI0NjQ4OThcIixcIjM0MzU5MzkyNjJcIixcIjMwMjU1OTgxMzNcIixcIjkyNDg3NTU3MlwiLFwiNDcwMjk0MzU0XCIsXCI3OTUzOTU3MDlcIixcIjExNTM3MTg0NDZcIixcIjExNzQ5ODk1NTlcIixcIjI5NDI4MjMxNTBcIixcIjE3ODk0NjYwODFcIixcIjQyMjU3MTg5MlwiLFwiNzk1Mzk1NzA5XCIsXCI2MDY3MjYwMjJcIixcIjc5NTM5NTcwOVwiLFwiMjA5Nzk5MDUyMVwiLFwiMTE3NDk4OTU1OVwiLFwiODQzNzg5NzhcIixcIjExNzQ5ODk1NTlcIixcIjM2OTA2MDMxNTNcIixcIjExNzQ5ODk1NTlcIixcIjE0MTc5MTUxODFcIixcIjExNzQ5ODk1NTlcIixcIjU4NTUxODI5NFwiLFwiMTYyOTE3ODEyMVwiLFwiNDI3MDM4MzI5OFwiLFwiMTMwNjkzMTcyNFwiLFwiMzI5OTYwMzcwXCIsXCIzMjQzMzA0MTcxXCIsXCIyNzIzMDQ3OTMxXCIsXCI3OTUzOTU3MDlcIixcIjE5OTI2Mzc3NzFcIixcIjMwNjg5NzExODZcIixcIjE2ODE2MDMyNVwiLFwiMTE3NDk4OTU1OVwiLFwiNTY2ODI4MDgwXCIsXCIyNjAzMzIyNTM3XCIsXCIyNzc5NTk5NjE5XCIsXCIxMjEyNTAxMTcwXCIsXCIzOTk2MjQxNjk0XCIsXCIxNjc3NDI4MTg2XCIsXCIzNTYxNjk5NDA2XCIsXCI3OTUzOTU3MDlcIixcIjMyNjg3NTM3MTBcIixcIjEyMTI1MDExNzBcIixcIjIxNzk0NjI2MjVcIixcIjkzMzM5MTEyMlwiLFwiNDE3NjQ2ODQ0M1wiLFwiMTIxMjUwMTE3MFwiLFwiMzg4ODgzMzk1NlwiLFwiNzk1Mzk1NzA5XCIsXCJfMlwiLFwiMjg1MDIxOTM4OVwiXSxcInNcIjoxfSJdLFsiZGRiIiwiMCwxMCwwLDEsMywzLDAsMCwwLDEsMCwwLDAsMCwzLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMSwzLDAsMCwwLDAsMCwxLDEsMSwzLDAsMTgsMCwxLDAsMCwwLDAsMSJdLFsiYm5jaCIsODZdLFsiYWJuY2giLDg3XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=V3HEPtEp7x&pto=3218&ver=48&gac=149814560.1669063856&mei=&ap=&duid=1.1669063855.IqAytkA7X3EGKvFz&suid=1.1669063855.e5oVvOFuqbLuKP3S&tuid=1.1669063855.GdkDnvjmK4Fmw6WS&fbc=->m=W10%3D&it=69%2C2871%2C195&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Mon, 21 Nov 2022 20:50:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=18acc48ba019a3ebd503c9e70d3206a3; Max-Age=29030400; Path=/; Expires=Mon, 23 Oct 2023 20:50:56 GMT; HttpOnly; Secure; SameSite=None
content-length: 947
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/dmbrmpjje4xs5gtk6sx7
54.230.111.48200 OK 12 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/dmbrmpjje4xs5gtk6sx7
IP 54.230.111.48:0
Hash afd1a59583f562bfd80329a8a98920fa
f2fa7cb92a5fed264555d4e4d6e2eba7e1723830
35b6d0a15ecb699a2e0a2752a5295584783a202edd538e6542c24cdb5cfdd078
GET /v2/embed/134765/dmbrmpjje4xs5gtk6sx7 HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:23:16 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Wed, 26 Oct 2022 16:59:32 GMT
etag: W/"a1fc07113451b5f1d99c93c3724418d7"
x-optinmonster-campaign: dmbrmpjje4xs5gtk6sx7
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h4fzg6C3EaYO2wtUbhT6RwAzt6X4uye0K9LYe7AEed4G2WIWyktISw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b6cc48c7f314bc7ef251703eabe72b4
a70bf5ad955836f15b24590f0e322d5cee53b0b1
4d6e589df129380106a5a4f666882703fb04074c3b2a9b963be91b14fc20352f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.omappapi.com/v2/embed/134765/iebsbegscs7xw9s5ruvz
54.230.111.48200 OK 2.4 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/iebsbegscs7xw9s5ruvz
IP 54.230.111.48:0
Hash 5f3078b5a1d37893b4f024a46a1eb552
a43e35ba03f928994fa505dea51ff6f6dafe83b9
798ffe9d412d3106185d8a1ff67e875555679b2188cb5a601a1925c86435962d
GET /v2/embed/134765/iebsbegscs7xw9s5ruvz HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:36:29 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Tue, 11 Oct 2022 19:52:08 GMT
etag: W/"1ee60824a905cf28736f6a88b488b5ec"
x-optinmonster-campaign: iebsbegscs7xw9s5ruvz
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7AasqCDnHgSRnnB1R7NBBq_d7BMXqvMV5ibB-VUoG93A6NaGgIHjrg==
X-Firefox-Spdy: h2
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
143.204.55.69200 OK 50 kB URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 143.204.55.69:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash b33ee1885fd10ad1d4836769b35a0bbb
211c73009375c87a180e711609b807baefbc8957
935804ee7d5df0838087950cd78661fd12a383099a6109583404c432255770bc
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Sep 2022 23:09:05 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: W/"359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3CB41OgY7wEuKxDaCeZkhGuWYttmfYj2m8tf4wrpOf6UllPaD0cHyQ==
age: 6817310
X-Firefox-Spdy: h2
a.omappapi.com/app/js/11.9da7034c.min.js
194.242.11.186200 OK 1.5 kB URL HTTP/2 a.omappapi.com/app/js/11.9da7034c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1941)
Hash ea2e550a1c86f251ee645615cb5a3a7a
1172a86c4c9e69d6b533067bdc80c7a67d41a744
e1de0332a33565f5ae5a7e6600a52e993b767aded9fa57a5f15cc2401541be4d
GET /app/js/11.9da7034c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"637289e5-7cb"
last-modified: Mon, 14 Nov 2022 18:33:09 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 473
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 14176feef4d5b65eccd580b047c7db36
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
intof.io/itag/?id=itag
54.156.254.128200 OK 5.6 kB IP 54.156.254.128:0
Hash 3dead853a744387e2b2b1299d49ca346
d0b80d22f1d87fd773bfcc515ba282d1bfc91f2c
fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317
GET /itag/?id=itag HTTP/1.1
Host: intof.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:56 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 5643
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.omappapi.com/app/js/22.7f83f3f7.min.js
194.242.11.186200 OK 1.3 kB URL HTTP/2 a.omappapi.com/app/js/22.7f83f3f7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1495)
Hash f14ba0405ee9d95e29e6ba79f4a32d95
b7759b92be868c6730157eaf4d9840f23c9fed35
cd82eb7fefdbfbfc3af5564c1852a34789828500d92c300d5eae53bde26206db
GET /app/js/22.7f83f3f7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-613"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 506
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1e71f274aa9c6c7386e37e6d8c1e1708
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/10.0f634e82.min.js
194.242.11.186200 OK 11 kB URL HTTP/2 a.omappapi.com/app/js/10.0f634e82.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (25079)
Hash dad979bcacdf544980aaf8d2e4511de8
1ae5a60293d3727eae532a38465428889b700e3e
7497928e80a78c267371e6bf5d09a6252d7caf79f71c61c3845721500b476b3e
GET /app/js/10.0f634e82.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-6236"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 512
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 70b38e02e8fe1c81da6abbe86e119ab0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/21.400ddc65.min.js
194.242.11.186200 OK 1.8 kB URL HTTP/2 a.omappapi.com/app/js/21.400ddc65.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (3159)
Hash 034d7844f2b8e40313a61e3dc2f20683
e464b07b33ebaf9f55eb8a410cbc41a585f2c428
b74a5e4cd25a1574fec7975cd956c8325f86c0ef8e6f6ba6df89d55d1aad28e1
GET /app/js/21.400ddc65.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-c8f"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 506
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 82d9834e4aaa994b50f4f3ced0418108
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/1.12278d6a.min.js
194.242.11.186200 OK 3.7 kB URL HTTP/2 a.omappapi.com/app/js/1.12278d6a.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (11044)
Hash 532d239758d4dd08672d6f760b5c231e
29a687e81711f27e932e61f6013977bb4ef69394
f2dc40c943acef30d3c61e3ac9cabde3b4e432610b70f536b90b51bb6e582654
GET /app/js/1.12278d6a.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-2b60"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d87ee3f193efe50c96118b6b08e12514
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/9.8520b11d.min.js
194.242.11.186200 OK 3.9 kB URL HTTP/2 a.omappapi.com/app/js/9.8520b11d.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type HTML document, ASCII text, with very long lines (1607)
Hash 0548d8c149f3888edaa57867aadde471
335ee2b36d73e9f6db33e8eb0b2ee1c597571aa9
bf5153918cf46233693389a4ac749ff63eac92b2c9c3ffcc81c4ef9c601b028d
GET /app/js/9.8520b11d.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-684"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2e731f800866291a173b85f47579fecf
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js
194.242.11.186200 OK 146 kB URL HTTP/2 a.omappapi.com/app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (42484), with no line terminators
Size 146 kB (146392 bytes)
Hash fe62abb7f5fab0af60a5eda40795b26b
d46467c72e3a3c0d93694710befdbb2758af5646
d47a76e76b3ac2d0869bb5414c857c436b6620b76ec41ed8b7699c69e5c42313
GET /app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"62ed39ef-a5f4"
last-modified: Fri, 05 Aug 2022 15:40:31 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 419
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0ce10486035d4f78418da90754b4b1f3
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/16.53ab7a19.min.js
194.242.11.186200 OK 16 kB URL HTTP/2 a.omappapi.com/app/js/16.53ab7a19.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (794)
Hash 32d5e21b64cb178560d4303bf122b39c
d658fc0295499fd1c7d99d5016c86a2644377513
16a6a96bb8089e9ae99392acebbeb83c04a6b6a34891fa52092666544747185b
GET /app/js/16.53ab7a19.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-354"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 492
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 722d6a217364129e356886b9036a5fdf
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.omappapi.com/users/9df7ffe78a4b/images/1e8c9f57088d1632774244-image-3-1.png
194.242.11.186200 OK 124 kB URL HTTP/2 a.omappapi.com/users/9df7ffe78a4b/images/1e8c9f57088d1632774244-image-3-1.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Size 124 kB (124468 bytes)
Hash 2977bbac1155b371c7157a9215f39f17
6c6d9dee6812a6cdb2b8cecf5b7ba41339a15399
dbb3602341ab8228b0317c8046c6ec17dcfc88094881eb7b675fca07a6cf93ed
GET /users/9df7ffe78a4b/images/1e8c9f57088d1632774244-image-3-1.png HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: image/webp
content-length: 124468
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "615228c6-1e634"
last-modified: Mon, 27 Sep 2021 20:25:42 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 226
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:56
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 045caeb4eb5e20cd358274ab388ee5d2
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
a.omappapi.com/app/js/26.9d5adc06.min.js
194.242.11.186200 OK 1.2 kB URL HTTP/2 a.omappapi.com/app/js/26.9d5adc06.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (2788)
Hash ea74fa78ffee7a7f7f0bbfaac034d9de
521038e86045a3c4679463be7abc653bd1f3637f
f7a20b52358a7cebe5ddd491843ec8e01989de3230bd5e4a8c50c14ae73b85a5
GET /app/js/26.9d5adc06.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-b1c"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 495
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 20a99fba5c43a9e7ead5e01b4a488acd
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/ajlxnbfdds40zzopc7nu
54.230.111.48200 OK 48 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/ajlxnbfdds40zzopc7nu
IP 54.230.111.48:0
Hash 51ea6c445403a2913ecebb2527eedcf8
4f7b3e28452c2fd34d2b5b22fcaf194640ba6501
a40e21d513bad3958264fcae6be97747869f39edafad42804386d9cafaff5ed0
GET /v2/embed/134765/ajlxnbfdds40zzopc7nu HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:36:29 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Tue, 03 May 2022 23:17:17 GMT
etag: W/"33a961c6f30e459b4fef9e09eb3395d7"
x-optinmonster-campaign: ajlxnbfdds40zzopc7nu
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mXF6dOnecbUnVDEfjLWnUC6pcx307zeH5HtA2x8d72xPHvkZRqkmiw==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Hash a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 15:01:47 GMT
expires: Wed, 15 Nov 2023 15:01:47 GMT
cache-control: public, max-age=31536000
age: 539349
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/users/9df7ffe78a4b/images/3c64dd582f651666385017-Group_2349__3_-removebg-preview.png
194.242.11.186200 OK 43 kB URL HTTP/2 a.omappapi.com/users/9df7ffe78a4b/images/3c64dd582f651666385017-Group_2349__3_-removebg-preview.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash aed6a34b64e840633a2fad5ff5365bf0
4c18259194830a69ca532f3bdd44618a64b3462e
e8a1f5ed542cc6a94cf870dd272c2986508644bcdf234f06d2bbb9cf984c7acf
GET /users/9df7ffe78a4b/images/3c64dd582f651666385017-Group_2349__3_-removebg-preview.png HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: image/webp
content-length: 43144
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "63530794-a888"
last-modified: Fri, 21 Oct 2022 20:56:52 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 463
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:56
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 60372ff2ab3726239f122c7a49e4ef19
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
intof.io/iocmap/?iocid=null&iocmap=null
54.156.254.128200 OK 43 B URL HTTP/1.1 intof.io/iocmap/?iocid=null&iocmap=null
IP 54.156.254.128:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /iocmap/?iocid=null&iocmap=null HTTP/1.1
Host: intof.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:56 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13888, version 1.0\012- data
Hash 099548fac114f5f6498c5c75b943581d
7505fcaf9f4fe36634352b322a9f5fed1256a9f6
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05
GET /s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 21:55:46 GMT
expires: Tue, 14 Nov 2023 21:55:46 GMT
cache-control: public, max-age=31536000
age: 600910
last-modified: Mon, 18 Jul 2022 19:12:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/im6eiprd9tuuooboqox3
54.230.111.48200 OK 14 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/im6eiprd9tuuooboqox3
IP 54.230.111.48:0
Hash 86173ab27294be5c8a6ab9e0ac07aa4a
3f71fb7083a84f128f92f1fefcfea4ca26308216
a526828b9907486d4db5f63b23d3a4786e2ed99286f2c3fbdc7bff89cea15e71
GET /v2/embed/134765/im6eiprd9tuuooboqox3 HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:36:29 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Thu, 19 May 2022 15:31:41 GMT
etag: W/"ec2cc7dc3b790eafa0e08a63c4bd5ac7"
x-optinmonster-campaign: im6eiprd9tuuooboqox3
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PDEIChiAWJbyaLDtltm7hnmQ2NvnZu6t-pG0NPdp5Sb6T8rYRl-RpQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 436608
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/app/js/27.205350b7.min.js
194.242.11.186200 OK 2.8 kB URL HTTP/2 a.omappapi.com/app/js/27.205350b7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1207)
Hash 8ecec7a615e5b4f1bba6486dd79d0982
6ec09ca4b2c5c7e42566fcaf6dbe93542b9b172c
dd6c0b00c5325ce3b22dea0fb87cfb930e97f6088481c6180faf95afda47668a
GET /app/js/27.205350b7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-4f6"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 47c14bcbcc306bc11d3f6ab795ec98f8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/users/9df7ffe78a4b/images/2594573772d71633376100-Frame-1-4.png
194.242.11.186200 OK 10 kB URL HTTP/2 a.omappapi.com/users/9df7ffe78a4b/images/2594573772d71633376100-Frame-1-4.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 293ee3a2fa67d64f7ca80d1c0b1f362a
6896bc72689767b53e0dbbb0c061fe52ce44de1f
e1325013d0745726c78ffdf8039ff128e964dc0f35d7e4ed97b31436a644b213
GET /users/9df7ffe78a4b/images/2594573772d71633376100-Frame-1-4.png HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: image/webp
content-length: 9980
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "615b5e96-26fc"
last-modified: Mon, 04 Oct 2021 20:05:42 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 192
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:56
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 57b342327efe3bd4cfe1fa2cda7d52d1
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/yuscyb4d9tbmb0qegytf
54.230.111.48200 OK 79 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/yuscyb4d9tbmb0qegytf
IP 54.230.111.48:0
Hash 8c6ccc3ebd6d03dc56c3c70fabc01a6e
6cd121e08d5425b2e7c83f6738db660a5005825d
72d3a364fb460bc3eda89ad07d048912ac4927050a46228154268e86b37c9ab3
GET /v2/embed/134765/yuscyb4d9tbmb0qegytf HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:44:57 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Tue, 03 May 2022 23:17:24 GMT
etag: W/"ff84df80bf0ccce8158e7136ab9f4775"
x-optinmonster-campaign: yuscyb4d9tbmb0qegytf
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xXIAzvdGj8NZZ1xqSJoLNWRzNkd6K8exjW0t-8JHmiPK_NL8L5kH8Q==
X-Firefox-Spdy: h2
a.omappapi.com/users/9df7ffe78a4b/images/51b03d4bb67b1666908604-original-1.png
194.242.11.186200 OK 28 kB URL HTTP/2 a.omappapi.com/users/9df7ffe78a4b/images/51b03d4bb67b1666908604-original-1.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 589x441, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 61d83ced4187df65c8c3286abb0c8045
39360c625fec55a4785512961b17be8d226893aa
31df801972887b67685fbb2f4d42f24d578ae0cbe6b842dfdf036bb86dd2f733
GET /users/9df7ffe78a4b/images/51b03d4bb67b1666908604-original-1.png HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: image/webp
content-length: 27868
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "635b0428-6cdc"
last-modified: Thu, 27 Oct 2022 22:20:24 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 468
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:56
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bb96976278578be9841add60420991e7
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 7037
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/users/9df7ffe78a4b/images/a9d508ae4ea71667236730-image-105.png
194.242.11.186200 OK 55 kB URL HTTP/2 a.omappapi.com/users/9df7ffe78a4b/images/a9d508ae4ea71667236730-image-105.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 486x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d846ad1c2b003a2bf284ede21270a9c7
cb49957ed4a4c9b83bc2aeb0cd99143553d4714f
570ffbb76c5a18b0d186e44dcc2f529bd3658bee893bda0f3d42eb2f3b663729
GET /users/9df7ffe78a4b/images/a9d508ae4ea71667236730-image-105.png HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: image/webp
content-length: 55092
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "63600e65-d734"
last-modified: Mon, 31 Oct 2022 18:05:25 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 91
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:56
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6478473f92320888c37477475a952efb
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 21 Nov 2022 20:41:09 GMT
expires: Mon, 21 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 587
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=45045
date: Mon, 21 Nov 2022 20:50:56 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
104.19.148.8200 OK 28 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
IP 104.19.148.8:0
File type ASCII text, with very long lines (57866)
Hash dde09d5ef77ccdb5b5c03deb0c35a313
d989e69531fd10502fc0cda06c759bb210c54990
0928f8a1794ac3824933bf8923e5ad1d5a1117a1bd10497ba48f8e7f8ef08f70
GET /pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: text/javascript
content-length: 26762
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 11 Nov 2022 16:42:21 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 27394
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76dc4cf1adeeb50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.3:0
Hash dfe69b5399500c25567fc5dcb9eb1d61
f6972e9c15a1ccced43b4c8dc92da5e6f1c9d9c4
a205e124530d31f27764add30fa3ad51f2a14132ac4487454c2e504b13d8f2db
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4f3a5a30fdbbcedc4ac1dc3b76e2f549
900613ba9b53b997643793c2a5b679dbda675f4b
c092a80d083e7d785e8a2ca3f103ab2f00d4b6761c420fb9ef2256408ce8aee2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: max-age=103914
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Etag: "637abe65-1d7"
Expires: Wed, 23 Nov 2022 01:42:50 GMT
Last-Modified: Sun, 20 Nov 2022 23:55:17 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
munchkin.marketo.net/munchkin.js
23.53.51.106200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 21 Nov 2022 20:50:56 GMT
Content-Length: 728
Connection: keep-alive
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 21 Nov 2022 20:50:56 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=25FD5BD975BB6D8B19F949BA74EC6C07; domain=.bing.com; expires=Sat, 16-Dec-2023 20:50:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3677F4077AE1413091B6E2D72E57A099 Ref B: OSL30EDGE0415 Ref C: 2022-11-21T20:50:56Z
date: Mon, 21 Nov 2022 20:50:56 GMT
X-Firefox-Spdy: h2
getdivvy.com/cheq-script/
104.18.15.155200 OK 82 kB URL HTTP/2 getdivvy.com/cheq-script/
IP 104.18.15.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (22076)
Hash 79134cae040521b21d49b3b3b274a59c
652dd3ae82f2b0886deb2fa0562b4ad06e769a6b
e77b72990ea6ae05cb07a50a3e837c4a001363603874e2d4cc06d9e6e78724f3
GET /cheq-script/ HTTP/1.1
Host: getdivvy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/sweepstakes-international-payments/
Cookie: __cf_bm=hl3FPg.bNxBlL27PtnA_FEEpwyBU4LOszCGZwygJahI-1669063854-0-Aba9CcZ3PHtThA27mMZKyueHisgS7louZk2qCNzsf3xlZ+9sXhx9bwIRSgjQ9e6Qero6y+Keoywly9xTCfjA24M=; nitroCachedPage=1; _gcl_au=1.1.56365928.1669063855; _an_uid=0; _gd_visitor=342d0a45-a677-419a-8c88-0214f65840cd; _gd_session=3aaccd6e-3b15-4d6b-8a12-88e172b10708; _ga_BD6RWKML6V=GS1.1.1669063855.1.0.1669063855.60.0.0; _ga=GA1.1.149814560.1669063856; _cq_duid=1.1669063855.IqAytkA7X3EGKvFz; _cq_suid=1.1669063855.e5oVvOFuqbLuKP3S; q_marketing_utm_ref_tracking=%7B%22params%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22landingPage%22%3A%22https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F%22%2C%22convertingPagePath%22%3A%22https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F%22%2C%22convertingPage%22%3A%22https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F%22%7D; _omappvp=wl3iaaVVUacLhHr5b8xSAeLUvea3X0us2ubyEJYPS13fVg7RrgtkKMKBuBIJfnGVIHlZgSPJljGTkHow8E4lKYwn5uVtv0dk; _omappvs=1669063856059
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
accept-ch: Sec-CH-UA-Mobile
x-nitro-cache: HIT
x-nitro-cache-from: drop-in
x-nitro-rev: eaaff68
link: <https://cdn-cfojb.nitrocdn.com>; rel=preconnect, <https://getdivvy.com/wp-json/>; rel="https://api.w.org/", <https://getdivvy.com/wp-json/wp/v2/pages/11447>; rel="alternate"; type="application/json", <https://getdivvy.com/?p=11447>; rel=shortlink
x-cache-ctime: 1668018959
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 20
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76dc4ceced79b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8086eba81f8c970ab1da448d18e48c98
4c439fd23f6991bb1967e6679976a3c2ddff8bd6
16ce620a5151591164862cefc4cb90fbc892ececa555082c6ebd7ce744706f58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
munchkin.marketo.net/162/munchkin.js
23.53.51.106200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Wed, 01 Mar 2023 20:50:56 GMT
Date: Mon, 21 Nov 2022 20:50:56 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BD6RWKML6V&cid=149814560.1669063856>m=2oeb90&aip=1&z=386845123
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BD6RWKML6V&cid=149814560.1669063856>m=2oeb90&aip=1&z=386845123
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BD6RWKML6V&cid=149814560.1669063856>m=2oeb90&aip=1&z=386845123 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 20:50:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.3:0
Hash dfe69b5399500c25567fc5dcb9eb1d61
f6972e9c15a1ccced43b4c8dc92da5e6f1c9d9c4
a205e124530d31f27764add30fa3ad51f2a14132ac4487454c2e504b13d8f2db
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-1406474.js?sv=7
143.204.55.84200 OK 2.6 kB URL HTTP/2 static.hotjar.com/c/hotjar-1406474.js?sv=7
IP 143.204.55.84:0
File type ASCII text, with very long lines (3790)
Hash 02dec0158edbf8fcd6c920fdcab03718
6d41e08618745bb3ae638d514122332a4c2eaa74
7ab145cf5076ffe0ef029463a0aec97bbad27fcb7c7fe2ee27c5bb4ef064d9fe
GET /c/hotjar-1406474.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 21 Nov 2022 20:50:56 GMT
cache-control: max-age=60
etag: W/5fcf44988e9c0e64157f3238f37f51d5
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cX_gqq9-iUs3DD0RO3gVAxbIDwCuI3eN1IZk55xVwnZxBAvVCLYvOA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8086eba81f8c970ab1da448d18e48c98
4c439fd23f6991bb1967e6679976a3c2ddff8bd6
16ce620a5151591164862cefc4cb90fbc892ececa555082c6ebd7ce744706f58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linkedin.oribi.io/partner/3717042,413185/domain/getdivvy.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3717042,413185/domain/getdivvy.com/token
IP 54.230.111.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3717042,413185/domain/getdivvy.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://getdivvy.com/
Origin: https://getdivvy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Mon, 21 Nov 2022 08:50:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _TRYZmmbMRndsboVRdFI8VZ3QAK9rLWYwPww8GpHDX15IHJljP9GAw==
age: 43244
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 13b12450a8fcd2d9e7650f6db2e56054
8d4ef7538aaff462b61a16fa51084d88ccbf882a
d35f7a3a77db66b445139fc051681caa89b15eef17a99c35a9d84b97b4f07701
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 21 Nov 2022 20:50:57 GMT
Last-Modified: Mon, 21 Nov 2022 19:15:15 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4RCmdjdf1rgqursevaHLPZBKPpiwOG8U6XLBfGCUWCaxSsjkh2GAVg==
Age: 5742
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 659623b6f7036483943937c7646385ac
7149df6ec4d7e39cfd641ce9b0cd1447c3d5ace4
b516b0dc0b8f5a44abf1b228acceeb28630db0596276c2f23ff9a4c3326285cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6070
Cache-Control: max-age=146706
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Etag: "637b670d-139"
Expires: Wed, 23 Nov 2022 13:36:03 GMT
Last-Modified: Mon, 21 Nov 2022 11:54:53 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
cdn.linkedin.oribi.io/partner/3717042,413185/domain/getdivvy.com/token
54.230.111.42200 OK 1.1 kB URL HTTP/2 cdn.linkedin.oribi.io/partner/3717042,413185/domain/getdivvy.com/token
IP 54.230.111.42:0
Hash ebaabc6e80de569d7aeb45c615329f47
cffc0c58b148a63354ad865f9cca90d2c5b716c6
abe960e8fd3be3067b5c54040a90b2164dd8da79797cb8a3b65fad043fe9ea5a
GET /partner/3717042,413185/domain/getdivvy.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:12:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h8do34a7JQxkexuJAtDe9SEa33217KZAXleXLChUtnSZm-WdF_DNzw==
age: 2310
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
52.86.125.20200 OK 2.0 kB URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 52.86.125.20:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5676), with no line terminators
Hash f7142576e5d1004d5f28d42c658a4f3a
0b00a6ff6004ab2f4f6de5bde94fd4df0d7ab2cd
6e521a4aa55d2fa22987b2877f9f64351494901aac6d80a458d0505047bb6704
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 413
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1669063860
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13318
access-control-allow-origin: https://getdivvy.com
vary: Accept,Accept-Encoding
x-intercom-version: cc69c7f4ffde7fecf6db2344a93598c812f8ba40
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 00012p5d9938lvr9niag
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"03b81af7951f0a214ae404daff4d53ff"
x-runtime: 0.405378
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-05dcf007a1eb86c5b
X-Firefox-Spdy: h2
to.getnitropack.com/
194.242.11.186200 OK 20 B IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash c23d32bc84330ad96c990858c2eb1235
3e5b07d19cb12ba27e5777030db284a0abe5209e
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
POST / HTTP/1.1
Host: to.getnitropack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------31308247921274844548894995209
Content-Length: 425
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
content-type: text/html; charset=UTF-8
content-length: 20
server: BunnyCDN-NO1-830
cdn-pullzone: 234442
cdn-uid: b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=0
content-encoding: none
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 20:50:57
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 790be670108c4ec956abba0d91c72577
X-Firefox-Spdy: h2
obs.cheqzone.com/mon
54.83.110.109200 OK 0 B IP 54.83.110.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1417
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: cg_uuid=18acc48ba019a3ebd503c9e70d3206a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getdivvy.com
content-type: application/json
date: Mon, 21 Nov 2022 20:50:57 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.cheqzone.com/mon
54.83.110.109200 OK 0 B IP 54.83.110.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1412
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: cg_uuid=18acc48ba019a3ebd503c9e70d3206a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getdivvy.com
content-type: application/json
date: Mon, 21 Nov 2022 20:50:57 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/events.js
34.238.229.64200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 34.238.229.64:0
File type ASCII text, with very long lines (16677)
Hash 54cf18c9ca187cae797b4315dccde84e
148ba0216e8d730190e66f78813c88c8b6d3a11d
734fde51c7199a4c4c6a052132cb914bc989c3b233e16513782ba19af8feb771
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Mon, 21 Nov 2022 20:50:57 GMT
Set-Cookie: sa-user-id=s%3A0-b4b83955-3a72-41bc-586e-1348f8f7ebf7.FLn1V%2BqfDStzQElDAvoPkpIaZdpUwBwDFh34RX%2BMUcI; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AtLg5VTpyQbxYbhNI-Pfr91taKpo.7a7oWeizHxhuMIQ1qOtzcx95sTJ2JCpYuPCMKN2ZjE8; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5385
Connection: keep-alive
px.ads.linkedin.com/collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D413185%252C3717042%26time%3D1669063857023%26url%3Dhttps%253A%252F%252Fgetdivvy.com%252Fsweepstakes-international-payments%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJKQBE8ZyHmzwAAAYSb9VRIPeGsJqB9BC0y6kk34PKbJ9mgVTgXg2kOy5zczSh_seeGcHRKE5dpdA; Max-Age=2592000; Expires=Wed, 21 Dec 2022 20:50:57 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKnKscq9Cx9YQAAAYSb9VRIurEcAAEu29AKCJbKYFqmpOFe5QXQHZNDqGsrZD5dQzrsGHdVoHJ_nsheN96oAw; Max-Age=2592000; Expires=Wed, 21 Dec 2022 20:50:57 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&73041204-15c4-497c-8f11-5e812b52f78f"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 21-Nov-2023 20:50:57 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2377:u=1:x=1:i=1669063857:t=1669150257:v=2:sig=AQGjihT4sAbS-3lDG3Tr-pcHbQOiIbYe"; Expires=Tue, 22 Nov 2022 20:50:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXuATZRE0/9hW1/ie0ugQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C964D74BFEE74FF2A3AE9CEC7F54A754 Ref B: OSL30EDGE0412 Ref C: 2022-11-21T20:50:57Z
date: Mon, 21 Nov 2022 20:50:56 GMT
content-length: 0
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=3d96cdc8-4d75-40d5-b86c-a3577c3ddf04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bef1df0b-bf74-47ca-ac73-536545bb3b7f&tw_document_href=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzl&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=3d96cdc8-4d75-40d5-b86c-a3577c3ddf04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bef1df0b-bf74-47ca-ac73-536545bb3b7f&tw_document_href=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzl&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=3d96cdc8-4d75-40d5-b86c-a3577c3ddf04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bef1df0b-bf74-47ca-ac73-536545bb3b7f&tw_document_href=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzl&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=8a8baa8e-4c17-4d94-907f-0c6f94717449; Max-Age=63072000; Expires=Wed, 20 Nov 2024 20:50:57 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: cf50babee5444921
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: ccc565b4f7fe7fbfaf978f2cad99be71818a31d5dfd487e331a77d22bc29db61
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
34.238.229.64200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 34.238.229.64:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Mon, 21 Nov 2022 20:50:57 GMT
Content-Length: 27
Connection: keep-alive
b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A56%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%222051%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
23.61.214.147200 OK 43 B URL HTTP/2 b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A56%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%222051%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
IP 23.61.214.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A56%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%222051%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "615ccf10-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Mon, 21 Nov 2022 20:50:57 GMT
set-cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500; expires=Wed, 20-Nov-2024 20:50:57 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin:
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 20b342256c1d2023a3e1fe10f31dbf8d
c89dc4689e37c7c46ea10b0b4582b5ceb6b3b030
f139d261c92839fb6b36813a19b7492ac001e6ec86cb7806d1dfd8590d1b7da5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 03:37:45 GMT
Expires: Mon, 28 Nov 2022 03:37:44 GMT
Etag: "c89dc4689e37c7c46ea10b0b4582b5ceb6b3b030"
Cache-Control: max-age=542206,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76dc4cf4efff1bfa-OSL
rdata.mpio.io/v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6IjlkMWNhZTcxLWZkMWMtNDUwOS04NTI4LTM4MmY1ZDBkZTUxMyIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJuIjoxLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwicyI6MSwidnMiOjEsImwiOiJQYWdlTG9hZCJ9&callback=cb3502e3deb5c6f8
34.232.156.45200 OK 209 B URL HTTP/1.1 rdata.mpio.io/v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6IjlkMWNhZTcxLWZkMWMtNDUwOS04NTI4LTM4MmY1ZDBkZTUxMyIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJuIjoxLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwicyI6MSwidnMiOjEsImwiOiJQYWdlTG9hZCJ9&callback=cb3502e3deb5c6f8
IP 34.232.156.45:0
File type ASCII text, with no line terminators
Hash 8f759e4e4067a52323555316576166f1
bcfdb365fd0460deaa20aa934aaa25805e0a3373
cbb5b451c0b39047eee0d5e2b2b3bd1b8dcb05c0b94bf473ab6f9c17e54a9ff9
GET /v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6IjlkMWNhZTcxLWZkMWMtNDUwOS04NTI4LTM4MmY1ZDBkZTUxMyIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJuIjoxLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwicyI6MSwidnMiOjEsImwiOiJQYWdlTG9hZCJ9&callback=cb3502e3deb5c6f8 HTTP/1.1
Host: rdata.mpio.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:56 GMT
Server: Kestrel
Set-Cookie: MGX_U=9d1cae71-fd1c-4509-8528-382f5d0de513; expires=Tue, 21 Nov 2023 20:50:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
MGX_F03E15168591=0993e4b4-b842-48e6-9ccd-ebc10dc2b293; expires=Tue, 21 Nov 2023 20:50:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
MGX_PX_F03E15168591=ce48871d-11df-4cee-8744-8887de24088a; expires=Mon, 21 Nov 2022 21:20:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
Content-Length: 209
Connection: keep-alive
script.hotjar.com/modules.55241fd65a1af5a1837b.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.55241fd65a1af5a1837b.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f82b1a8e62b6a241154cb066c4d1ad8
942982f722f180cb3eac787f0f5edb1f3927696a
36a9999c741ee16ea1337a713b13a62f7e368a437ebe9581c487d42b7c7fe50b
GET /modules.55241fd65a1af5a1837b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68617
date: Thu, 17 Nov 2022 11:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ybjIhxjJo6pr_2Zn5Uh9TnYVO1yLQ0KQ2WCGP4KHgDrUYtDOtJPjeQ==
age: 380691
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/hrqol4dryvnegr6ica3w
54.230.111.48200 OK 2.0 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/hrqol4dryvnegr6ica3w
IP 54.230.111.48:0
Hash dbc44fb8ce75158ac562d7522cf62e8e
86ef97fb99d818bf144e44a784c79b8d1e703afe
8ba1068d0745bf7341c3d071224bbcb272f6464815f78d6f23f4e67301c44ffc
GET /v2/embed/134765/hrqol4dryvnegr6ica3w HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:23:16 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Wed, 09 Nov 2022 21:48:58 GMT
etag: W/"8d14ce88712cb37ad1e2152ef99df9c6"
x-optinmonster-campaign: hrqol4dryvnegr6ica3w
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5nhXvysDLCjinJCGkPmzS5G7SznEXrFRzi41g859MA_ppUUmtJHZDQ==
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=25013866&tm=gtm002&Ver=2&mid=98995574-c34c-4f18-aff5-d8d3a65df5d9&sid=32a0576069de11ed9af13dfe8ab17437&vid=32a052d069de11ed976a2b77217bb890&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&p=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&r=<=2103&evt=pageLoad&sv=1&rn=706611
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=25013866&tm=gtm002&Ver=2&mid=98995574-c34c-4f18-aff5-d8d3a65df5d9&sid=32a0576069de11ed9af13dfe8ab17437&vid=32a052d069de11ed976a2b77217bb890&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&p=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&r=<=2103&evt=pageLoad&sv=1&rn=706611
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=25013866&tm=gtm002&Ver=2&mid=98995574-c34c-4f18-aff5-d8d3a65df5d9&sid=32a0576069de11ed9af13dfe8ab17437&vid=32a052d069de11ed976a2b77217bb890&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&p=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&r=<=2103&evt=pageLoad&sv=1&rn=706611 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=281F1DEF265463B426F60F8C2703621D; domain=.bing.com; expires=Sat, 16-Dec-2023 20:50:57 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8DEA78BB2EA4A5086E8D0673576C828 Ref B: OSL30EDGE0415 Ref C: 2022-11-21T20:50:57Z
date: Mon, 21 Nov 2022 20:50:56 GMT
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/y2omzrl79tvr8flsw8th
54.230.111.48200 OK 1.6 kB URL HTTP/2 api.omappapi.com/v2/embed/134765/y2omzrl79tvr8flsw8th
IP 54.230.111.48:0
Hash 9f1635e430b6ffca64dfd2a3bde982a6
7491a8c44175ebc30f7a70e27a459888ae839a5f
92dcda0cec4ac497d8b357e1c67a4838e8c3803fd6f6e527ea71779aaccee0af
GET /v2/embed/134765/y2omzrl79tvr8flsw8th HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:36:29 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Mon, 11 Jul 2022 20:19:28 GMT
etag: W/"7657b92245ab7c0c1b7ff92ae9275588"
x-optinmonster-campaign: y2omzrl79tvr8flsw8th
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rPWWUd95uSUs0SdXoiVDoqXVkBcVTMAXsNv4s-rYdC-f4WzgF5yqyA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9411da1d5936abb1128dd236e2db78a2
833400561feb3c4dcc4c2ea54ed47318162ba822
128f43d80f057c12783e3192ef96d474f202ab5681cc441a402e85467a66f708
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "128F43D80F057C12783E3192EF96D474F202AB5681CC441A402E85467A66F708"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5938
Expires: Mon, 21 Nov 2022 22:29:55 GMT
Date: Mon, 21 Nov 2022 20:50:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 69cfd0b75120dc61cc7956c284a6e11b
1db62c8e7288943b6347ec85a70e5ee641b68467
c078fd80767b9509ad9540eb5a1abb9f0508d13df150c707c90afdbf24355627
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3525
Cache-Control: max-age=98783
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Etag: "637ab5cb-138"
Expires: Wed, 23 Nov 2022 00:17:20 GMT
Last-Modified: Sun, 20 Nov 2022 23:18:35 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 980a584b9df1041baf6408020774834f
ef302a6594fe07b8c853433fb6c6da3eb97fc406
b060b7ce95f2f71498d41de6249e5f8eda037f6f1d2bf10495ef80a1138c5b75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2449
Cache-Control: max-age=123646
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Etag: "637b1b1e-2d7"
Expires: Wed, 23 Nov 2022 07:11:43 GMT
Last-Modified: Mon, 21 Nov 2022 06:30:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 980a584b9df1041baf6408020774834f
ef302a6594fe07b8c853433fb6c6da3eb97fc406
b060b7ce95f2f71498d41de6249e5f8eda037f6f1d2bf10495ef80a1138c5b75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2449
Cache-Control: max-age=123646
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Etag: "637b1b1e-2d7"
Expires: Wed, 23 Nov 2022 07:11:43 GMT
Last-Modified: Mon, 21 Nov 2022 06:30:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
bat.bing.com/p/action/25013866.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/25013866.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/25013866.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1379B13F856D65703E83A35C843A6448; domain=.bing.com; expires=Sat, 16-Dec-2023 20:50:57 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5978797462DC4D1DAED27E4FB8931ED4 Ref B: OSL30EDGE0415 Ref C: 2022-11-21T20:50:57Z
date: Mon, 21 Nov 2022 20:50:56 GMT
X-Firefox-Spdy: h2
35.85.84.151/is
35.85.84.151200 OK 32 B IP 35.85.84.151:0
File type ASCII text, with no line terminators
Hash a30fb6f7e4ebb00e0ae1fab6c162085b
4d379379e677b39b26ada865adc7a17560cb9aee
442821dbce9db43fb1f6ca83aef8092c7535b472b4d682e5ec993141e98f3dbb
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 35.85.84.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Origin: https://getdivvy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37e031ac943a6d83a390049379209eb4
da518c5055416c8fdfd8b96e2e972c46a0409cdd
402b69533b58a60e0ef15de910dcd2d8741c4c08bb147fe83f90661b0e401e14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1744
Cache-Control: max-age=145979
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Etag: "637b751c-1d7"
Expires: Wed, 23 Nov 2022 13:23:56 GMT
Last-Modified: Mon, 21 Nov 2022 12:54:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
3.248.145.65200 OK 82 B URL HTTP/2 aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
IP 3.248.145.65:0
File type ASCII text, with no line terminators
Hash ae708136e46f5ab7a3be5d2a6ff558ac
cfddee7c8aaf2245d3a531efb187df16cf35c751
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5
GET /adscores/g.jsonp?sid=9202274878&userid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
content-type: application/json
content-length: 82
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3A5eO5wZb76c8s89bl3SoRH9bSG5lmFvPL; Path=/; Domain=.agkn.com; Expires=Tue, 21-Nov-2023 20:50:57 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D413185%252C3717042%26time%3D1669063857023%26url%3Dhttps%253A%252F%252Fgetdivvy.com%252Fsweepstakes-international-payments%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D413185%252C3717042%26time%3D1669063857023%26url%3Dhttps%253A%252F%252Fgetdivvy.com%252Fsweepstakes-international-payments%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D413185%252C3717042%26time%3D1669063857023%26url%3Dhttps%253A%252F%252Fgetdivvy.com%252Fsweepstakes-international-payments%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&f3827409-842b-4b0a-8680-9150a561c63c"; Domain=.linkedin.com; Expires=Tue, 21-Nov-2023 20:50:57 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202211212050575aa83221-0c3b-40d5-8720-7ca1ca7e1077AQG7dYtRoftRx4Ywwrg4kzHeSkOWyH71"; Domain=.www.linkedin.com; Expires=Tue, 21-Nov-2023 20:50:57 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjkwNjM4NTc7MjswMjGFz9nueHXaeT8gsFjFFv1wEy+CQjfZBSVh53OgkwVLww==; Domain=.linkedin.com; Expires=Sat, 20 May 2023 20:50:57 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2419:u=1:x=1:i=1669063857:t=1669150257:v=2:sig=AQEJJ6wLoV-X_g6l8Mlcjc71WUNPbUbB"; Expires=Tue, 22 Nov 2022 20:50:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXuATZYiY/310rXsLku2A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CD689EC639744AD9981A46BBF35DEF69 Ref B: OSL30EDGE0412 Ref C: 2022-11-21T20:50:57Z
date: Mon, 21 Nov 2022 20:50:57 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d5f44030ae728558d0102445d170b873
a9c2e9ce4d20fe2e8a1656f4f457d9a7fe6ee20e
72f2e03c205a810e0ee66b1ee52f2c32ad4d5e5f8b14c5f26810f281761abc0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.crazyegg.com/pages/data-scripts/0017/5946/sampling/getdivvy.com.json?t=463628
104.19.148.8200 OK 146 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0017/5946/sampling/getdivvy.com.json?t=463628
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7bf350686ce2f12eeacb0379130bf21
a370620ff6a776cfccd6c91dd28a4bfa4c3162a0
87ed28cd032d98b1ccb33c23a0bdbbb57a393c8470316ab34d81bb8765060bf8
GET /pages/data-scripts/0017/5946/sampling/getdivvy.com.json?t=463628 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
content-type: application/json
content-length: 146
access-control-expose-headers: CE-Version
ce-version: 11.5.3
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Mon, 21 Nov 2022 19:55:38 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76dc4cf62839b517-OSL
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3d96cdc8-4d75-40d5-b86c-a3577c3ddf04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bef1df0b-bf74-47ca-ac73-536545bb3b7f&tw_document_href=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzl&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3d96cdc8-4d75-40d5-b86c-a3577c3ddf04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bef1df0b-bf74-47ca-ac73-536545bb3b7f&tw_document_href=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzl&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=3d96cdc8-4d75-40d5-b86c-a3577c3ddf04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bef1df0b-bf74-47ca-ac73-536545bb3b7f&tw_document_href=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzl&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_BHx9HrUZH94agncmrlqb6Q=="; Max-Age=63072000; Expires=Wed, 20 Nov 2024 20:50:57 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 00658a789be0ae27
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: fe337ad23646c2c495b9e1fa9c82f0a6b7423d4da563fa451046ca6b76f0b7ee
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91888549-4&cid=149814560.1669063856&jid=961573758&_u=YADAAEAAAAAAACAAI~&z=1090655350
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91888549-4&cid=149814560.1669063856&jid=961573758&_u=YADAAEAAAAAAACAAI~&z=1090655350
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91888549-4&cid=149814560.1669063856&jid=961573758&_u=YADAAEAAAAAAACAAI~&z=1090655350 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 20:50:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58202 Accepted 76 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text
Hash e1bc28b5ec05e7a2e9c8aa31d69e3684
228e3d1c71fcd7d0cc0bc3a1be06bf21af17512c
0013ce1471644f54de83840488b9539611c491ff93bf4152069f7b9b494c4b8c
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 395
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://getdivvy.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Mon, 21 Nov 2022 20:50:57 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=470529669971804&ev=PageView&dl=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&rl=&if=false&ts=1669063857696&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669063857695.1130452444&it=1669063857096&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=470529669971804&ev=PageView&dl=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&rl=&if=false&ts=1669063857696&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669063857695.1130452444&it=1669063857096&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=470529669971804&ev=PageView&dl=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&rl=&if=false&ts=1669063857696&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669063857695.1130452444&it=1669063857096&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Nov 2022 20:50:57 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=uXSQdYA8ak1rsTwn_361gA&is_js=true&landing_url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&t=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&tip=W5DOHnUQrLgkrLquySsnHkZxeo3x0QyzbFIXEQw6pew&host=https://getdivvy.com&sa-user-id-v2=s%253AtLg5VTpyQbxYbhNI-Pfr91taKpo.7a7oWeizHxhuMIQ1qOtzcx95sTJ2JCpYuPCMKN2ZjE8&sa-user-id=s%253A0-b4b83955-3a72-41bc-586e-1348f8f7ebf7.FLn1V%252BqfDStzQElDAvoPkpIaZdpUwBwDFh34RX%252BMUcI
34.238.229.64200 OK 213 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=uXSQdYA8ak1rsTwn_361gA&is_js=true&landing_url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&t=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&tip=W5DOHnUQrLgkrLquySsnHkZxeo3x0QyzbFIXEQw6pew&host=https://getdivvy.com&sa-user-id-v2=s%253AtLg5VTpyQbxYbhNI-Pfr91taKpo.7a7oWeizHxhuMIQ1qOtzcx95sTJ2JCpYuPCMKN2ZjE8&sa-user-id=s%253A0-b4b83955-3a72-41bc-586e-1348f8f7ebf7.FLn1V%252BqfDStzQElDAvoPkpIaZdpUwBwDFh34RX%252BMUcI
IP 34.238.229.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 82d751930a2a3795b521ce7281e4180d
59850faed941861b19f5f5110deeed6c28ed9cfe
a321aa241373ab76ae00857d202d42d891efd2714664995a873c5ebea0c5affd
GET /saq_pxl?uid=uXSQdYA8ak1rsTwn_361gA&is_js=true&landing_url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&t=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&tip=W5DOHnUQrLgkrLquySsnHkZxeo3x0QyzbFIXEQw6pew&host=https://getdivvy.com&sa-user-id-v2=s%253AtLg5VTpyQbxYbhNI-Pfr91taKpo.7a7oWeizHxhuMIQ1qOtzcx95sTJ2JCpYuPCMKN2ZjE8&sa-user-id=s%253A0-b4b83955-3a72-41bc-586e-1348f8f7ebf7.FLn1V%252BqfDStzQElDAvoPkpIaZdpUwBwDFh34RX%252BMUcI HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://getdivvy.com
Content-Type: text/plain; charset=utf-8
Date: Mon, 21 Nov 2022 20:50:57 GMT
Content-Length: 213
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9411da1d5936abb1128dd236e2db78a2
833400561feb3c4dcc4c2ea54ed47318162ba822
128f43d80f057c12783e3192ef96d474f202ab5681cc441a402e85467a66f708
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "128F43D80F057C12783E3192EF96D474F202AB5681CC441A402E85467A66F708"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5938
Expires: Mon, 21 Nov 2022 22:29:55 GMT
Date: Mon, 21 Nov 2022 20:50:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cdcd936a1ca3729e5415928204c25f17
2a0d0e6f94f8145a32f98b725bba52a9a6616f2b
e92ab786e674810e9a0faf3a8c98a99eddb356fa27861f965fd688e54b5bf8c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 20:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rdata.mpio.io/v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6ImVjYmY5MTE4LTQ0YWMtNDBjZC1hZmE1LTBhZGFiMDRhZmY4NiIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjIsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRWlkIiwidjAyIjoibnNfc2VnXzAwMCJ9&callback=cb001741a2709eb8
34.232.156.45200 OK 209 B URL HTTP/1.1 rdata.mpio.io/v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6ImVjYmY5MTE4LTQ0YWMtNDBjZC1hZmE1LTBhZGFiMDRhZmY4NiIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjIsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRWlkIiwidjAyIjoibnNfc2VnXzAwMCJ9&callback=cb001741a2709eb8
IP 34.232.156.45:0
File type ASCII text, with no line terminators
Hash 11b3c42d14096b5a8b3f023d90ab5d6f
40db919177adc38dcc8cd4d13169b6a1abba3ad7
c358a8bb887facc318f47826fa56542c3c4fe2a59f3a970e3efb8aae5c9d36d5
GET /v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6ImVjYmY5MTE4LTQ0YWMtNDBjZC1hZmE1LTBhZGFiMDRhZmY4NiIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjIsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRWlkIiwidjAyIjoibnNfc2VnXzAwMCJ9&callback=cb001741a2709eb8 HTTP/1.1
Host: rdata.mpio.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: MGX_U=9d1cae71-fd1c-4509-8528-382f5d0de513; MGX_F03E15168591=0993e4b4-b842-48e6-9ccd-ebc10dc2b293; MGX_PX_F03E15168591=ce48871d-11df-4cee-8744-8887de24088a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:57 GMT
Server: Kestrel
Set-Cookie: MGX_U=9d1cae71-fd1c-4509-8528-382f5d0de513; expires=Tue, 21 Nov 2023 20:50:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
MGX_F03E15168591=0993e4b4-b842-48e6-9ccd-ebc10dc2b293; expires=Tue, 21 Nov 2023 20:50:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
MGX_PX_F03E15168591=ce48871d-11df-4cee-8744-8887de24088a; expires=Mon, 21 Nov 2022 21:20:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
Content-Length: 209
Connection: keep-alive
aa.agkn.com/adscores/g.pixel?sid=9202283468&_userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_takID=F03E15168591
3.248.145.65302 Found 471 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9202283468&_userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_takID=F03E15168591
IP 3.248.145.65:0
Hash 8f8dec112501459d9c055745389b3e97
d02d3e7a0c6d48a463c9fe280eca1e4ec07b61de
eae703ac8ba04d7da656f5d1ec8ca0b1746e16510fb9323c887a920b753d4bdf
GET /adscores/g.pixel?sid=9202283468&_userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_takID=F03E15168591 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 21 Nov 2022 20:50:57 GMT
location: https://api.dtstmio.com/v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1=
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3AOfwnaUemEMIs89bl3SoRH0v8Okxd8mIc; Path=/; Domain=.agkn.com; Expires=Tue, 21-Nov-2023 20:50:57 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash d69226f2c6b8f4ad3b0e1904b1d2eaa0
fa0de33174630219d39cca73576455d4e893eb80
c52bd49557ac32a6a3622539ba8547f079595103d6c1bb04eddc28d80f5bba55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98846
Date: Mon, 21 Nov 2022 20:50:57 GMT
Etag: "637ab89e-1d7"
Expires: Wed, 23 Nov 2022 00:18:23 GMT
Last-Modified: Sun, 20 Nov 2022 23:30:38 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 14TY21DILrW5E8XqIOhCAXROyCRNIhjUfdiQCsztn5-VUvhVzPDhuw==
Age: 2865
sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT&n=0&b=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&.yp=10147844&f=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT&n=0&b=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&.yp=10147844&f=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT&n=0&b=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&.yp=10147844&f=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
expires: Mon, 21 Nov 2022 20:50:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBLHke2MCEFR6PcS5s_O0WUXlHkFhn2QFEgEBAQE2fWOFYwAAAAAA_eMAAA&S=AQAAAi9J24yPj_sj9Z_IsVP4kBA; Expires=Wed, 22 Nov 2023 02:50:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
34.238.229.64200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 34.238.229.64:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 089872c1bac44bb9cde4a33a9e00decf
577409b0165cdc817efd8642503311145401897c
a6d9a89aa62757363742286afc37d4f0c9775b1d1b90fb756f5f241506ae8417
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Origin: https://getdivvy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Mon, 21 Nov 2022 20:50:57 GMT
Content-Length: 651
Connection: keep-alive
rdata.mpio.io/v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6IjE2ODI5MGU5LWZhNzItNGRlOS1hNTg1LTY3NDdmMTJlNDc1ZSIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjMsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRXMxIn0%3D&callback=cbdce2785f249328
34.232.156.45200 OK 209 B URL HTTP/1.1 rdata.mpio.io/v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6IjE2ODI5MGU5LWZhNzItNGRlOS1hNTg1LTY3NDdmMTJlNDc1ZSIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjMsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRXMxIn0%3D&callback=cbdce2785f249328
IP 34.232.156.45:0
File type ASCII text, with no line terminators
Hash ed51c87ce0f3f02b74096b9ab3744252
f95fa2fd06fefafdd1ad4868fc847050d3de6a10
15102e03faf186e74f05092075a4c75d95db6df7aae94b6de877182aa47aa40a
GET /v1/C/RawData/F03E15168591?v=0993e4b4-b842-48e6-9ccd-ebc10dc2b293&se=ce48871d-11df-4cee-8744-8887de24088a&d=eyJ2IjoiMDk5M2U0YjQtYjg0Mi00OGU2LTljY2QtZWJjMTBkYzJiMjkzIiwibSI6IjE2ODI5MGU5LWZhNzItNGRlOS1hNTg1LTY3NDdmMTJlNDc1ZSIsImUiOiIxIiwiY3NpIjoiIiwic2UiOiJjZTQ4ODcxZC0xMWRmLTRjZWUtODc0NC04ODg3ZGUyNDA4OGEiLCJwIjoiZmQxYmUxMDEtZWNlNS00MjU5LTg5NTUtNDc4OTg4M2NhMWQ5IiwidSI6Imh0dHBzOi8vZ2V0ZGl2dnkuY29tL3N3ZWVwc3Rha2VzLWludGVybmF0aW9uYWwtcGF5bWVudHMvIiwicG4iOiIvc3dlZXBzdGFrZXMtaW50ZXJuYXRpb25hbC1wYXltZW50cy8iLCJyIjoiIiwidCI6IkJJTEwgU3dlZXBzdGFrZXMgT2ZmaWNpYWwgUnVsZXMgfCBEaXZ2eSIsImMiOiJodHRwczovL2dldGRpdnZ5LmNvbS9zd2VlcHN0YWtlcy1pbnRlcm5hdGlvbmFsLXBheW1lbnRzLyIsInByIjoiMTY4NTkxIiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjMsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRXMxIn0%3D&callback=cbdce2785f249328 HTTP/1.1
Host: rdata.mpio.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: MGX_U=9d1cae71-fd1c-4509-8528-382f5d0de513; MGX_F03E15168591=0993e4b4-b842-48e6-9ccd-ebc10dc2b293; MGX_PX_F03E15168591=ce48871d-11df-4cee-8744-8887de24088a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:57 GMT
Server: Kestrel
Set-Cookie: MGX_U=9d1cae71-fd1c-4509-8528-382f5d0de513; expires=Tue, 21 Nov 2023 20:50:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
MGX_F03E15168591=0993e4b4-b842-48e6-9ccd-ebc10dc2b293; expires=Tue, 21 Nov 2023 20:50:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
MGX_PX_F03E15168591=ce48871d-11df-4cee-8744-8887de24088a; expires=Mon, 21 Nov 2022 21:20:57 GMT; domain=.mpio.io; path=/; secure; samesite=none
Content-Length: 209
Connection: keep-alive
i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
100.24.96.45303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
IP 100.24.96.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Mon, 21 Nov 2022 20:50:58 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_li_chk=true&previous_uuid=1f7f234d363f4590b0452e74d1cc56c0
Set-Cookie: lidid=1f7f234d-363f-4590-b045-2e74d1cc56c0; Max-Age=63072000; Expires=Wed, 20 Nov 2024 20:50:58 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
553-obq-061.mktoresp.com/webevents/visitWebPage?_mchNc=1669063857091&_mchCn=&_mchId=553-OBQ-061&_mchTk=_mch-getdivvy.com-1669063857091-85319&_mchHo=getdivvy.com&_mchPo=&_mchRu=%2Fsweepstakes-international-payments%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
192.28.147.68200 OK 28 B URL HTTP/1.1 553-obq-061.mktoresp.com/webevents/visitWebPage?_mchNc=1669063857091&_mchCn=&_mchId=553-OBQ-061&_mchTk=_mch-getdivvy.com-1669063857091-85319&_mchHo=getdivvy.com&_mchPo=&_mchRu=%2Fsweepstakes-international-payments%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
IP 192.28.147.68:0
File type ASCII text, with no line terminators
Hash 9dafc521bd59955b4986f0fc3777f77a
5a572b4730d4a2bce2fa35597a0993c649f26c74
e4e90a7b8bacdfe395361149a9fd42f9192b68bdf1497e4454d0ab4c4917f746
POST /webevents/visitWebPage?_mchNc=1669063857091&_mchCn=&_mchId=553-OBQ-061&_mchTk=_mch-getdivvy.com-1669063857091-85319&_mchHo=getdivvy.com&_mchPo=&_mchRu=%2Fsweepstakes-international-payments%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp= HTTP/1.1
Host: 553-obq-061.mktoresp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 21 Nov 2022 20:50:58 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: f7a38876-bde5-4725-a59f-783f7dfe2006
Content-Encoding: gzip
Access-Control-Allow-Origin: *
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.46200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.46:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Fri, 30 Sep 2022 16:18:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4iGiHZIc2oEPeTOsH6jkGQn2-NLUaTUuF7EY5GguqPEnNLXT67Bdtg==
age: 4509125
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
54.230.111.11200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.11:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e6hSKLMw49EB8EPOYlSQpSKN0kzItvhwyrZwlGej3cgoLlEFpxyYlA==
age: 7895863
X-Firefox-Spdy: h2
i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_li_chk=true&previous_uuid=1f7f234d363f4590b0452e74d1cc56c0
100.24.96.45303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_li_chk=true&previous_uuid=1f7f234d363f4590b0452e74d1cc56c0
IP 100.24.96.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&_li_chk=true&previous_uuid=1f7f234d363f4590b0452e74d1cc56c0 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Mon, 21 Nov 2022 20:50:58 GMT
Content-Length: 0
Connection: keep-alive
Location: https://i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
Set-Cookie: _li_ss=MgkI_____wcQ4xM; Max-Age=2592000; Expires=Wed, 21 Dec 2022 20:50:58 GMT; SameSite=None; Path=/s; Secure
lidid=3cf1d0ff-8b70-418d-b27c-82c2ebc264aa; Max-Age=63072000; Expires=Wed, 20 Nov 2024 20:50:58 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
px.ads.linkedin.com/collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=413185%2C3717042&time=1669063857023&url=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&cf42fc83-d74f-48f2-8fee-171e260b702b"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 21-Nov-2023 20:50:58 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2419:u=1:x=1:i=1669063858:t=1669150258:v=2:sig=AQGQj28Ncti3-P_Tj02qbttkKIrMD-tL"; Expires=Tue, 22 Nov 2022 20:50:58 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXuATZgK0A2yOyuI185mw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D1891AA0FA504A43BB8538AFB660941E Ref B: OSL30EDGE0412 Ref C: 2022-11-21T20:50:58Z
date: Mon, 21 Nov 2022 20:50:57 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 926c14280c67baabdc2ef052c78d54ab
5bbb08e9efb7aaa091524ba1502a91a74f80c4cb
e8eb1f3edfa090655008e4bfcc50e6c9cb7cb18de5c7a8512c652bad6ab9cc56
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155697
Date: Mon, 21 Nov 2022 20:50:58 GMT
Etag: "637b9413-1d7"
Expires: Wed, 23 Nov 2022 16:05:55 GMT
Last-Modified: Mon, 21 Nov 2022 15:06:59 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aAku9wgLLTnph2TAWNQv7el0y3sWGCuqwVCDK6_JF2aJ7E7ZUGVITw==
Age: 3537
tracking.crazyegg.com/clock?t=1669063858154
54.154.238.28200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1669063858154
IP 54.154.238.28:0
File type ASCII text, with no line terminators
Hash 9505244f33775900a73acff01265add5
1e5a88a1d9d0599088829c94e8f36cc9d194290a
763f72dcdf06e2f03bd641df33a50baaacd996fd984078b5e0a597b5724972ba
GET /clock?t=1669063858154 HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Mon, 21 Nov 2022 20:50:58 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223053%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
23.61.214.147200 OK 43 B URL HTTP/2 b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223053%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
IP 23.61.214.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223053%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "5e502810-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Mon, 21 Nov 2022 20:50:58 GMT
set-cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500; expires=Wed, 20-Nov-2024 20:50:58 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin:
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 878cb398946be9de7fee132858f26c9b
6311ffce3309e88e31e117a8c6d5dd2ed5bcbf7a
f5c1b614a5896dcd0e7e2226891e8dc74c4c34a5f2aeffa4fb9693bd44c02e39
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98685
Date: Mon, 21 Nov 2022 20:50:58 GMT
Etag: "637abfcc-1d7"
Expires: Wed, 23 Nov 2022 00:15:43 GMT
Last-Modified: Mon, 21 Nov 2022 00:01:16 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GysVZPBuiueNN-0yxmfPVo9TM-Z9hIkL4SixuWoik-hIrs6wD9Kt-g==
Age: 867
api.dtstmio.com/v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1=
52.45.58.135302 Found 0 B URL HTTP/1.1 api.dtstmio.com/v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1=
IP 52.45.58.135:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1= HTTP/1.1
Host: api.dtstmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 21 Nov 2022 20:50:57 GMT
Location: https://api.datasteam.io/v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1=
Server: Kestrel
Set-Cookie: MGX_EID_F03E15168591=ns_seg_000; expires=Tue, 22 Nov 2022 20:50:58 GMT; domain=api.dtstmio.com; path=/; secure; samesite=none
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 943ea04e38873da1d0c700970530e6b1
6e4151d68861bf83658de123df8f0a142d520b01
bcdf084fbc3c29d8cc4fec52969af85653f6dbef4595e332178a75ede18576a3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 21 Nov 2022 20:50:58 GMT
Last-Modified: Mon, 21 Nov 2022 19:24:20 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Igemohskyl_Sy59uEB51r2w9tS2tMK4dZ_iHv1nuYvXfuPxW-_EsSA==
Age: 5198
api.datasteam.io/v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1=
3.213.194.246200 OK 43 B URL HTTP/1.1 api.datasteam.io/v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1=
IP 3.213.194.246:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /v1/visitaction/nspx?segment=000&userID=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293&takID=F03E15168591&seg1= HTTP/1.1
Host: api.datasteam.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Mon, 21 Nov 2022 20:50:58 GMT
Server: Kestrel
Set-Cookie: MGX_EID_F03E15168591=ns_seg_000; expires=Tue, 22 Nov 2022 20:50:59 GMT; domain=.datasteam.io; path=/; secure; samesite=none
Content-Length: 43
Connection: keep-alive
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:0
File type ASCII text, with no line terminators
Hash 19c6fb4fd3638bc692177101ecc9adc1
d3592a32276ad4a68e25fe744c8c1ce8589105a6
547076db724fc9da48b2175eaccf180d27b95142591d88168b43dcef502bfbce
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: guid=3365f743-69de-11ed-80e8-a9ae7b7a4abe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Mon, 21 Nov 2022 20:50:58 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
44.205.226.102200 OK 43 B URL HTTP/1.1 i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293
IP 44.205.226.102:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /s/63537?bidder_id=242861&bidder_uuid=168591-0993E4B4-B842-48E6-9CCD-EBC10DC2B293 HTTP/1.1
Host: i6.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getdivvy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 20:50:59 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Request-Time: 0
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
obs.cheqzone.com/mon
54.83.110.109200 OK 0 B IP 54.83.110.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1412
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: cg_uuid=18acc48ba019a3ebd503c9e70d3206a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getdivvy.com
content-type: application/json
date: Mon, 21 Nov 2022 20:50:59 GMT
content-length: 0
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/rulesets/10465160/match
52.86.125.20200 OK 100 kB URL HTTP/2 api-iam.intercom.io/messenger/web/rulesets/10465160/match
IP 52.86.125.20:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (60825)
Size 100 kB (100459 bytes)
Hash 7ec5b38dfb518f6dd83c305e52876155
8c9f9cb979bc75b34197e62fe7e7ff678ccbba40
08e6d7f98aecc78b040ea308eca7fdd3eed61fd2c8d14675eb5c5e57b502d1f2
POST /messenger/web/rulesets/10465160/match HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2472
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:59 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1669063860
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13316
access-control-allow-origin: https://getdivvy.com
vary: Accept,Accept-Encoding
x-intercom-version: cc69c7f4ffde7fecf6db2344a93598c812f8ba40
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 002c8g0r3g8o0i4p98ig
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"eedd26d21280d50a59536e2be10ee596"
x-runtime: 1.236871
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-05dcf007a1eb86c5b
X-Firefox-Spdy: h2
b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A58%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224055%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
23.61.214.147200 OK 43 B URL HTTP/2 b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A58%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224055%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
IP 23.61.214.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A58%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224055%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "5e502810-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Mon, 21 Nov 2022 20:50:59 GMT
set-cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500; expires=Wed, 20-Nov-2024 20:50:59 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin:
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
getdivvy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
104.18.15.155200 OK 55 kB URL HTTP/2 getdivvy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 104.18.15.155:0
File type HTML document, ASCII text, with very long lines (31972)
Hash e413573cbbb1848473298f18796cd86f
706f6b8e82d179958152971f03f36401cd3f8d09
9f659ce691ad68d494c4997156c21ffd4e5629b856a06dcffc32bf7dbb3015f3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: getdivvy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/sweepstakes-international-payments/
Cookie: __cf_bm=hl3FPg.bNxBlL27PtnA_FEEpwyBU4LOszCGZwygJahI-1669063854-0-Aba9CcZ3PHtThA27mMZKyueHisgS7louZk2qCNzsf3xlZ+9sXhx9bwIRSgjQ9e6Qero6y+Keoywly9xTCfjA24M=; nitroCachedPage=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: W/"62551487-48b9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 115612
expires: Tue, 21 Nov 2023 20:50:54 GMT
server: cloudflare
cf-ray: 76dc4ce51817b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/conversations/61080303507184
52.86.125.20200 OK 14 kB URL HTTP/2 api-iam.intercom.io/messenger/web/conversations/61080303507184
IP 52.86.125.20:0
Hash 278ec8be31bdd789b466f3dfa2956e55
2da115ebbd566313cfc572d3b26aa6967f2c9de0
eb19a73630f63781e33b32bc4ceb3c11fd32e77687049aa2f00929450f5233c0
POST /messenger/web/conversations/61080303507184 HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 548
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:59 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://getdivvy.com
vary: Accept,Accept-Encoding
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-intercom-version: cc69c7f4ffde7fecf6db2344a93598c812f8ba40
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: 0001dotvt260uf3uiasg
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"b81b684c70f176e62a4e269dcbc24474"
x-runtime: 0.225538
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-05dcf007a1eb86c5b
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ce608dc58769e39105a9584345a2ccd7
3ae29ce950ebc04a982acae8d77a68ce75b019e2
f8dd9fbed327e3e36a183b594112ece6552d7328665639cc4dcc79397a44a0e5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155563
Date: Mon, 21 Nov 2022 20:51:00 GMT
Etag: "637b8cee-1d7"
Expires: Wed, 23 Nov 2022 16:03:43 GMT
Last-Modified: Mon, 21 Nov 2022 14:36:30 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -gMgZ28G6rHdPztLjuf1JaMix4FjogYSOGOp-4uuHFdMWFxSj2_kmQ==
Age: 5233
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=3365f743-69de-11ed-80e8-a9ae7b7a4abe&gdpr=&gdpr_consent=
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=3365f743-69de-11ed-80e8-a9ae7b7a4abe&gdpr=&gdpr_consent=
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=3365f743-69de-11ed-80e8-a9ae7b7a4abe&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:51:00 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A51%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A59%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%225062%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
23.61.214.147200 OK 43 B URL HTTP/2 b.6sc.co/v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A51%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A59%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%225062%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0
IP 23.61.214.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /v1/beacon/img.gif?token=e9837563219e44d075663daa93b343da&svisitor=null&session=3aaccd6e-3b15-4d6b-8a12-88e172b10708&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A51%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2020%3A50%3A59%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%225062%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&pageViewId=023d6ead-00ec-44e6-8a26-450442af2951&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "5e502810-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Mon, 21 Nov 2022 20:51:00 GMT
set-cookie: 6suuid=261f1602c4510000afe47b6357020000ec310500; expires=Wed, 20-Nov-2024 20:51:00 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin:
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
fonts.intercomcdn.com/messenger-m4/proximanova-regular.woff
54.230.111.90200 OK 29 kB URL HTTP/2 fonts.intercomcdn.com/messenger-m4/proximanova-regular.woff
IP 54.230.111.90:0
File type Web Open Font Format, TrueType, length 28960, version 1.0\012- data
Hash a7942249ca925ef356c0f2b1dab17ef3
122ae210e1fbfc1b4730f6f934dae6586b76592b
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
GET /messenger-m4/proximanova-regular.woff HTTP/1.1
Host: fonts.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 28960
date: Mon, 21 Nov 2022 20:51:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 13:54:45 GMT
etag: "a7942249ca925ef356c0f2b1dab17ef3"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000
x-amz-version-id: ebq9pyRY7kszwAwVrH2DKI_ekdqtL0.L
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oxFCzfAyZzl_5vyLKrdsbRh-xKianL4An6AhdIi4WTywcgTx2pMynw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.intercomcdn.com/messenger-m4/proximanova-semibold.woff
54.230.111.90200 OK 29 kB URL HTTP/2 fonts.intercomcdn.com/messenger-m4/proximanova-semibold.woff
IP 54.230.111.90:0
File type Web Open Font Format, TrueType, length 28732, version 1.0\012- data
Hash 46e3f047b6d568624167376a87e01ebd
da035a6ae4c36a4cbdb8c7fa49ed0264c3da6156
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704
GET /messenger-m4/proximanova-semibold.woff HTTP/1.1
Host: fonts.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 28732
date: Mon, 21 Nov 2022 20:51:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 13:54:45 GMT
etag: "46e3f047b6d568624167376a87e01ebd"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000
x-amz-version-id: VJairpJy0waT1zrIOkuinJWJBYGldLS1
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _FhcK-ID0qTYh24vPhVAQwi-0COrJkYTk0eDiJMjgDtaj5AWe3O1hg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/wcvbqccnan1nwmckcgx9
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/134765/wcvbqccnan1nwmckcgx9
IP 54.230.111.48:0
GET /v2/embed/134765/wcvbqccnan1nwmckcgx9 HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:36:29 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Thu, 27 Oct 2022 16:55:00 GMT
etag: W/"b794e87fee661f420e07facb344bf096"
x-optinmonster-campaign: wcvbqccnan1nwmckcgx9
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tQoEU8jhBaMmPZyr7UUtEGN3Y7t0X2EaUlLI_ssUPPP0ogbGyyH2HQ==
X-Firefox-Spdy: h2
cdata.mpio.io/js/E3F03E15168591.js
54.230.111.3200 OK 0 B URL HTTP/2 cdata.mpio.io/js/E3F03E15168591.js
IP 54.230.111.3:0
GET /js/E3F03E15168591.js HTTP/1.1
Host: cdata.mpio.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Sun, 06 Nov 2022 16:59:20 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 20 Nov 2022 23:54:59 GMT
cache-control: max-age=600,s-maxage=86400
etag: W/"b520f56a6752098676d63db62fdb4000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IZ2rYjA03KtPuB7xgYXbwxw93YyFGKb8HT1z_dudyNd37-dLV-EP-Q==
age: 75357
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/si3idvtnqkrvc227njqk
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/134765/si3idvtnqkrvc227njqk
IP 54.230.111.48:0
GET /v2/embed/134765/si3idvtnqkrvc227njqk HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:44:57 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Tue, 03 May 2022 23:17:40 GMT
etag: W/"811db0a92afd64113a4f3248aca26e97"
x-optinmonster-campaign: si3idvtnqkrvc227njqk
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5_T4iYXu0Z5W9U0G7o8jr7vJoHXHR4-GZclEDWkXi0b38TpfVL_Tpg==
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=vmbd1xs&ref=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&upid=1srhjfs&upv=1.1.0
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=vmbd1xs&ref=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&upid=1srhjfs&upv=1.1.0
IP 52.223.40.198:0
GET /track/up?adv=vmbd1xs&ref=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&upid=1srhjfs&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:51:00 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/ylhsduqndqa3tyf6oikh
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/134765/ylhsduqndqa3tyf6oikh
IP 54.230.111.48:0
GET /v2/embed/134765/ylhsduqndqa3tyf6oikh HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:23:16 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Tue, 03 May 2022 23:16:37 GMT
etag: W/"e781fa981dd1441dcce86c4b653a1a8b"
x-optinmonster-campaign: ylhsduqndqa3tyf6oikh
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vyDQiTaAGZAzV-_9RbMEKd_D6elge-1TW4PErX3g94kS12gM48BZZQ==
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/134765/dauxncbzi2ngmfhwh3dm
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/134765/dauxncbzi2ngmfhwh3dm
IP 54.230.111.48:0
GET /v2/embed/134765/dauxncbzi2ngmfhwh3dm HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 21 Nov 2022 20:50:56 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 21 Nov 2022 20:44:57 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Wed, 09 Nov 2022 21:46:01 GMT
etag: W/"f4c0659dbc9f4b3c84a9e0e9713b107b"
x-optinmonster-campaign: dauxncbzi2ngmfhwh3dm
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _5JxLslTHvurdsFH-60sJ5pwpmeP6K91AC6_lqtEb1pkEje0_ec-JQ==
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1406474/visit-data?sv=7
52.18.136.97200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1406474/visit-data?sv=7
IP 52.18.136.97:0
POST /api/v2/client/sites/1406474/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 149
Origin: https://getdivvy.com
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:57 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-91888549-4&ga_client_id=149814560.1669063856&shpt=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-91888549-4%22%2C%22ga_client_id%22%3A%22149814560.1669063856%22%2C%22shpt%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%2C%22dcm_cid%22%3A%221669063855.1%22%2C%22dcm_gid%22%3A%22158945005.1669063857%22%2C%22mntnis%22%3A%22FdFIz%2FTzaFcbZpHXw3cdc3AEknn2EMEr%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1669063855.1&dcm_gid=158945005.1669063857&dxver=4.0.0&shaid=32639&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&cb=94805563978707120term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
35.81.173.170200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-91888549-4&ga_client_id=149814560.1669063856&shpt=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-91888549-4%22%2C%22ga_client_id%22%3A%22149814560.1669063856%22%2C%22shpt%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%2C%22dcm_cid%22%3A%221669063855.1%22%2C%22dcm_gid%22%3A%22158945005.1669063857%22%2C%22mntnis%22%3A%22FdFIz%2FTzaFcbZpHXw3cdc3AEknn2EMEr%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1669063855.1&dcm_gid=158945005.1669063857&dxver=4.0.0&shaid=32639&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&cb=94805563978707120term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
IP 35.81.173.170:0
GET /st?ga_tracking_id=UA-91888549-4&ga_client_id=149814560.1669063856&shpt=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-91888549-4%22%2C%22ga_client_id%22%3A%22149814560.1669063856%22%2C%22shpt%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%2C%22dcm_cid%22%3A%221669063855.1%22%2C%22dcm_gid%22%3A%22158945005.1669063857%22%2C%22mntnis%22%3A%22FdFIz%2FTzaFcbZpHXw3cdc3AEknn2EMEr%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1669063855.1&dcm_gid=158945005.1669063857&dxver=4.0.0&shaid=32639&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&cb=94805563978707120term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Mon, 21 Nov 2022 20:50:58 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=3365f743-69de-11ed-80e8-a9ae7b7a4abe;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
getdivvy.com/sweepstakes-international-payments/
104.18.15.155200 OK 0 B URL HTTP/2 getdivvy.com/sweepstakes-international-payments/
IP 104.18.15.155:0
GET /sweepstakes-international-payments/ HTTP/1.1
Host: getdivvy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
accept-ch: Sec-CH-UA-Mobile
x-nitro-cache: HIT
x-nitro-cache-from: drop-in
x-nitro-rev: eaaff68
link: <https://cdn-cfojb.nitrocdn.com>; rel=preconnect, <https://getdivvy.com/wp-json/>; rel="https://api.w.org/", <https://getdivvy.com/wp-json/wp/v2/pages/14640>; rel="alternate"; type="application/json", <https://getdivvy.com/?p=14640>; rel=shortlink
x-cache-ctime: 1668127555
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 12
x-cache-group: normal
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=hl3FPg.bNxBlL27PtnA_FEEpwyBU4LOszCGZwygJahI-1669063854-0-Aba9CcZ3PHtThA27mMZKyueHisgS7louZk2qCNzsf3xlZ+9sXhx9bwIRSgjQ9e6Qero6y+Keoywly9xTCfjA24M=; path=/; expires=Mon, 21-Nov-22 21:20:54 GMT; domain=.getdivvy.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76dc4cdb38bdb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:55 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6378026b-13ef5"
last-modified: Fri, 18 Nov 2022 22:08:43 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 492
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b7069a9317013ff4d1fa5bc2c8a753b5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=32639&tdr=&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&cb=94805563978707120term=value
52.88.179.26200 0 B URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32639&tdr=&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&cb=94805563978707120term=value
IP 52.88.179.26:0
GET /spx?dxver=4.0.0&shaid=32639&tdr=&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&cb=94805563978707120term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Mon, 21 Nov 2022 20:50:56 GMT
connection: close
a.omappapi.com/app/js/0.81ef4a11.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/0.81ef4a11.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/0.81ef4a11.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-1aa8"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 488
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5b5797479e1ac729d3a661d1118beeea
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: v8MZ14OwRBRZUcBCUzHluO2DMlNxGiujei2tu8vhDd8oPn3vK0I8ogyaJqvjSwvoU/5OdNqrGZJJJmMIOKABtg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Mon, 21 Nov 2022 20:50:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/7.51eec516.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/7.51eec516.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/7.51eec516.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-b8c"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 507
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:13:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 033cfddb27877a2c3f8643eaa6b31cdd
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-91888549-4&ga_client_id=149814560.1669063856&shpt=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-91888549-4%22%2C%22ga_client_id%22%3A%22149814560.1669063856%22%2C%22shpt%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%2C%22dcm_cid%22%3A%221669063855.1%22%2C%22dcm_gid%22%3A%22158945005.1669063857%22%2C%22mntnis%22%3A%22FdFIz%2FTzaFcbZpHXw3cdc3AEknn2EMEr%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1669063855.1&dcm_gid=158945005.1669063857&dxver=4.0.0&shaid=32639&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=166906385843367&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669063859145
35.81.173.170200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-91888549-4&ga_client_id=149814560.1669063856&shpt=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-91888549-4%22%2C%22ga_client_id%22%3A%22149814560.1669063856%22%2C%22shpt%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%2C%22dcm_cid%22%3A%221669063855.1%22%2C%22dcm_gid%22%3A%22158945005.1669063857%22%2C%22mntnis%22%3A%22FdFIz%2FTzaFcbZpHXw3cdc3AEknn2EMEr%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1669063855.1&dcm_gid=158945005.1669063857&dxver=4.0.0&shaid=32639&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=166906385843367&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669063859145
IP 35.81.173.170:0
GET /st?ga_tracking_id=UA-91888549-4&ga_client_id=149814560.1669063856&shpt=BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-91888549-4%22%2C%22ga_client_id%22%3A%22149814560.1669063856%22%2C%22shpt%22%3A%22BILL%20Sweepstakes%20Official%20Rules%20%7C%20Divvy%22%2C%22dcm_cid%22%3A%221669063855.1%22%2C%22dcm_gid%22%3A%22158945005.1669063857%22%2C%22mntnis%22%3A%22FdFIz%2FTzaFcbZpHXw3cdc3AEknn2EMEr%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1669063855.1&dcm_gid=158945005.1669063857&dxver=4.0.0&shaid=32639&plh=https%3A%2F%2Fgetdivvy.com%2Fsweepstakes-international-payments%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=166906385843367&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1669063859145 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Cookie: guid=3365f743-69de-11ed-80e8-a9ae7b7a4abe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Mon, 21 Nov 2022 20:50:59 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMtJR8guKNzYyM7aMNzK3NFayMkAWsTC2AIsgcw3NzCwNzIwtTC0tzI1rAYolKcBGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzI2Mzk6MTY2OTA2Mzg1OQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=3365f743-69de-11ed-80e8-a9ae7b7a4abe;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
a.omappapi.com/app/js/20.1ca31d61.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/20.1ca31d61.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/20.1ca31d61.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-eca"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3cf4dd2fc42ec3930e304e5149958bf2
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 0 B IP 188.125.94.204:0
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aoRcma6LzJcS9iYmUFfL+8vX0CrwJgwdwLnQDztF3wT37w+253KpSkT4CKpOw45/JKc1NJvLAZE=
x-amz-request-id: MFC4S2Q78GC2ZCWJ
date: Mon, 21 Nov 2022 20:48:14 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 163
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
a.omappapi.com/app/js/29.1c75394c.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/29.1c75394c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/29.1c75394c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-adf"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 471
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: db2f81d03d30fdcf310c5e7f553d2973
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=eid7jly&ct=0:qz51qrm&fmt=3
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=eid7jly&ct=0:qz51qrm&fmt=3
IP 52.223.40.198:0
GET /track/evnt/?adv=eid7jly&ct=0:qz51qrm&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:51:00 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
tracking.g2crowd.com/attribution_tracking/conversions/1833.js?p=https://getdivvy.com/sweepstakes-international-payments/&e=
104.18.31.73200 OK 0 B URL HTTP/2 tracking.g2crowd.com/attribution_tracking/conversions/1833.js?p=https://getdivvy.com/sweepstakes-international-payments/&e=
IP 104.18.31.73:0
GET /attribution_tracking/conversions/1833.js?p=https://getdivvy.com/sweepstakes-international-payments/&e= HTTP/1.1
Host: tracking.g2crowd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:55 GMT
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-request-id: 9e80f20c-fc80-49e2-8f0c-e78d1310ddf1
x-runtime: 0.002916
strict-transport-security: max-age=604800
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-cache-status: DYNAMIC
set-cookie: _session_id=57d0b7243d4198ddacc8be81c0de1b11; path=/; expires=Mon, 05 Dec 2022 20:50:55 GMT; HttpOnly; secure; SameSite=None
__cf_bm=9tUQ9jY6Xga8SAvalxbPpuzV4HtNQQkl_iejT5ACPtg-1669063855-0-AVNJUQbhNKHsbHmpDFnOd5z+ase20Ok9PxO3/Nnc0GlmqMadSzbqWGjEznfQBKPCuKiIMoM88m3ZfGXqxAXprW4=; path=/; expires=Mon, 21-Nov-22 21:20:55 GMT; domain=.g2crowd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76dc4ce85ee50b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getdivvy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 20:50:55 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6378026e-464c"
last-modified: Fri, 18 Nov 2022 22:08:46 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 296
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 15:12:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f0078d3e53077add48e9404b01f2e217
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2