www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c
23.227.38.74302 Found 0 B URL HTTP/1.1 www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c
IP 23.227.38.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c HTTP/1.1
Host: www.nativepath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 10:55:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 136
X-Sorting-Hat-ShopId: 1401585725
X-Frame-Options: DENY
Location: https://www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c
X-Shopify-Stage: production
Content-Security-Policy: frame-ancestors 'none'; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=773955b6-6299-4b49-90fc-06181482e788
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=773955b6-6299-4b49-90fc-06181482e788
X-Dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
X-Request-ID: 773955b6-6299-4b49-90fc-06181482e788
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpZrpSq0NwQGSC%2FAz1An9IXF%2F9mmGnMEdKqfig%2Fsg17uD1juic9S9jN2cDKuh12nsEcxZIuh19yn8vKpyppDW2g3r3y53CFZe3cIWnxZAaPqtBQW8q8RC7HrLJqQJM6wwfr1lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: cfRequestDuration;dur=271.000147
Server: cloudflare
CF-RAY: 771291c19ae00b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5246
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 10:55:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=91191
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:06 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:14:57 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4023
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 10:55:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 10:17:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2240
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: feVL37kNojGC3nS5EMweayP60xB4pyMnmhrQSCPbLDCGM8mM2DnUkmF80wKKoXiIkNyCyO2Y2q4=
x-amz-request-id: 10ANQDY5M2QKYEAZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 10:42:01 GMT
age: 785
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:55:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5f8e7a95b97dd48928f99b2d4fe4498
f90e0b63467b0dffb771663bf6c4b1dfb4f4d8e5
acf55fb25ce5b75ed6364ca99c1d9d1e93c675bebfc236df816788a61621810f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACF55FB25CE5B75ED6364CA99C1D9D1E93C675BEBFC236DF816788A61621810F"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Mon, 28 Nov 2022 16:54:14 GMT
Date: Mon, 28 Nov 2022 10:55:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 10:11:12 GMT
cache-control: public,max-age=3600
age: 2635
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5f8e7a95b97dd48928f99b2d4fe4498
f90e0b63467b0dffb771663bf6c4b1dfb4f4d8e5
acf55fb25ce5b75ed6364ca99c1d9d1e93c675bebfc236df816788a61621810f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACF55FB25CE5B75ED6364CA99C1D9D1E93C675BEBFC236DF816788A61621810F"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Mon, 28 Nov 2022 16:54:14 GMT
Date: Mon, 28 Nov 2022 10:55:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4883
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:07 GMT
Last-Modified: Mon, 28 Nov 2022 09:33:44 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QUUOfnwpDfnSnTOIDbbpkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4sCjBpUQvSwZHUeh0mAQz5xhZT0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7641196a0bd2cc75e6c09a1d26c1d62
11679bc78a8fc3f9c4c104f60f99883caa638070
251d9d64ee04b475b1ed8f61049a604991030704b3cddc33e840d0657459bc01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "251D9D64EE04B475B1ED8F61049A604991030704B3CDDC33E840D0657459BC01"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9877
Expires: Mon, 28 Nov 2022 13:39:44 GMT
Date: Mon, 28 Nov 2022 10:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7641196a0bd2cc75e6c09a1d26c1d62
11679bc78a8fc3f9c4c104f60f99883caa638070
251d9d64ee04b475b1ed8f61049a604991030704b3cddc33e840d0657459bc01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "251D9D64EE04B475B1ED8F61049A604991030704B3CDDC33E840D0657459BC01"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9877
Expires: Mon, 28 Nov 2022 13:39:44 GMT
Date: Mon, 28 Nov 2022 10:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7641196a0bd2cc75e6c09a1d26c1d62
11679bc78a8fc3f9c4c104f60f99883caa638070
251d9d64ee04b475b1ed8f61049a604991030704b3cddc33e840d0657459bc01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "251D9D64EE04B475B1ED8F61049A604991030704B3CDDC33E840D0657459BC01"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9876
Expires: Mon, 28 Nov 2022 13:39:44 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
cdn-3.convertexperiments.com/js/10034728-10032750.js
23.61.213.66200 OK 22 B URL HTTP/2 cdn-3.convertexperiments.com/js/10034728-10032750.js
IP 23.61.213.66:0
File type ASCII text, with no line terminators
Hash c4c171fe9accc64a8655faa144d53247
ca495de21aab0cc70544b2c8aa1031b8ee4b0373
122381611f85dd259faf09b253aedf5dcfc0a883331ce15cff7eda7ba4cbc059
GET /js/10034728-10032750.js HTTP/1.1
Host: cdn-3.convertexperiments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 22
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=300
date: Mon, 28 Nov 2022 10:55:08 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7641196a0bd2cc75e6c09a1d26c1d62
11679bc78a8fc3f9c4c104f60f99883caa638070
251d9d64ee04b475b1ed8f61049a604991030704b3cddc33e840d0657459bc01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "251D9D64EE04B475B1ED8F61049A604991030704B3CDDC33E840D0657459BC01"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9876
Expires: Mon, 28 Nov 2022 13:39:44 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:08 GMT
Last-Modified: Mon, 28 Nov 2022 09:14:25 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca
23.227.38.74200 OK 21 kB URL HTTP/2 www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca
IP 23.227.38.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2003), with CRLF, LF line terminators
Hash d6cea3a5c4759a24fcecf40f866d5d04
e9d6527fc143c267268dc9c0cbf6217145657c2a
ffc813e459609da8b9d85714504e3a39fe4c14ab0bef4355738dea6c52278d55
GET /1401585725/orders/b84942a816867c6f07194f4a0b9e70ca HTTP/1.1
Host: www.nativepath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVV3TUdSak0ySTRPRFV5WWpRNFl6azBZbVkwT0dReE16UmtPVGxoTkRBeFl3WTZCa1ZVIiwiZXhwIjoiMjAyMi0xMi0xOVQxMDo1NTowNy4xODBaIiwicHVyIjoiY29va2llLm9yZGVyIn19--46b26bcf28f434dac33d23cbf1ff775da03962d9; _y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; _s=ee46a696-3929-480e-aa36-350cc42b8fa8; _shopify_y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; _shopify_s=ee46a696-3929-480e-aa36-350cc42b8fa8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:07 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 136
x-sorting-hat-shopid: 1401585725
vary: Accept-Encoding
x-frame-options: DENY
x-shopid: 1401585725
x-shardid: 136
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en
cache-control: no-cache
strict-transport-security: max-age=7889238
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=f8eb5e61-9c19-408b-b943-909016944e60
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=f8eb5e61-9c19-408b-b943-909016944e60
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
set-cookie: _orig_referrer=; Expires=Mon, 12-Dec-22 10:55:07 GMT; Domain=nativepath.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca; Expires=Mon, 12-Dec-22 10:55:07 GMT; Domain=nativepath.com; Path=/; HttpOnly; SameSite=Lax
_y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; Expires=Tue, 28-Nov-23 10:55:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
_s=ee46a696-3929-480e-aa36-350cc42b8fa8; Expires=Mon, 28-Nov-22 11:25:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
_shopify_y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; Expires=Tue, 28-Nov-23 10:55:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
_shopify_s=ee46a696-3929-480e-aa36-350cc42b8fa8; Expires=Mon, 28-Nov-22 11:25:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
x-request-id: f8eb5e61-9c19-408b-b943-909016944e60
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry2jxhIMol8m9246dZhan7YxSWrhg7Yme%2BuMxBCgmXosyuR%2FHcbdfmj4pq0r7Ky%2BzDXQM%2BeTNC1BNn8ARAt%2FPDuzkuSx4qvhojiz1lwkpOeuDCUnGj%2BqvzJV4pdRrWb69zfXAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=559.000015
server: cloudflare
cf-ray: 771291c69958b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.js
104.17.25.14200 OK 2.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.js
IP 104.17.25.14:0
Hash c372385403820e19b6a31491bb4e7997
a279f394494893aabd5b1527878b2926139b90bd
036e2b7bba7575e66923835bf1455a8eac0861b7e5035dc3e17d722f0601b3f1
GET /ajax/libs/blueimp-md5/2.10.0/js/md5.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 2194
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8b-2129"
last-modified: Mon, 04 May 2020 16:06:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15071764
expires: Sat, 18 Nov 2023 10:55:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n40R658HQg7BAfQaXAPUawtBWA5nGeoj67aJj%2BgeIXTZcBriYYyigMXbffjTCOs9dyS0G9QsiQkxjsKSApPBYTKw9p9SsLoefxp5v3uRU3kBh5kcSRlRoHnl0nWEE6KObRi%2FZVg9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771291cb5d2fb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:08 GMT
Last-Modified: Mon, 28 Nov 2022 09:14:25 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=AW-975591848
142.250.74.168200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-975591848
IP 142.250.74.168:0
File type ASCII text, with very long lines (4238)
Hash cbbf043caa623b689a4a78e6ca333efa
f88a1c5b9f1521d4e81a913fe04920deb96d9058
67615e0f4c9fe6582bb4c70ba74f5f8111bb37f591438d104956e94a92c63423
GET /gtag/js?id=AW-975591848 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 10:55:08 GMT
expires: Mon, 28 Nov 2022 10:55:08 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter&display=swap
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter&display=swap
IP 142.250.74.10:0
Hash ede8586c0a78672da802574eaae35252
a9889b60c4a3453501f8634e04a475fefe0c0408
906b9707b8305fb46cbf6a201408aa4f4fbf8cff96d019d83f8693b5931a25d5
GET /css2?family=Inter&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:55:08 GMT
date: Mon, 28 Nov 2022 10:55:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
162.159.135.68200 OK 7.6 kB URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
IP 162.159.135.68:0
File type ASCII text, with very long lines (19843), with no line terminators
Hash a4f5f7742a47cc3248f91f9c94357fcd
2343d83450cd9c9068bb6c7fc2b6a3289473723b
c3ca1b1557963e1cd3090dc3dcfd196a24ab885496aed5f7c96a76f2f4d9926e
GET /shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:08 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 97b5fb4b-7e61-4589-8a35-4a2189e7160c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 17 Nov 2022 00:59:47 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5bK6PjC1lkCYCxItXJvrGgh7OeAj48h6gJCx7wJSXPeYit9730rRdo%2B6RWkcOMP%2FuC%2BkzYITaCy2QHgh2C277M5kEoQOcHJNPQ8P429UEpbq7OxFJlNaedFajH90JVblw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=23.262, imageryFetch;dur=23.115, cfRequestDuration;dur=156.999826
server: cloudflare
cf-ray: 771291cb0a3db506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0014/0158/5725/files/logo_blue_f84a97fa-f16a-4d7c-ae70-547029aa856f.png?35440
162.159.135.68200 OK 2.8 kB URL HTTP/2 cdn.shopify.com/s/files/1/0014/0158/5725/files/logo_blue_f84a97fa-f16a-4d7c-ae70-547029aa856f.png?35440
IP 162.159.135.68:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f528b5a646cbd46cf80431cdeaa4a40e
b42b341dddc85c4b76bd4fa39fe363845e2bcc45
42a95dd29a448801bbf00a6575116c96f3700976cd1fa80e64d190f8a66ed9d4
GET /s/files/1/0014/0158/5725/files/logo_blue_f84a97fa-f16a-4d7c-ae70-547029aa856f.png?35440 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:08 GMT
content-type: image/webp
content-length: 2770
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0014/0158/5725/files/logo_blue_f84a97fa-f16a-4d7c-ae70-547029aa856f.png>; rel="canonical"
source-length: 4369
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 250afa67-adb3-427e-94c1-1fd201ff4b76
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Fri, 25 Nov 2022 12:00:59 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUcTlPLSDp4WQ0n%2BImDkEMDe9CYbchTGec4coq%2FjS9cHd2AhIUKoM1s3WwHVV2R%2FOaM5Pc1%2BuyzMCm0DUMGTsQzZnW7KOZTWq9dNaXFHt2z2ujbBACcdz0VvitJ%2BnwDtmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=135.936, imageryFetch;dur=79.556, imageryProcess;dur=55.691;desc="image", cfRequestDuration;dur=153.999805
server: cloudflare
cf-ray: 771291cb1d24b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0014/0158/5725/products/1-Bottle_c0399930-a1c8-4de6-9ae3-145b78799855_small.png?v=1651033675
162.159.135.68200 OK 4.3 kB URL HTTP/2 cdn.shopify.com/s/files/1/0014/0158/5725/products/1-Bottle_c0399930-a1c8-4de6-9ae3-145b78799855_small.png?v=1651033675
IP 162.159.135.68:0
File type ISO Media, AVIF Image\012- data
Hash 9e714fa526d1352e8172e16ba12a6a85
5efd3cbdf3f0973140985de460fb51ee2a3c0779
47143427af6f5477a4c8c7a31c5a09c497010de735056d78be4ff16f0f923c82
GET /s/files/1/0014/0158/5725/products/1-Bottle_c0399930-a1c8-4de6-9ae3-145b78799855_small.png?v=1651033675 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:08 GMT
content-type: image/avif
content-length: 4271
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0014/0158/5725/products/1-Bottle_c0399930-a1c8-4de6-9ae3-145b78799855_small.png>; rel="canonical"
source-length: 818736
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: c0bb203f-f3d1-42c3-8401-032043758d0d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 18 Nov 2022 00:27:31 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLWTyJ8dmC1vqeOa%2BfCVDlHtJIdf621AjYttLfSj5FGUNOBblwcrzMpNl%2F6d7sVqSgw%2BwSYdRWgcseymRK7omlBS50v2y80IalPsYe%2FQVVc3UKGzzetkSgL1XEOb%2FALSTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=215.252, imageryFetch;dur=62.340, imageryProcess;dur=151.862;desc="image", cfRequestDuration;dur=133.999825
server: cloudflare
cf-ray: 771291cb1d26b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f34b4a4da18b126d1c4a86074fb5819b
59aa1cc97e7c67ba3655fde114c0fb8f5965ad7f
ea0cc3c724de5e443a7c83e6f217b5263b9e315ce60bce8dc9e6e3ede3070ca6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA0CC3C724DE5E443A7C83E6F217B5263B9E315CE60BCE8DC9E6E3EDE3070CA6"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21530
Expires: Mon, 28 Nov 2022 16:53:58 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e78a2ffd6e60651b6a83a5d208153a5e
59836ef314d09e6cfee9693fb67bc08d743a1b60
dbbd44183d04051251770d03175cbcfa396bdcd5a7b5f5ca382e97da466cb1e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBBD44183D04051251770D03175CBCFA396BDCD5A7B5F5CA382E97DA466CB1E7"
Last-Modified: Sun, 27 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 16:55:08 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
fb.nativepath.com/rd/jpx.php?sid=569&transid=&ate=
23.92.16.147200 OK 0 B URL HTTP/1.1 fb.nativepath.com/rd/jpx.php?sid=569&transid=&ate=
IP 23.92.16.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd/jpx.php?sid=569&transid=&ate= HTTP/1.1
Host: fb.nativepath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Cookie: _y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; _s=ee46a696-3929-480e-aa36-350cc42b8fa8; _shopify_y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; _shopify_s=ee46a696-3929-480e-aa36-350cc42b8fa8; _orig_referrer=; _landing_page=%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:55:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Server: Apache
www.healthyclix.com/rd/jpx.php?sid=599&transid=&ate=
23.92.16.147200 OK 0 B URL HTTP/1.1 www.healthyclix.com/rd/jpx.php?sid=599&transid=&ate=
IP 23.92.16.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd/jpx.php?sid=599&transid=&ate= HTTP/1.1
Host: www.healthyclix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:55:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Server: Apache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12633
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12633
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12633
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12633
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 10:55:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 46402
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YRocKXYUOkfho0bEHNX0xMxhhKNH2Cm3XtQDtQK7x2dFOsipPjfCw==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:45 GMT
age: 44903
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaCfMUy6EtOLWvJy1jFbKp9KQzG5v7nq27sIo7d8gFeGesFd4uWdEw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:24:14 GMT
age: 45054
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:13:33 GMT
age: 2495
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 47008
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 46402
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75d97500fe879daf61bf2c67d36f02ed
fd298eb14510dd7805bb297c273f53891bc35eb7
146967f865b3e264713fb722c281abf207ab603ce6623c40ea49b9a3e657246b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1425
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:09 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:24 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b769a70df57211772abfb138fcd58563
1d07e5dd2cd152414c1b0e1fd5d41891a3f24b2f
3bfc3844dda8eed89abeb0c82238d28a7c455140be0bedda6c08eb68411a8ff7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BFC3844DDA8EED89ABEB0C82238D28A7C455140BE0BEDDA6C08EB68411A8FF7"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Mon, 28 Nov 2022 16:54:10 GMT
Date: Mon, 28 Nov 2022 10:55:09 GMT
Connection: keep-alive
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 26 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c162db6c3de62075e337204e650a84e1
a2fa34d72a6b7ff5c9254cd5cb906435bf578948
2918819a30bac578515afb82b6548576ebdeb476ddade260ea7f6d75688c8939
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Tue, 29 Nov 2022 10:55:09 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5bd6cf383b10e56d56cebe61e08a4ec2
e03ea393b3d19e31731f2e3fff6e7c4940cb4852
c4a01163091335b979f6e8dd9dc6477cecdfead4e0bbad2d6d8353cb3809800d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6367
Cache-Control: max-age=164411
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:09 GMT
Etag: "638459e9-1d7"
Expires: Wed, 30 Nov 2022 08:35:20 GMT
Last-Modified: Mon, 28 Nov 2022 06:49:13 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5bd6cf383b10e56d56cebe61e08a4ec2
e03ea393b3d19e31731f2e3fff6e7c4940cb4852
c4a01163091335b979f6e8dd9dc6477cecdfead4e0bbad2d6d8353cb3809800d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:09 GMT
Last-Modified: Mon, 28 Nov 2022 10:04:30 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
track.sublytics-5c671946c725e.com/script/34344/AIce2QIqoVahrPwHWWDUX1J8ffEO0XGe0Kk4Lfs0
206.81.5.96200 OK 4.5 kB URL HTTP/1.1 track.sublytics-5c671946c725e.com/script/34344/AIce2QIqoVahrPwHWWDUX1J8ffEO0XGe0Kk4Lfs0
IP 206.81.5.96:0
ASN #14061 DIGITALOCEAN-ASN
Hash 330e8fd7a19092f0f79a9c13eff75359
4a2225086a7f55c48ef01ad7c218e5e5fb76f526
7144712ff04b2af76701cea54525192a56343c02535869167f732f21bafa765a
Analyzer Verdict Alert fortinet Malware
GET /script/34344/AIce2QIqoVahrPwHWWDUX1J8ffEO0XGe0Kk4Lfs0 HTTP/1.1
Host: track.sublytics-5c671946c725e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 28 Nov 2022 10:55:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 4460
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"116c-SiIlCGp/VcSO8BrXwhjl5ft29SY"
Cache-Control: no-store, no-cache
tr.snapchat.com/cm/i?pid=9c5712b0-acc7-4ba2-adff-ef6414082bcb&u_scsid=af5a5859-cc9f-4229-8cac-6c7c91487468&u_sclid=5a95f910-af8d-4e87-a161-2a9ebeb35ec1
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=9c5712b0-acc7-4ba2-adff-ef6414082bcb&u_scsid=af5a5859-cc9f-4229-8cac-6c7c91487468&u_sclid=5a95f910-af8d-4e87-a161-2a9ebeb35ec1
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=9c5712b0-acc7-4ba2-adff-ef6414082bcb&u_scsid=af5a5859-cc9f-4229-8cac-6c7c91487468&u_sclid=5a95f910-af8d-4e87-a161-2a9ebeb35ec1 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 461
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
access-control-allow-origin: https://www.nativepath.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8J+mXcRSmMHx3M5aOHZfEN0hfJdlBkJS/hbqagu4BGKYYW/MHNUOStTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 4
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fccdc9d595df75bfa103ba6c111345e1
55f48f6d8e5ed539b8feaa9fbeceb23edf23561b
15b3fb717cf37be0bf3a9da7e5fdf720b1124d2ea13c2afa01e9edc37c5c5b2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:09 GMT
Last-Modified: Mon, 28 Nov 2022 09:11:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5bd6cf383b10e56d56cebe61e08a4ec2
e03ea393b3d19e31731f2e3fff6e7c4940cb4852
c4a01163091335b979f6e8dd9dc6477cecdfead4e0bbad2d6d8353cb3809800d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:09 GMT
Last-Modified: Mon, 28 Nov 2022 10:04:30 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9KP4EJC77U98P8BLIF0&hostname=www.nativepath.com
23.36.79.17200 OK 1.8 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9KP4EJC77U98P8BLIF0&hostname=www.nativepath.com
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type C source, ASCII text, with very long lines (3948)
Hash 5c1d14aa55008f49280c7eaa62ecb0ae
1672c5e4cdab3ad74ba71f54b32008754c59efb0
bf501b757a1633a258d62c2466bc38fe4464b71522e1d77e2754129a29cd55d1
GET /i18n/pixel/config.js?sdkid=C9KP4EJC77U98P8BLIF0&hostname=www.nativepath.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211281055097B404C801F5E9C1D0F04
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b58098d7a7e6b1920355da96b1df82f9bd882697bc498dc13595ea6d5c6b8e954c39db006dafbc8543acc5f292959d74518071ce1cbc7b4940c55aaff2415f25a0
content-encoding: gzip
content-length: 1824
x-origin-response-time: 8,23.218.220.137
x-akamai-request-id: 1b58712e.99a700a7
expires: Mon, 28 Nov 2022 10:55:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:09 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=8, inner; dur=4
x-parent-response-time: 106,23.36.79.13
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9f018ceccb2163a7089025014a17bf7d
d64256bd91f2d7c1a4f75ba360a0b03154ce1884
8fe7a3e1acbf4b648ba43e1dca8bb8b23cbf570e62598e5c0db1508d9b7f10e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6222
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:09 GMT
Last-Modified: Mon, 28 Nov 2022 09:11:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=LFnHUl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFpVmdPb1p3VGlaMzclMkZySkxzNTRpTzJlUUQ2JTJGUW85d2RubXVEWFV0Q3d6; expires=Sat, 23 Dec 2023 10:55:10 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 151424
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 1f5f46408bac27f96414a74d778c5370
98ebc4ad130b1888fd4a70a9409b46a43c5e16c6
da06dba3803f907cafcf41fd8bbb591aa050f9f9972f45e8f44575331dc9ba10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1430
Cache-Control: max-age=170975
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Etag: "638486d7-139"
Expires: Wed, 30 Nov 2022 10:24:45 GMT
Last-Modified: Mon, 28 Nov 2022 10:00:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 1f5f46408bac27f96414a74d778c5370
98ebc4ad130b1888fd4a70a9409b46a43c5e16c6
da06dba3803f907cafcf41fd8bbb591aa050f9f9972f45e8f44575331dc9ba10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1449
Cache-Control: max-age=170994
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Etag: "638486d7-139"
Expires: Wed, 30 Nov 2022 10:25:04 GMT
Last-Modified: Mon, 28 Nov 2022 10:00:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.163200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.163:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Mon, 28 Nov 2022 10:55:10 GMT
expires: Mon, 28 Nov 2022 10:55:10 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/transparent.png
142.250.74.163200 OK 68 B URL HTTP/2 maps.gstatic.com/mapfiles/transparent.png
IP 142.250.74.163:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 8327a6037ae00a5be9f75e63ee1b9fbe
a812c79b0d125e4946b33446eae0353f518627e2
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Mon, 28 Nov 2022 10:55:10 GMT
expires: Mon, 28 Nov 2022 10:55:10 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 814
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221128105510BB2A4AC99B01D018AB1A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e8c506f4be95b24ce7718600a3aa3d00d51ac05122f1aa0efe03cf67796047b723253203b1ec107028fa0a6b80385c3bd
expires: Mon, 28 Nov 2022 10:55:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:10 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=4, origin; dur=109
x-origin-response-time: 110,23.36.79.13
x-akamai-request-id: 99a70240
X-Firefox-Spdy: h2
track.sublytics-5c671946c725e.com/f/gstats
206.81.5.96200 OK 0 B URL HTTP/1.1 track.sublytics-5c671946c725e.com/f/gstats
IP 206.81.5.96:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /f/gstats HTTP/1.1
Host: track.sublytics-5c671946c725e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Content-type: application/x-www-form-urlencoded
Content-Length: 212
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 28 Nov 2022 10:55:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 780
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221128105510AE81B4D663C0193952EF
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e2ad4200c306e0c81c3754abb3aa4e284c0510c372a0775514841572b072db1471c0212605489e4056af38cbe17a17752
expires: Mon, 28 Nov 2022 10:55:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:10 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=2, origin; dur=113
x-origin-response-time: 113,23.36.79.13
x-akamai-request-id: 99a70248
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=27685357FEE165331014413DFFB6640B; domain=.bing.com; expires=Sat, 23-Dec-2023 10:55:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 63D697FA2D9642CDB05DA0611115C793 Ref B: OSL30EDGE0317 Ref C: 2022-11-28T10:55:10Z
date: Mon, 28 Nov 2022 10:55:09 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Last-Modified: Mon, 28 Nov 2022 09:56:38 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 10:41:08 GMT
expires: Mon, 28 Nov 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 842
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: oBx2UacP7IO1sKIZXHzlSA0T0egbo3SQ9uejoVBFL1JW4W0ln3WOuto3m3Y5AI9X1H4jL/CTHeLsAj8yhE+HeA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 10:55:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=9c5712b0-acc7-4ba2-adff-ef6414082bcb&tld=com
35.190.43.134200 OK 16 kB URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=9c5712b0-acc7-4ba2-adff-ef6414082bcb&tld=com
IP 35.190.43.134:0
Hash 7adbf54e76be4a3992157344e86e9567
e842fe4efddcfc7f66abb86a1d15921599655d94
36238213d828b1367231a809a87de54dd799dcce957011d26ff15d1513888906
GET /collector/is_enabled?pids=9c5712b0-acc7-4ba2-adff-ef6414082bcb&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
access-control-allow-origin: https://www.nativepath.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&ct_cookie_present=1
142.250.74.34200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&ct_cookie_present=1
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 11:10:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 400862
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/975591848/?random=1669632908968&cv=11&fst=1669632908968&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&auid=1196846491.1669632909&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 941 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/975591848/?random=1669632908968&cv=11&fst=1669632908968&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&auid=1196846491.1669632909&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2021), with no line terminators
Hash f7ff359cd9a451af380a2ac29355232d
8e6bac177a97666016090ee68269354e79d7e9e1
2d6a586beeb26793da49c68e95be2d3b3547c1fe4803d0914ee8b8d6a52d69e5
GET /pagead/viewthroughconversion/975591848/?random=1669632908968&cv=11&fst=1669632908968&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&auid=1196846491.1669632909&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 941
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 11:10:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=25128990&Ver=2&mid=baab9003-2be9-4076-8728-81830d70ac80&sid=2057a7506f0b11ed9fa2a7749e8954d8&vid=2057c8406f0b11edb13af110464d131e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&p=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&r=<=2950&evt=pageLoad&sv=1&rn=878673
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=25128990&Ver=2&mid=baab9003-2be9-4076-8728-81830d70ac80&sid=2057a7506f0b11ed9fa2a7749e8954d8&vid=2057c8406f0b11edb13af110464d131e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&p=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&r=<=2950&evt=pageLoad&sv=1&rn=878673
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=25128990&Ver=2&mid=baab9003-2be9-4076-8728-81830d70ac80&sid=2057a7506f0b11ed9fa2a7749e8954d8&vid=2057c8406f0b11edb13af110464d131e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&p=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&r=<=2950&evt=pageLoad&sv=1&rn=878673 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=17F546A898776C802DC554C299206DB4; domain=.bing.com; expires=Sat, 23-Dec-2023 10:55:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25916C3C65604FB1B54DAC83995E6C39 Ref B: OSL30EDGE0317 Ref C: 2022-11-28T10:55:10Z
date: Mon, 28 Nov 2022 10:55:09 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6037
Cache-Control: max-age=135630
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:35:40 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121900758-1&cid=1628671895.1669632910&jid=1216787601&gjid=1571234104&_gid=424648292.1669632910&_u=YGBAgEABBAAAAEgCIAB~&z=110023280
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121900758-1&cid=1628671895.1669632910&jid=1216787601&gjid=1571234104&_gid=424648292.1669632910&_u=YGBAgEABBAAAAEgCIAB~&z=110023280
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121900758-1&cid=1628671895.1669632910&jid=1216787601&gjid=1571234104&_gid=424648292.1669632910&_u=YGBAgEABBAAAAEgCIAB~&z=110023280 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.nativepath.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 10:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/25128990.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/25128990.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/25128990.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3A3210BBF7CD61981B1302D1F69A6093; domain=.bing.com; expires=Sat, 23-Dec-2023 10:55:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C0EB89C08654AA6B8E8CE9DA21A9A32 Ref B: OSL30EDGE0317 Ref C: 2022-11-28T10:55:10Z
date: Mon, 28 Nov 2022 10:55:09 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/975591848/?random=1669632908968&cv=11&fst=1669629600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1526737164&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/975591848/?random=1669632908968&cv=11&fst=1669629600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1526737164&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975591848/?random=1669632908968&cv=11&fst=1669629600000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1526737164&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/975591848/?random=1669632909102&cv=11&fst=1669632909102&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=W6u0COqcpP8BEKizmdED&tiba=Thank%20you%20Theresa!%20-%20NativePath%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca>m_ee=1&auid=1196846491.1669632909&data=event%3Dpage_view%3Bpage_path%3D%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:55:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22bde06bc7-C774-4B00-95AC-FAC69491157E%22%7D&tid=2616594118097&cb=1669632909909&dep=5%2CEVENT_TAGS_ABSENT
23.38.200.197200 OK 377 B URL HTTP/2 ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22bde06bc7-C774-4B00-95AC-FAC69491157E%22%7D&tid=2616594118097&cb=1669632909909&dep=5%2CEVENT_TAGS_ABSENT
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash f6314a3333f750a090b7d16565b63b62
b071e68a3c67319a26ff36cd8a2758cc69e72377
341b6a8e9fc8f0cd98feb8442e1c01f066cf2b220749842c5be46d65786c3085
GET /user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22bde06bc7-C774-4B00-95AC-FAC69491157E%22%7D&tid=2616594118097&cb=1669632909909&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVltSXpOV1EwTnpVdFpHWTFZaTAwTWpWa0xUaGxaak10WkRZeU5ESXhNak13TlRBMA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.nativepath.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 377
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 7605329720788235
date: Mon, 28 Nov 2022 10:55:10 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669632910.47f87310
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2616594118097&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1669632909906&dep=2%2CPAGE_LOAD
23.38.200.197200 OK 377 B URL HTTP/2 ct.pinterest.com/user/?tid=2616594118097&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1669632909906&dep=2%2CPAGE_LOAD
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash f6314a3333f750a090b7d16565b63b62
b071e68a3c67319a26ff36cd8a2758cc69e72377
341b6a8e9fc8f0cd98feb8442e1c01f066cf2b220749842c5be46d65786c3085
GET /user/?tid=2616594118097&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1669632909906&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVltRmhOMlEzWTJRdFpUTmtOUzAwTW1JNExUZzBZelF0TWpVNFptWmxNMlV6TnpsaQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.nativepath.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 377
x-envoy-upstream-service-time: 4
referrer-policy: origin
x-pinterest-rid: 1562367994733604
date: Mon, 28 Nov 2022 10:55:10 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669632910.47f8730c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1993352314115270&ev=PageView&dl=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&rl=&if=false&ts=1669632909934&sw=1280&sh=1024&v=2.9.89&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1669632909933.1737821926&it=1669632909681&coo=false&eid=bde06bc7-C774-4B00-95AC-FAC69491157E&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1993352314115270&ev=PageView&dl=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&rl=&if=false&ts=1669632909934&sw=1280&sh=1024&v=2.9.89&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1669632909933.1737821926&it=1669632909681&coo=false&eid=bde06bc7-C774-4B00-95AC-FAC69491157E&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1993352314115270&ev=PageView&dl=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca&rl=&if=false&ts=1669632909934&sw=1280&sh=1024&v=2.9.89&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1669632909933.1737821926&it=1669632909681&coo=false&eid=bde06bc7-C774-4B00-95AC-FAC69491157E&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Nov 2022 10:55:10 GMT
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2616594118097&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%221d80f0d2-9d85-43f1-ba8b-48c5a93f3ced%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669632909910
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2616594118097&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%221d80f0d2-9d85-43f1-ba8b-48c5a93f3ced%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669632909910
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2616594118097&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%221d80f0d2-9d85-43f1-ba8b-48c5a93f3ced%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669632909910 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2306782693314668
date: Mon, 28 Nov 2022 10:55:10 GMT
akamai-grn: 0.274f2417.1669632910.47f87405
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4877f10ae3b9ba011c79afebfebaaafc
308eda7725b7b492f6586b4ae6ad6bcd92ea4a28
818f62ff56e89804ccb04b371fa8d963eae72abff8e66225d4474afff790c03f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "818F62FF56E89804CCB04B371FA8D963EAE72ABFF8E66225D4474AFFF790C03F"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8333
Expires: Mon, 28 Nov 2022 13:14:03 GMT
Date: Mon, 28 Nov 2022 10:55:10 GMT
Connection: keep-alive
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1757462246549698
date: Mon, 28 Nov 2022 10:55:10 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669632910.47f8768a
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
analytics.getshogun.com/collector.js?shop=nativepath.myshopify.com
151.101.86.133200 OK 19 kB URL HTTP/2 analytics.getshogun.com/collector.js?shop=nativepath.myshopify.com
IP 151.101.86.133:0
File type Unicode text, UTF-8 text, with very long lines (61502), with no line terminators
Hash 5e35962874257349b9bd3af0fa39c50f
1dfc7ecbaecc67a925d1d0f1a9369682b8595f0f
7ab5e0eab5ac7be9c3c7e1403d334e6db26c41b46d2aeff84baa64f4f747a280
GET /collector.js?shop=nativepath.myshopify.com HTTP/1.1
Host: analytics.getshogun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Cowboy
content-type: text/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 14:52:45 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 10:55:10 GMT
age: 3145
x-served-by: cache-lga21953-LGA, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 17865, 14
x-timer: S1669632911.711812,VS0,VE0
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-length: 18643
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4877f10ae3b9ba011c79afebfebaaafc
308eda7725b7b492f6586b4ae6ad6bcd92ea4a28
818f62ff56e89804ccb04b371fa8d963eae72abff8e66225d4474afff790c03f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "818F62FF56E89804CCB04B371FA8D963EAE72ABFF8E66225D4474AFFF790C03F"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8333
Expires: Mon, 28 Nov 2022 13:14:03 GMT
Date: Mon, 28 Nov 2022 10:55:10 GMT
Connection: keep-alive
cdn.bronto.com/bsm-snippet/90050f6422db0cf0604203374cfc4a049f2677d5d2c21e90145438875d3ca61e/snippet.js?shop=nativepath.myshopify.com
104.110.31.43404 Not Found 1.5 kB URL HTTP/1.1 cdn.bronto.com/bsm-snippet/90050f6422db0cf0604203374cfc4a049f2677d5d2c21e90145438875d3ca61e/snippet.js?shop=nativepath.myshopify.com
IP 104.110.31.43:0
File type gzip compressed data, max compression\012- data
Hash 6e0259a5b220fbe37a4b619c5bd0aadb
2e0ce46d4a904c2ee3726e609973240ea751b8f8
2008d2d5b3ab04fd3564b45ff3e236722618bf65050fea1cf75e6ddabb350967
GET /bsm-snippet/90050f6422db0cf0604203374cfc4a049f2677d5d2c21e90145438875d3ca61e/snippet.js?shop=nativepath.myshopify.com HTTP/1.1
Host: cdn.bronto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: application/json
Content-Length: 178
opc-request-id: iad-1:TwfnDIrQYc8JrywrTjaKkqpbgvgVIG69KvZQiI1MF4zgjpXMSqCMn9j1jCoU1mn8
x-api-id: native
Access-Control-Expose-Headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-type,date,opc-client-info,opc-request-id,x-api-id
Date: Mon, 28 Nov 2022 10:55:10 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Set-Cookie: ak_bmsc=8868F96F6708CC1561523E937ABB1E47~000000000000000000000000000000~YAAQ1k0kF2UF73+EAQAAEGbgvRGvlYH5De5VrBs35/EPbdRjkUh5O1C3jKoFO/sbjXI8JhVdBafAzj7i2Q4/DqpbUrHZKxDAVpaN4PNinsHNqL8Jnfv6HyWuFufYdSUWgQ616c7pUk0EJvLFZJa6cAt4ZDbB9QV1Kk7drc1dvxHFv+XjrCDxTZah3hsMzGubSExEaaAfnAIskD2j5BYpVPttrbjSteAszkHgllj++7kx87bJMQN0a85hNM2+xi2lAIjk5i3bS/EVE4tWWijtmqfJuTra4xSza7tlSPV1BZcYJcuBFc8C2C7tz9DsE8FgZxRz1hPQ2Ej5R+2tukmFMrpKLk74/6+kETh16KiGwwFA14z3kHKdVtObfX1bsDE=; Domain=.bronto.com; Path=/; Expires=Mon, 28 Nov 2022 12:55:10 GMT; Max-Age=7200; HttpOnly
cdn.bronto.com/shopify/integrations/90050f6422db0cf0604203374cfc4a049f2677d5d2c21e90145438875d3ca61e/manager.js?shop=nativepath.myshopify.com
104.110.31.43404 Not Found 178 B URL HTTP/1.1 cdn.bronto.com/shopify/integrations/90050f6422db0cf0604203374cfc4a049f2677d5d2c21e90145438875d3ca61e/manager.js?shop=nativepath.myshopify.com
IP 104.110.31.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 222453a6eb374bb41123d9f737b5eb37
4c44e3e885238bcdc0f2170d60a5fb342af86157
e9beb49f8b336869871a512783b800de73d31486312f71dfed2427d45ae1165b
GET /shopify/integrations/90050f6422db0cf0604203374cfc4a049f2677d5d2c21e90145438875d3ca61e/manager.js?shop=nativepath.myshopify.com HTTP/1.1
Host: cdn.bronto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: application/json
Content-Length: 178
opc-request-id: iad-1:KDv6gpz4iDCC0plSYP_5jg5_lr1B3wJNhSG6H9nqEMyiAANxz_hLZn9W04O4p4Gh
x-api-id: native
Access-Control-Expose-Headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-type,date,opc-client-info,opc-request-id,x-api-id
Date: Mon, 28 Nov 2022 10:55:10 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Set-Cookie: ak_bmsc=23D02717DE0B9331EA2FD84763853657~000000000000000000000000000000~YAAQ1k0kF2cF73+EAQAAFmbgvRGVdT3XzwEM9LAbF8WTvdIkG9xm4D7PgRIHcv3scTiXURiKx6BEbja36ehcehPAEpVOvfDmwfNegTMeabjj64Z80Gw/z0YKW0mZpgcZKouvO6x7Cc9lDqGZsneFD58gUYPmBtIMdlM0CLylwBWPgG/mXSu7d5wBuSwLSP4z5CaHGfk+yeS1Q0+VfR2vXcyvHR7AiUFcNribbhrTAIlI08GAzHHfMOZ4oHqEGEnZArZABLNrUvb0kqwCJS5KUULEWGsmqOuFRfi6dNOiTJZdU4ogkUpEl7rMpyqje10NNnJ3AVHMtOTFBOitwOG/xoc/TAjg3yVdjZt6TPJiHHUq2M0C/xc4WsIDWoO2t/U=; Domain=.bronto.com; Path=/; Expires=Mon, 28 Nov 2022 12:55:10 GMT; Max-Age=7200; HttpOnly
gum.criteo.com/sid/json?origin=onetag&domain=nativepath.com&sn=FirefoxSyncframe&so=0&topUrl=www.nativepath.com&info=tGOAbl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFpVmdPb1p3VGlaMzclMkZySkxzNTRpTkZzcWRqUXF1WjlDUTBaeWhWRVczSw&idsd=1104078451,640678344&cw=1&lsw=1
178.250.0.157200 OK 434 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=nativepath.com&sn=FirefoxSyncframe&so=0&topUrl=www.nativepath.com&info=tGOAbl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFpVmdPb1p3VGlaMzclMkZySkxzNTRpTkZzcWRqUXF1WjlDUTBaeWhWRVczSw&idsd=1104078451,640678344&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (531), with no line terminators
Hash 98fd977cea6ef606daa14a426537e882
c19ed2afd6b062c3088d3e1ba2e73c05784cc8ef
1d0ca2222660bc53ab11cbf3b0bf6b2fca9704834d1272d7ad961774de7d9153
GET /sid/json?origin=onetag&domain=nativepath.com&sn=FirefoxSyncframe&so=0&topUrl=www.nativepath.com&info=tGOAbl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFpVmdPb1p3VGlaMzclMkZySkxzNTRpTkZzcWRqUXF1WjlDUTBaeWhWRVczSw&idsd=1104078451,640678344&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.nativepath.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1398037
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 574bffdf006571e69aed3ff1799fc84f
3e3f77c5e6fb4579fa54281911d9dcf1ca71e8e8
a87f5354eeb4e9f023aa7f4c29f22c18a9aa0a8af57dfbd16f5a8f0f83f89398
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A87F5354EEB4E9F023AA7F4C29F22C18A9AA0A8AF57DFBD16F5A8F0F83F89398"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13702
Expires: Mon, 28 Nov 2022 14:43:32 GMT
Date: Mon, 28 Nov 2022 10:55:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 574bffdf006571e69aed3ff1799fc84f
3e3f77c5e6fb4579fa54281911d9dcf1ca71e8e8
a87f5354eeb4e9f023aa7f4c29f22c18a9aa0a8af57dfbd16f5a8f0f83f89398
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A87F5354EEB4E9F023AA7F4C29F22C18A9AA0A8AF57DFBD16F5A8F0F83F89398"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6897
Expires: Mon, 28 Nov 2022 12:50:07 GMT
Date: Mon, 28 Nov 2022 10:55:10 GMT
Connection: keep-alive
referralprogramapp.com/js/shopify_referral_serve.js?shop=nativepath.myshopify.com
206.189.246.182200 OK 3.0 kB URL HTTP/1.1 referralprogramapp.com/js/shopify_referral_serve.js?shop=nativepath.myshopify.com
IP 206.189.246.182:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2956)
Hash 6c404b4630f0b852cc120b6582c7c04f
261257f4cb8a89ff545cfa1f3ffc0684e2af2c20
cac553aeee7f3c46424660d43fffd1ceff2ed938f3454ebdbf25063aaf72fd35
GET /js/shopify_referral_serve.js?shop=nativepath.myshopify.com HTTP/1.1
Host: referralprogramapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 28 Nov 2022 10:55:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 2957
last-modified: Wed, 20 Apr 2022 16:23:25 GMT
etag: "6260337d-b8d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
dnacdn.net/dna
178.250.2.146200 OK 407 B IP 178.250.2.146:0
Hash 797e945bcf12e195a3e44e3eaf771004
703c024466d5b994764e17db5ab86f8d6359a038
377feaf514730971d60215a10c7f7d02c05fc7e3b1d7f367d668966f28f31de5
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=LFnHUl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFpVmdPb1p3VGlaMzclMkZySkxzNTRpTzJlUUQ2JTJGUW85d2RubXVEWFV0Q3d6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=tGOAbl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFpVmdPb1p3VGlaMzclMkZySkxzNTRpTkZzcWRqUXF1WjlDUTBaeWhWRVczSw; expires=Sat, 23 Dec 2023 10:55:10 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 402876
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 7.3 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (30837)
Hash 52b1e29644f85737f56b00f50d7dbd00
77e14922eea0360e97b6fa9616a0e8f87abb65d4
fd2d8d7d60a3dd78a874ff1bc5a56635ea6b6894acae28aa4f4033e826a4eda3
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sdk.postscript.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 15079665
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 771291ddfdb2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
referralprogramapp.com/shopify/referral/thanks.js?shop=nativepath.myshopify.com
206.189.246.182200 OK 3.1 kB URL HTTP/1.1 referralprogramapp.com/shopify/referral/thanks.js?shop=nativepath.myshopify.com
IP 206.189.246.182:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1716)
Hash 711cebce981bd9fe72545484aae5aa4d
2e5a2b859131947d8a9a0ec72357b862bdb81156
619fb6d222177e97599ac7b8012dc8bce3cedf68575c9b2eefbe4550b93b6a43
GET /shopify/referral/thanks.js?shop=nativepath.myshopify.com HTTP/1.1
Host: referralprogramapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
date: Mon, 28 Nov 2022 10:55:11 GMT
content-security-policy: frame-ancestors 'self' *.myshopify.com
set-cookie: XSRF-TOKEN=eyJpdiI6IjMzcnk1cFk2Ty9PaXRaa2UyWGxLSGc9PSIsInZhbHVlIjoidGNiNysrRE9ORjgxQ0luekNsRGtYaWpBejJ4NXN2cWhOODdEU1RoUTkxSVlsdjgrUllCcDBBYVkwcUg3ZGRpWE9pNlkwOVFUbG1NSm9XRTAzNXRDV3F1RittY0YxU0ErVGU0dC9HZWV3Um0vMU0xREJ2cUxLdVB1K294c3BTT00iLCJtYWMiOiI5ODE1OTA5OTM0ZTJmNDVlOGIzNTIwZjQ2YWU3YzY4MGVkMGM3NDBjYjk5OGU2NWQ3NThkM2I2NDk2YjUzNTFhIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 10:55:11 GMT; Max-Age=5184000; path=/; domain=referralprogramapp.com
cnjrd=eyJpdiI6IlJOU0FnUkxDWURWbmNLVG9NbWRvY0E9PSIsInZhbHVlIjoiK1phaWxLaTJTZDVHQmd3OGNSam1DQmJYMU9VNWlxUkFaR2xqTStEbWpkZGdWdU9BL0I2NkErLzFmcUNxVDRjUDlReGl0WmZOS2hKSHI3N1hQK2R4QStYVUE5ZnFUd3VZWnl5L0FlN0Qvd3h4VDdMVTNwYUxCTjMvUTFacHJ5eHkiLCJtYWMiOiJmNmFiYjUwOGQ3MDZiNmEzMjU2ZjIwODhjZjUyNTNhMjI3M2NjODJhODZkYWUyZDdlMmRmNWFjYzM4Mzc2N2Q3IiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 10:55:11 GMT; Max-Age=5184000; path=/; domain=referralprogramapp.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
transfer-encoding: chunked
cdn.judge.me/assets/judgeme_review_site.js?shop=nativepath.myshopify.com
82.102.27.18200 OK 712 B URL HTTP/2 cdn.judge.me/assets/judgeme_review_site.js?shop=nativepath.myshopify.com
IP 82.102.27.18:0
File type ASCII text, with very long lines (1331), with no line terminators
Hash f407c6a7e255e634374ff4c647e92770
0124e886d9f0e0f01f867c2b473cf707ed34eab4
12a68e4b93145023202bda0c5859253cd86bf121be3a53d1e89c0b86efae45ce
GET /assets/judgeme_review_site.js?shop=nativepath.myshopify.com HTTP/1.1
Host: cdn.judge.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Mon, 28 Nov 2022 10:55:11 GMT
content-type: application/javascript
content-length: 712
last-modified: Wed, 11 Aug 2021 05:01:19 GMT
cache-control: public, max-age=7776000
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
via: 1.1 vegur
link: <https://judge.me/assets/judgeme_review_site.js?shop=nativepath.myshopify.com>; rel="canonical"
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
api.postscript.io/public/klaviyo_form_status/3640
54.230.111.33200 OK 51 B URL HTTP/2 api.postscript.io/public/klaviyo_form_status/3640
IP 54.230.111.33:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e3d57b39f6b098ce7035073d7a7759b8
470e526fe0af42bc6a155c6c2b4666e4fa3eff6f
0e8b820addb84efc36e6d86b0d5db102c120dc617061697e04c4c258ef202ff7
GET /public/klaviyo_form_status/3640 HTTP/1.1
Host: api.postscript.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 51
date: Mon, 28 Nov 2022 10:55:11 GMT
x-amzn-requestid: 6f985da8-2062-469e-a45b-15f4d50fa692
access-control-allow-origin: *
content-encoding: gzip
x-amzn-remapped-content-length: 37
x-amz-apigw-id: cTv-aF9zIAMF9FQ=
x-amzn-trace-id: Root=1-6384938f-5d7cb1b06feb4d9f0860d742
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TBjwK7jH30veL7QjVv6ZBYARPlunAI7va1R9AO69byROqTehiwKoRA==
X-Firefox-Spdy: h2
sdk.postscript.io/desktop.html?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
54.230.111.15200 OK 641 B URL HTTP/2 sdk.postscript.io/desktop.html?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
IP 54.230.111.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1206), with no line terminators
Hash aae1832f1019628fe6b3c466879ea9f8
2a18f0ab52c5389a4850375bd8ce34460f676bb2
488a178357ced208b02ad70a56c43cbf93d5eaf0bd79d378905cbbab0cf64522
GET /desktop.html?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca HTTP/1.1
Host: sdk.postscript.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Sun, 27 Nov 2022 14:47:12 GMT
last-modified: Fri, 18 Nov 2022 18:39:08 GMT
etag: W/"505b29356e279c4d54c10e02c38e5f1c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0hXPNlRcwROa2nT5meMHsVwPasypnmwWaK1iyjeb41CvshcFBzqtKQ==
age: 72479
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22bde06bc7-C774-4B00-95AC-FAC69491157E%22%7D&tid=2616594118097&cb=1669632910047&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%221d80f0d2-9d85-43f1-ba8b-48c5a93f3ced%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22bde06bc7-C774-4B00-95AC-FAC69491157E%22%7D&tid=2616594118097&cb=1669632910047&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%221d80f0d2-9d85-43f1-ba8b-48c5a93f3ced%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22bde06bc7-C774-4B00-95AC-FAC69491157E%22%7D&tid=2616594118097&cb=1669632910047&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%221d80f0d2-9d85-43f1-ba8b-48c5a93f3ced%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1802760330969455
date: Mon, 28 Nov 2022 10:55:11 GMT
set-cookie: _pinterest_ct_ua="TWc9PSYzRjZXc0FOUCs2ckJGa1NMZ3hhRzFzaDIvN01RUmRORVg2SS96RFdMaFVERlJNZzlqQVFKY3pvZmszSmRQRnJQK0cxMHV3QStZaVo5RTFHdHhkQkUwQXBLSFhReUdtV0J4aXdQMmJ1M3dQYz0mZXcwOEZocUdGNzlxd0VFc3F3Wi92cmo4ZC9vPQ=="; Expires=Tue, 28 Nov 2023 10:55:11 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1669632911.47f887f8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
sdk.postscript.io/desktop.bundle.js?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
54.230.111.15200 OK 72 kB URL HTTP/2 sdk.postscript.io/desktop.bundle.js?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
IP 54.230.111.15:0
File type Unicode text, UTF-8 text, with very long lines (65441)
Hash fee8c201668ded939001ee56fb846b21
424347880be8a00333122d548e375b50c3549791
0f23568d6999e8473a9b02eedeed89e46e8096c764cfdec48b6a97354dab8203
GET /desktop.bundle.js?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca HTTP/1.1
Host: sdk.postscript.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sdk.postscript.io/desktop.html?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 18:39:08 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 06:21:03 GMT
etag: W/"5ec0b46423f1cd4222aea381b5df1c3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eRaTC1WXX4ZVs5xsFKRy0PRd9J7JcMbEyFwiO5Otn5WBQW6jz9kwIA==
age: 16449
X-Firefox-Spdy: h2
sdk.postscript.io/desktop.css
54.230.111.15200 OK 3.7 kB URL HTTP/2 sdk.postscript.io/desktop.css
IP 54.230.111.15:0
File type ASCII text, with very long lines (22235)
Hash a46649d1cebed34fece2f7ed5774a631
48ad9e32b5664c9e1abec608aa35441f66e54834
6e9adb33a3babef73bc807fd459678809fd2bd36577795bce4dd98699540bd0b
GET /desktop.css HTTP/1.1
Host: sdk.postscript.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sdk.postscript.io/desktop.html?shopId=3640&shopShop=nativepath&sessionId=hX3qtLk5EaiQHKHTB9byo&status=&flags=log_headless_shops&origin=https%3A%2F%2Fwww.nativepath.com%2F1401585725%2Forders%2Fb84942a816867c6f07194f4a0b9e70ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 18 Nov 2022 18:39:08 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 21:55:50 GMT
etag: W/"46e2c85c15f49e8dffe58cca83a1e743"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WjdJI2QSPBI20Mnc7UJNG98B3hvTzy-sDbRhDLlssjasiFsgnajzHA==
age: 46762
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089
178.250.0.163302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089
IP 178.250.0.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:10 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 11375028
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash c1c1f2c11d56c5d6d84d22946cf667e0
206f08ecfde53b4f67b8158cef49bfbe81cd159f
55fe1474d84c44653082d0c6ec42b9253f987341f0ddc2cc719133e2e4c242b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 808
Cache-Control: max-age=147661
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:11 GMT
Etag: "63842e34-13a"
Expires: Wed, 30 Nov 2022 03:56:12 GMT
Last-Modified: Mon, 28 Nov 2022 03:42:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
api.pushnami.com/scripts/v1/pushnami-adv/5d1235f9436b2b00112131cd
54.230.111.33200 OK 64 kB URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5d1235f9436b2b00112131cd
IP 54.230.111.33:0
File type Unicode text, UTF-8 text, with very long lines (44316), with LF, NEL line terminators
Hash b0653f6c26da22c251548015bd9fd104
15b6c17d91ad761d2416190a3609008b033c7423
fa5bc389b472adb234ac5c1cbd6bbae93a31df313f3da8e65a6edf88824890a4
GET /scripts/v1/pushnami-adv/5d1235f9436b2b00112131cd HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 28 Nov 2022 10:55:11 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A31RR1BUokk99MMie8v4RMdhrBenk20hvl77ynr3eyoG4OUbO-5gHA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4646ee443a8b6e8688c258e58989272c
b212e53c65e19eebd703a083edb90ba439c0c994
086e8fe1c818058cc0184b3683bfacb80e94873cab9c02ee9b1fad4be60014d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "086E8FE1C818058CC0184B3683BFACB80E94873CAB9C02EE9B1FAD4BE60014D4"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4692
Expires: Mon, 28 Nov 2022 12:13:24 GMT
Date: Mon, 28 Nov 2022 10:55:12 GMT
Connection: keep-alive
trc.pushnami.com/api/push/track
34.225.224.75200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 34.225.224.75:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
content-type: application/x-www-form-urlencoded
key: 5d1235f9436b2b00112131cd
Origin: https://www.nativepath.com
Content-Length: 121
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-6roEP3ZKAu793OPZc8GiZtWTuke22FkydKb9pA
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-6roEP3ZKAu793OPZc8GiZtWTuke22FkydKb9pA
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-6roEP3ZKAu793OPZc8GiZtWTuke22FkydKb9pA HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Mon, 28 Nov 2022 10:55:11 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4646ee443a8b6e8688c258e58989272c
b212e53c65e19eebd703a083edb90ba439c0c994
086e8fe1c818058cc0184b3683bfacb80e94873cab9c02ee9b1fad4be60014d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "086E8FE1C818058CC0184B3683BFACB80E94873CAB9C02EE9B1FAD4BE60014D4"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4692
Expires: Mon, 28 Nov 2022 12:13:24 GMT
Date: Mon, 28 Nov 2022 10:55:12 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 3.4 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 457dd2386f2b4a748d269dcd84158961
e548f744f172f9f4b0c4b239892f0d38a3590565
b4b7a922dd704e408d05ed5463f89cf5a9ead998aa960074e15c81d692678870
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158380
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "638444a5-1d7"
Expires: Wed, 30 Nov 2022 06:54:52 GMT
Last-Modified: Mon, 28 Nov 2022 05:18:29 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dY4X9xTliGR3l-jTP4lbnGFeGuXK6hQE6W9sJpdaI8R5JGR-TsuqFw==
Age: 5783
api.pushnami.com/scripts/v1/hub
54.230.111.33200 OK 1.0 kB URL HTTP/2 api.pushnami.com/scripts/v1/hub
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2319), with no line terminators
Hash 295585224941790363d18840392853ff
8ac1f8a3072f4be4e89c7edd197fe4ec0c79e4c4
365e239cc282ced164d651fceb7ca2cfd03db79db27b78d081ef813f91e5ea0d
GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Mon, 28 Nov 2022 10:29:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EZED-J_JbX2ADzVBCYhlddTW5edOVmuPAUcCTDWusF36qa7tVb10tA==
age: 1524
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:12 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 1128574
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-00EGmnZKAu793OPZc8GiZtWTukfeOqjSZ9xIgg
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-00EGmnZKAu793OPZc8GiZtWTukfeOqjSZ9xIgg
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-00EGmnZKAu793OPZc8GiZtWTukfeOqjSZ9xIgg HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3126345123580266000V10; Expires=Tue, 28 Nov 2023 10:55:12 GMT; domain=.media.net; Path=/;
data-c-ts=1669632912;Expires=Wed, 28 Dec 2022 10:55:12 GMT;path=/;domain=.media.net;
data-c=k-00EGmnZKAu793OPZc8GiZtWTukfeOqjSZ9xIgg~~3;Expires=Wed, 28 Dec 2022 10:55:12 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E
expires: Mon, 28 Nov 2022 10:55:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:12 GMT
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-TtmT63ZKAu793OPZc8GiZtWTukedRahxn8OgXvw-nDpMo2iq
3.125.237.159200 OK 299 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-TtmT63ZKAu793OPZc8GiZtWTukedRahxn8OgXvw-nDpMo2iq
IP 3.125.237.159:0
Hash 265dd056bdd6ac97f732fd566e0c81cb
ea9aac7df70daf3d243630c461fd49539fcf1ab3
bd2595ffb8ade5fc796ec037ef9106aa6d6d990cf20390d5ab3086d6e7faab23
GET /usersync/push?partner=criteo&partnerId=k-TtmT63ZKAu793OPZc8GiZtWTukedRahxn8OgXvw-nDpMo2iq HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2221f485f0-6f0b-11ed-9122-292ab343b50e%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 12 Dec 2022 10:55:12 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2221f485f0-6f0b-11ed-9122-292ab343b50e%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 12 Dec 2022 10:55:12 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2221f485f0-6f0b-11ed-9122-292ab343b50e%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 12 Dec 2022 10:55:12 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2221f485f0-6f0b-11ed-9122-292ab343b50e%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 12 Dec 2022 10:55:12 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-TtmT63ZKAu793OPZc8GiZtWTukedRahxn8OgXvw-nDpMo2iq%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Mon, 12 Dec 2022 10:55:12 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ
172.217.21.162302 Found 649 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ
IP 172.217.21.162:0
Hash d14b4c1cdbe1ebd1bcaa7b8060d40fcd
1f6ebec16a694d08a566bd38277ddbced8ecff03
0555b2e0885c10283bffbc5b761816c77d982c137072fb8c96d9ac3e6bb6a462
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm=&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ&google_tc=
date: Mon, 28 Nov 2022 10:55:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 11:10:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm=&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ&google_tc=
172.217.21.162302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm=&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ&google_tc=
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 062f5b981b9096b6bf7b674134b99093
96758255997e273c2855bb7891daef69e0ffa80e
73aef203c444a2c3df773da628231e2a5e13e8baa7a73087a50369c15c7ee2d9
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_cm=&google_hm=ay1PV3RrakhaS0F1NzkzT1BaYzhHaVp0V1R1a2R6X1RhcV93aFdnQQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_error=3
date: Mon, 28 Nov 2022 10:55:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 82a9c2c2440d9c702ac7a8daedcaf32d
c122d0b57a5e2a870288b2271a04d23abfec4972
4654474c43cf2ef108fdd177f2a9e203440ad8d6b517051160866003aa53370a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3861
Cache-Control: max-age=104619
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "63837a26-1d7"
Expires: Tue, 29 Nov 2022 15:58:51 GMT
Last-Modified: Sun, 27 Nov 2022 14:54:30 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
37.252.171.84307 Redirection 1.3 kB URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 37.252.171.84:0
Hash e1be4a478b502bd5f47a7b531282b1f9
739cb6522c5835bf94bddd29963606d0a7cd3645
7c5d388dfa9523c2c9ba950ccb09691597472456d35e313fbe573dae59b5e416
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 28 Nov 2022 10:55:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 53df4c16-d708-445d-b434-2b4c865a9b34
Set-Cookie: uuid2=7596005010904937906; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 26-Feb-2023 10:55:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg
172.64.154.237302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg
IP 172.64.154.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:12 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg&C=1
cf-ray: 771291e71820b50f-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4STkKG1z4ZnoMn7TsTnIgAA; Path=/; Domain=casalemedia.com; Expires=Tue, 28 Nov 2023 10:55:12 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1847; Path=/; Domain=casalemedia.com; Expires=Sun, 26 Feb 2023 10:55:12 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1847; Path=/; Domain=casalemedia.com; Expires=Sun, 26 Feb 2023 10:55:12 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryMuDqYYvo6jsORkjy1rf44ltRdTZ8Gv0ufTCcSkCAamIHH9YVv6eaGHLE%2F1b5OWLjfR8nRdd0B3jupXSWptvbdxEtNicmjn0jSOiPbSyzj54I9jKMeq0wiTvq0jIJsRAoOk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-FVJ3c3ZKAu793OPZc8GiZtWTukeJDGg7qboeKA
37.157.5.141200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-FVJ3c3ZKAu793OPZc8GiZtWTukeJDGg7qboeKA
IP 37.157.5.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-FVJ3c3ZKAu793OPZc8GiZtWTukeJDGg7qboeKA HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
etag: "6377b780-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 97c405675fd0c82667ebb208ad205b34
ca65a65b525169747722461b58c5c7bed10c8c1d
4492a5c6b7c79e525f4f3801d399fd16afd0499cb4a06fcab442bd71f1486333
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98581
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "63835fa0-1d7"
Expires: Tue, 29 Nov 2022 14:18:13 GMT
Last-Modified: Sun, 27 Nov 2022 13:01:20 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QNyKOBvul8G0pKNGkcC82gTLTNZkXfiKNoz6lL9ncKopj6GhlP2LbA==
Age: 4613
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9e65918e160cf67c348593e420da6ccb
5a8140a60bef17678dbafa8fb4396be3e8e1cab0
5d5118a1e488835de91831f51cb580637c8007161b59e18b6ea4714c3ee64363
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140636
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "638402bc-1d7"
Expires: Wed, 30 Nov 2022 01:59:08 GMT
Last-Modified: Mon, 28 Nov 2022 00:37:16 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XKXHZaF17PD5zF95xyGREw5pPytNhrCAzdQOBisfj9NbfCuIlJDQJQ==
Age: 4912
eb2.3lift.com/xuid?mid=2711&xuid=k-wacRw3ZKAu793OPZc8GiZtWTukcBFg_NnibzQw&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-wacRw3ZKAu793OPZc8GiZtWTukcBFg_NnibzQw&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-wacRw3ZKAu793OPZc8GiZtWTukcBFg_NnibzQw&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg&C=1
172.64.154.237200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg&C=1
IP 172.64.154.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-5QlK9HZKAu793OPZc8GiZtWTukchGmVSH7AQFg&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
content-length: 43
cf-ray: 771291e768aab50f-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwrIEy7pNZa1THNTWBNozAdJZ%2ByagYRuNvwzjtMba%2BZweqRV7F6Q0swJbp1WBR5a5gNMjPHT9mw%2BrcfgZS2a%2F4LPMkSu6Cj%2FKarNXDqKp49vxX1q31pQZt0H3QJ5Z13KMJDP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 837ab321cb7d4d55b8f0bf9561969c53
6fb2b042e56579b60c3cdc42d3226adc972660d9
e08aa1b3487b0288b982117f1b79a102050b56a1fe8d6b7999563ebce72312a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3297
Cache-Control: max-age=140805
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "638409b4-1d7"
Expires: Wed, 30 Nov 2022 02:01:57 GMT
Last-Modified: Mon, 28 Nov 2022 01:07:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
37.252.171.84302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 28 Nov 2022 10:55:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 92df4a13-bc5c-49c6-bd70-79bfb2d2f165
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0955fb76d74d6331a0d481395fc81535
91c9bc6ed56924012424c98791bb2a04b9545772
da640258c351540a056feffba942c7ee814d6dce3d28e40aa421554da1c50357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3111
Cache-Control: max-age=107476
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "6383883d-139"
Expires: Tue, 29 Nov 2022 16:46:28 GMT
Last-Modified: Sun, 27 Nov 2022 15:54:37 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-EAcciXZKAu793OPZc8GiZtWTukf9I902Fj2Qgg&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-EAcciXZKAu793OPZc8GiZtWTukf9I902Fj2Qgg&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-EAcciXZKAu793OPZc8GiZtWTukf9I902Fj2Qgg&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d5c7d31e505103f093db6d1ed70deaa2
Content-Type: image/gif
criteo-sync.teads.tv/um?eid=80&uid=k-bUsUsnZKAu793OPZc8GiZtWTukd0oq3nWQxwAg
23.195.255.234200 OK 194 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-bUsUsnZKAu793OPZc8GiZtWTukd0oq3nWQxwAg
IP 23.195.255.234:0
Hash 6ac56dc96793edf30508fe61ebd71b31
b9991b89fdfaf5503359fc21914932ad08568d2a
07f5930394ab646d80cc85a19a490a687eab752a5ff8d35a2ec562e52485a593
GET /um?eid=80&uid=k-bUsUsnZKAu793OPZc8GiZtWTukd0oq3nWQxwAg HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Mon, 28 Nov 2022 10:55:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:12 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a3af0e1f977b00ed42d0412a6e529465
d09f5598cf9778fbc99254cd8af3c60ba4add39b
37af27567921a71e5cc9c64d555f7bf7d9ab13c0b4229b146aa00f2c41dc8932
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37AF27567921A71E5CC9C64D555F7BF7D9AB13C0B4229B146AA00F2C41DC8932"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4259
Expires: Mon, 28 Nov 2022 12:06:11 GMT
Date: Mon, 28 Nov 2022 10:55:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6496a820d07707e5da02d99905894e58
ca128a729e4e0bfcd68eb936f7e6b2307a46409e
f0a0d599de5c8203e29b9b10f386821b82024bd8ec6171763c0a8cc60962c616
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2331
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Last-Modified: Mon, 28 Nov 2022 10:16:21 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 573613583b2fc34737980a7cc7b16674
e2767b3de2a17456cd18e4c9d38da3d86ad1e4ae
935f137da631187b9546556e6775b9d4b4cbc8d3768cf1f2ec1c437fcc9b6acd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 10:55:12 GMT
Last-Modified: Mon, 28 Nov 2022 09:45:46 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BRlypNiYm8mNf0sEJnr6Rlq50T1ji_RjBdVOV8gXE1EDM3tPPdcNVA==
Age: 4166
id5-sync.com/s/966/9.gif?puid=k-kjoWhHZKAu793OPZc8GiZtWTukd0NYIMPPTffA
162.19.138.83200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-kjoWhHZKAu793OPZc8GiZtWTukd0NYIMPPTffA
IP 162.19.138.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-kjoWhHZKAu793OPZc8GiZtWTukd0NYIMPPTffA HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Mon, 28-Nov-2022 11:00:12 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Mon, 28-Nov-2022 11:00:12 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Mon, 28-Nov-2022 11:00:12 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Mon, 28-Nov-2022 11:00:12 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Mon, 28-Nov-2022 11:00:12 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Mon, 28-Nov-2022 11:00:12 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Mon, 28 Nov 2022 10:55:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 762fa1efe841939201c0ffe1c6822f49
f0814cdbd8fdc94035c1a5cdf4057c9018bdbf70
218112f39ebe718177fff4ce2deed1cb9bbc65eee85cb839fb08ce6df2aad9ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3632
Cache-Control: max-age=125671
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "6383cd47-117"
Expires: Tue, 29 Nov 2022 21:49:43 GMT
Last-Modified: Sun, 27 Nov 2022 20:49:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-uaA4l3ZKAu793OPZc8GiZtWTukd15EYgCZBqAw
185.86.139.115200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-uaA4l3ZKAu793OPZc8GiZtWTukd15EYgCZBqAw
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-uaA4l3ZKAu793OPZc8GiZtWTukd15EYgCZBqAw HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Mon, 28 Nov 2022 10:55:11 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3998332850357686160; expires=Fri, 29 Dec 2023 10:55:12 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 29 Dec 2023 10:55:12 GMT; domain=smartadserver.com; path=/
csync=79:k-uaA4l3ZKAu793OPZc8GiZtWTukd15EYgCZBqAw; expires=Tue, 28 Nov 2023 10:55:12 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ad.yieldlab.net/m?dt_id=8664&ext_id=k-14wqunZKAu793OPZc8GiZtWTukdsywTXyen_Dg
23.61.208.154204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-14wqunZKAu793OPZc8GiZtWTukdsywTXyen_Dg
IP 23.61.208.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-14wqunZKAu793OPZc8GiZtWTukdsywTXyen_Dg HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sun, 27 Nov 2022 10:55:12 GMT
Date: Mon, 28 Nov 2022 10:55:12 GMT
Connection: keep-alive
Set-Cookie: id=93667841-41d4-492d-86df-c246768ec753; Path=/; Domain=prod.svc.y6b.de; Expires=Tue, 28-Nov-2023 10:55:12 GMT; Max-Age=31536000; Secure; SameSite=None
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw&KRTB&23144-uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw&KRTB&23286-uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw&KRTB&23287-uid:k-48ZGPnZKAu793OPZc8GiZtWTukcgC3r4MZWriw; domain=pubmatic.com; secure; expires=Wed, 28-Dec-2022 10:55:12 GMT; path=/
PugT=1669632912; domain=pubmatic.com; secure; expires=Wed, 28-Dec-2022 10:55:12 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 04a1e174fccea9e65be21b0c9746de94
a62527b64c568170053ef10f12f479c61848a6a8
b14de7ab62003f342cb84b98caa3bd291bf24d9cefdad1571edfd94aa0a483da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Last-Modified: Mon, 28 Nov 2022 09:32:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yI0VJ3ZKAu793OPZc8GiZtWTukf8HvqD9CCm4Q
3.122.48.34204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yI0VJ3ZKAu793OPZc8GiZtWTukf8HvqD9CCm4Q
IP 3.122.48.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yI0VJ3ZKAu793OPZc8GiZtWTukf8HvqD9CCm4Q HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 10:55:12 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f887cd171920e391ec1eddecfb60855a
fe3ad3219554d4b346140a9c63c2e4e674dfd4da
b5a384caf1e5f5d6fff53d95644c91c6a58aa00319d2e13278fbec040d3f54cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5357
Cache-Control: max-age=107191
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "63837e5a-1d7"
Expires: Tue, 29 Nov 2022 16:41:43 GMT
Last-Modified: Sun, 27 Nov 2022 15:12:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/ibs:dpid=28645&dpuuid=
3.248.157.236302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 3.248.157.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=84365128444182058100634937079327294904; Max-Age=15552000; Expires=Sat, 27 May 2023 10:55:12 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WWMoGAFVTnA=
Content-Length: 0
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:12 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJCThGMCEGdxwojvD1S8zo73Qpvw35EFEgEBAQHlhWOOYwAAAAAA_eMAAA&S=AQAAArqZ6_h20sT0NBpECku_8j0; Expires=Tue, 28 Nov 2023 16:55:12 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
3.248.157.236200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 3.248.157.236:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 8QZom0q+QTc=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2b5ab22657be45bee09077aa9deb1074
c890aa01fc91fe5fef55c9595c1415030f4f1b10
0eca476d8f9599f928931e4cdf439a6df2da0792ce9cf9ed603597965dbb7e3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94132
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "63835185-1d7"
Expires: Tue, 29 Nov 2022 13:04:04 GMT
Last-Modified: Sun, 27 Nov 2022 12:01:09 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2gDQvrJO-VBi90_9mcI93v83TcPOaap_kO601V5cPybugOeNT0Q5oA==
Age: 3775
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-WZhdF3ZKAu793OPZc8GiZtWTukfIYvmkMwW6QA&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 10:55:12 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJCThGMCELs7PPyunzcN_md1MPjL66sFEgEBAQHlhWOOYwAAAAAA_eMAAA&S=AQAAAu_ryj-sygDiqBIS_7IXYj4; Expires=Tue, 28 Nov 2023 16:55:12 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-R7Z1anZKAu793OPZc8GiZtWTukfHmWeTBIXMrg
64.202.112.127200 OK 18 kB URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-R7Z1anZKAu793OPZc8GiZtWTukfHmWeTBIXMrg
IP 64.202.112.127:0
File type SBX archive data\012- data
Hash 06a7c85d0f96263e6ee3382192f81204
e0eab96270fed51ff75a1f662f093416474e8ab3
3501ae3911d41dddcf87d68c2857ac94a1ec3b02f94b506af12e5c14afeb0f37
GET /cookie-sync?p=criteo&uid=k-R7Z1anZKAu793OPZc8GiZtWTukfHmWeTBIXMrg HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:55:12 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 609fe16fb5ad55e1e0807e72a1bf1130
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ
3.121.102.39302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ
IP 3.121.102.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ
set-cookie: tuuid=dac8cdf3-8ca5-4f8c-b628-629c2296b0ba; Expires=Sun, 26 Feb 2023 10:55:12 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1669632912; Expires=Sun, 26 Feb 2023 10:55:12 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f2fc48e2c47c481ce2307207e472e9fb
adc216d1410de3784479a17245d6dec49d5da482
9ec388f1788793b21eda11afd7aad3fb9dc9436916c3f8140e92ae26d98bcf22
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:55:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:11:53 GMT
Expires: Sat, 03 Dec 2022 15:11:52 GMT
Etag: "adc216d1410de3784479a17245d6dec49d5da482"
Cache-Control: max-age=446799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771291e7a98ab4f4-OSL
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:12 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 864921
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_error=3
178.250.0.163200 OK 514 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_error=3
IP 178.250.0.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 660d143006b4979fd3dd00cb2e152bf7
c34ef442418999f5035752a6602644fb523c190d
409496fd549b4fad830fa61936bf2532afaff840cdc407c0e7e5f0def0616520
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-OWtkjHZKAu793OPZc8GiZtWTukdz_Taq_whWgA&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 332377
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-db8LG3ZKAu793OPZc8GiZtWTukec6zvUKwQInA&pn_id=criteo&ext=1
54.154.156.88200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-db8LG3ZKAu793OPZc8GiZtWTukec6zvUKwQInA&pn_id=criteo&ext=1
IP 54.154.156.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-db8LG3ZKAu793OPZc8GiZtWTukec6zvUKwQInA&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g9334c76e3e939326cb2%7C1669632912797%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 28-Nov-2023 10:55:12 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-db8LG3ZKAu793OPZc8GiZtWTukec6zvUKwQInA; Domain=ads.yieldmo.com; Expires=Tue, 28-Nov-2023 10:55:12 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Go-ZY3ZKAu793OPZc8GiZtWTukckdGlTKkauaA
185.255.84.153200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Go-ZY3ZKAu793OPZc8GiZtWTukckdGlTKkauaA
IP 185.255.84.153:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Go-ZY3ZKAu793OPZc8GiZtWTukckdGlTKkauaA HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=5bf71e1a3a118a249c152578ef65c01a; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:55:12 GMT
content-length: 49
x-envoy-upstream-service-time: 58
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 91de0f73561560bc7e05ab7e94ea061e
512a285d726e10871a67d9ad8be28a7c89d94237
21cadf7a783f041be0d37983a04be85c204bb7ca56703789c691135c6438cf49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3177
Cache-Control: max-age=93530
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:55:12 GMT
Etag: "63835181-1d7"
Expires: Tue, 29 Nov 2022 12:54:02 GMT
Last-Modified: Sun, 27 Nov 2022 12:01:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ
3.121.102.39200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ
IP 3.121.102.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-ciF4w3ZKAu793OPZc8GiZtWTukepTwDrmURtDQ HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
54.246.4.228204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 54.246.4.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 10:55:12 GMT
set-cookie: _kuid_=POcbMNf6; Expires=Sat, 27-May-23 10:55:12 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n009-dub-prod.krxd.net
x-request-time: D=43 t=1669632912
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c8551591e515d9029e8c9a29804eecb
1298f0c1b78880a93b57d06eeecddc8f668208b9
87bd2ac1ed0fcd041651ce64766499da60cc349352b42f5bf28ace8ef647a72a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:55:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 01:56:51 GMT
Expires: Sat, 03 Dec 2022 01:56:50 GMT
Etag: "1298f0c1b78880a93b57d06eeecddc8f668208b9"
Cache-Control: max-age=399097,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771291e72e0ab4ed-OSL
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:12 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 603069
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30
35.157.180.193302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30
IP 35.157.180.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:13 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=d71ffab1-d546-4646-a608-898d9232cb79; path=/; expires=Tue, 28-Nov-2023 10:55:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669632913; path=/; expires=Tue, 28-Nov-2023 10:55:13 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669632913; path=/; expires=Tue, 28-Nov-2023 10:55:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669632913; path=/; expires=Tue, 28-Nov-2023 10:55:13 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30
35.157.180.193200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30
IP 35.157.180.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-cfnGwnZKAu793OPZc8GiZtWTukcyxTlrgnPUWQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:13 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash a70d864d07bfbcf81cfbc9771b412de5
732138bb6ddb65fa568e4bf70c7f36c90adbae5b
78bc34176ff1ab1ea253284acd1cb7aebb1605ccf174252c6bc705ec13b8c7c6
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "78BC34176FF1AB1EA253284ACD1CB7AEBB1605CCF174252C6BC705EC13B8C7C6"
Last-Modified: Mon, 28 Nov 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3291
Expires: Mon, 28 Nov 2022 11:50:04 GMT
Date: Mon, 28 Nov 2022 10:55:13 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
18.219.150.27200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 18.219.150.27:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:13 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 229aff20-6f0b-11ed-aa16-0000ac170230
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-86O74HZKAu793OPZc8GiZtWTukcZUC0LPMhPEL7t-0gaZLrV
3.75.3.113204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-86O74HZKAu793OPZc8GiZtWTukcZUC0LPMhPEL7t-0gaZLrV
IP 3.75.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-86O74HZKAu793OPZc8GiZtWTukcZUC0LPMhPEL7t-0gaZLrV HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Mon, 28 Nov 2022 10:55:12 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.nativepath.com&origin=onetag
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.nativepath.com&origin=onetag
IP 178.250.0.157:0
GET /syncframe?topUrl=www.nativepath.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=791323ec-16c9-4c04-abcf-e917fce9c295; expires=Sat, 23 Dec 2023 10:55:09 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 572168
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.185200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.185:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 140882
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.pushnami.com/api/shopify/scripts/v1/pushnami-manifest-helper?shop=nativepath.myshopify.com
54.230.111.33200 OK 0 B URL HTTP/2 api.pushnami.com/api/shopify/scripts/v1/pushnami-manifest-helper?shop=nativepath.myshopify.com
IP 54.230.111.33:0
GET /api/shopify/scripts/v1/pushnami-manifest-helper?shop=nativepath.myshopify.com HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 28 Nov 2022 10:00:36 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mngsOr1b-3fM6xOrVSq__CxrQ_uBkIH2k7ZOzkw_GKoE4_EZUP4Tag==
age: 3274
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
54.230.82.240200 OK 0 B URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP 54.230.82.240:0
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 08:32:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VhfvsR29lsg7XEINuTPiEVajzY2b_5NPYtuZqRIe3-UqihyGKAPw2g==
age: 8542
X-Firefox-Spdy: h2
productreviews.shopifycdn.com/embed/loader.js?shop=nativepath.myshopify.com
162.159.129.71200 OK 0 B URL HTTP/2 productreviews.shopifycdn.com/embed/loader.js?shop=nativepath.myshopify.com
IP 162.159.129.71:0
GET /embed/loader.js?shop=nativepath.myshopify.com HTTP/1.1
Host: productreviews.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
p3p: CP="Shopify does not support P3P."
x-robots-tag: noindex,nofollow
cache-control: max-age=300, public
etag: W/"a3812189666813b6f4ab0c83f9df0be9"
x-request-id: 346edb33-5b92-4cc9-bfcc-345d220a08d6
x-runtime: 0.003271
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: origin-when-cross-origin
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com admin.shopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
x-dc: gcp-us-east1,us-east1,gke
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB7dLRXZdcmTKtfhl4fTWs%2FcvTi1feZIjmUwH0Zc0pfpeuSAMje3tGq4tWrGGZFDKD1jKuQUbLNmT1zm2VOSOS7BA%2BugPDEibgHNxPuegwh07Rdtd7armdHIAiNWnC1Qpl1wrpMd7IjcIJjppcZ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=4, socket_queue;dur=0.735, edge;dur=1.029, util;dur=0.1, cfRequestDuration;dur=208.000183
server: cloudflare
cf-ray: 771291dbbc9d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
34.199.183.99200 OK 0 B IP 34.199.183.99:0
OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nativepath.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c
23.227.38.74302 Found 0 B URL HTTP/2 www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c
IP 23.227.38.74:0
GET /1401585725/orders/b84942a816867c6f07194f4a0b9e70ca/authenticate?key=00dc3b8852b48c94bf48d134d99a401c HTTP/1.1
Host: www.nativepath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:55:07 GMT
content-type: text/html; charset=utf-8
location: https://www.nativepath.com/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca
x-sorting-hat-podid: 136
x-sorting-hat-shopid: 1401585725
x-frame-options: DENY
x-shopid: 1401585725
x-shardid: 136
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en
cache-control: no-cache
strict-transport-security: max-age=7889238
set-cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVV3TUdSak0ySTRPRFV5WWpRNFl6azBZbVkwT0dReE16UmtPVGxoTkRBeFl3WTZCa1ZVIiwiZXhwIjoiMjAyMi0xMi0xOVQxMDo1NTowNy4xODBaIiwicHVyIjoiY29va2llLm9yZGVyIn19--46b26bcf28f434dac33d23cbf1ff775da03962d9; path=/1401585725/orders/b84942a816867c6f07194f4a0b9e70ca; expires=Mon, 19 Dec 2022 10:55:07 GMT; secure; HttpOnly; SameSite=Lax
_y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; Expires=Tue, 28-Nov-23 10:55:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
_s=ee46a696-3929-480e-aa36-350cc42b8fa8; Expires=Mon, 28-Nov-22 11:25:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
_shopify_y=1d80f0d2-9d85-43f1-ba8b-48c5a93f3ced; Expires=Tue, 28-Nov-23 10:55:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
_shopify_s=ee46a696-3929-480e-aa36-350cc42b8fa8; Expires=Mon, 28-Nov-22 11:25:07 GMT; Domain=nativepath.com; Path=/; SameSite=Lax
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=b9889a91-ccea-4e1a-812b-f8a07859688a
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=b9889a91-ccea-4e1a-812b-f8a07859688a
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
x-request-id: b9889a91-ccea-4e1a-812b-f8a07859688a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9MKnM1rWDZTp0QHXdX4Qkeltcs4UxcKoF1N9QL5ffOF%2FfaWg0Lvb7R01l2yoLjYAe0F5LB2FfEKiymSD8JCj2AVD8acL7suEyYUUipiYfHM1Tp4pXCCL%2ByYc2vlmIqfkQ32wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=470.999956
server: cloudflare
cf-ray: 771291c4ce8db4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdk.postscript.io/integrations/sdk-min.js
54.230.111.15200 OK 0 B URL HTTP/2 sdk.postscript.io/integrations/sdk-min.js
IP 54.230.111.15:0
GET /integrations/sdk-min.js HTTP/1.1
Host: sdk.postscript.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 18:39:08 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 00:35:10 GMT
etag: W/"87c70fb0e33502dbd406fba57d639ff4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VV5yMM4kcsALw-NmL-w2nv3-zdvxGTTedabOcZCegvOOWl_v-qvi-w==
age: 37238
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-QqYDlXZKAu793OPZc8GiZtWTukf2RYuYe7wG7w
18.211.109.126200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-QqYDlXZKAu793OPZc8GiZtWTukf2RYuYe7wG7w
IP 18.211.109.126:0
GET /sync?UICR=k-QqYDlXZKAu793OPZc8GiZtWTukf2RYuYe7wG7w HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
cdn.shopify.com/app/services/1401585725/javascripts/checkout_countries/127888392329/en/countries-73aa97e0dd3b516f335b87193553ef9b132899b3-1667386104.js?version=2021-01-25
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/app/services/1401585725/javascripts/checkout_countries/127888392329/en/countries-73aa97e0dd3b516f335b87193553ef9b132899b3-1667386104.js?version=2021-01-25
IP 162.159.135.68:0
GET /app/services/1401585725/javascripts/checkout_countries/127888392329/en/countries-73aa97e0dd3b516f335b87193553ef9b132899b3-1667386104.js?version=2021-01-25 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
content-language: en
link: <https://cdn.shopify.com/app/services/1401585725/javascripts/checkout_countries/127888392329/en/countries-73aa97e0dd3b516f335b87193553ef9b132899b3-1667386104.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 66dfa3bd-bc1f-425c-942b-feb8206c906a
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 28 Nov 2022 10:47:26 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhCkSoYdc7USr50BQ32d%2Ffc7%2FEF3muYn3SMxauPudoPj6TVJ3Ta4lkNyNRW%2Bgcf8D0aow5prinqXHD2DiBRL26ZkIJOVHDvxST0h4lfzZXQgZHeSPEHLKlR6NUXTdq8smA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=961.618, imageryFetch;dur=961.415, cfRequestDuration;dur=1124.000072
server: cloudflare
cf-ray: 771291cb1a6cb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.186200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.186:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 61906
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:11 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 420666
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
34.199.183.99200 OK 0 B IP 34.199.183.99:0
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
content-type: application/x-www-form-urlencoded
key: 5d1235f9436b2b00112131cd
Origin: https://www.nativepath.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:12 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.nativepath.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5d1235f9436b2b00112131cd
54.230.111.33200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5d1235f9436b2b00112131cd
IP 54.230.111.33:0
GET /scripts/v2/pushnami-sw/5d1235f9436b2b00112131cd HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 28 Nov 2022 10:55:12 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X9xbgblIwqCSbRgAPRoNsW242MzWjWFwq17_84WepxeCGIIVoN7ynw==
X-Firefox-Spdy: h2
cdn.shopify.com/app/services/1401585725/assets/127888392329/checkout_stylesheet/v2-ltr-2021-01-25-c729ca93b0e76971a20e063d7bf52c7f-35440
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/app/services/1401585725/assets/127888392329/checkout_stylesheet/v2-ltr-2021-01-25-c729ca93b0e76971a20e063d7bf52c7f-35440
IP 162.159.135.68:0
GET /app/services/1401585725/assets/127888392329/checkout_stylesheet/v2-ltr-2021-01-25-c729ca93b0e76971a20e063d7bf52c7f-35440 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=31556952, public
link: <https://cdn.shopify.com/app/services/1401585725/assets/127888392329/checkout_stylesheet/v2-ltr-2021-01-25-c729ca93b0e76971a20e063d7bf52c7f-35440>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: d70164c1-aa2b-4285-af83-c48bb6dca4bb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Fri, 25 Nov 2022 12:01:05 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nT9uxQqXzWPTCYIDAcofcZhPeFvY%2Fi3Ipcz9PPUFjofnmAs85ZLQFpahbjNvm1TeSLuoOqUjoWmprQ1V2dvaEy1WBLLndpgOTw9eKo9wu1%2F3suhSkV%2Fr5gSPL2iVGzR0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=5724.270, imageryFetch;dur=5723.678, cfRequestDuration;dur=133.999825
server: cloudflare
cf-ray: 771291cb1d31b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-266aa337234d56a0b535ff6a2db927478599bf7bb303c87072bd783ac112829e.js
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-266aa337234d56a0b535ff6a2db927478599bf7bb303c87072bd783ac112829e.js
IP 162.159.135.68:0
GET /shopifycloud/shopify/assets/checkout_2021-01-25-266aa337234d56a0b535ff6a2db927478599bf7bb303c87072bd783ac112829e.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Origin: https://www.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:08 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-266aa337234d56a0b535ff6a2db927478599bf7bb303c87072bd783ac112829e.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: aa33083a-082d-4947-864f-31656bdfd5b2
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 17 Nov 2022 21:26:33 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAFJylz0BwrlD4E%2FwoAYd50kwxsl3I7LYJZ6SIq6vify%2B2REKQpXZku%2BNEpLMbE5gVACplrKl0jFW0l1EBuTclcWZnrZUcLd5keEMY85fAt0sVOTGhNBkr%2BAlxAq%2FGq6Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=38.084, imageryFetch;dur=37.896, cfRequestDuration;dur=148.000002
server: cloudflare
cf-ray: 771291cb1a5eb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9KP4EJC77U98P8BLIF0&lib=ttq
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9KP4EJC77U98P8BLIF0&lib=ttq
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C9KP4EJC77U98P8BLIF0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221128105509DAC3387BB62B22147706
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b53ba752fe12aa615a70debe1b650aa196e4e7d1afb75d063c3669309f5b0c65b6d55ee31f4c39dfa22abefd7b2e76838f2fbd25d1304ae7bf2e3b96ab47aba61d
content-encoding: gzip
x-origin-response-time: 9,23.218.220.146
x-akamai-request-id: f64f86db.99a6fe94
expires: Mon, 28 Nov 2022 10:55:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:09 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=9, inner; dur=3
x-parent-response-time: 110,23.36.79.13
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089
74.119.119.150200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089
IP 74.119.119.150:0
GET /event?a=54823&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bd41d8cd98f00b204e9800998ecf8427e%255D&p2=e%3Dvc%26ecpplugin%3Dshopify%26id%3D1398981%26p%3D%255Bi%25253D6875986591881%252526pr%25253D96%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=OQlcFl9WRDh5M2dObVNhTFU4MXRQUkZ6Nk9VeiUyRkh1NGo4WTdzN0V5dXR2VEFTbVZpTCUyRnJldXdmQmhwcjRicjlYQ0NNJTJGdmlaSkswSnVtZ1FvV3FJRnl5eko4YyUyRjRHY0RJeldjbnFBaW5zeEFyZ3BhUklyUGh6YTQzYnRKdSUyQlVSMlpINlRENWUyMExUNlFkV1NRQzc0MzR3TWlBJTNEJTNE&tld=nativepath.com&fu=https%253A%252F%252Fwww.nativepath.com%252F1401585725%252Forders%252Fb84942a816867c6f07194f4a0b9e70ca&dtycbr=14089 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:11 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 23978286
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/gtm/GTM-PD6Z2J4?shop=nativepath.myshopify.com
54.230.111.33200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/gtm/GTM-PD6Z2J4?shop=nativepath.myshopify.com
IP 54.230.111.33:0
GET /scripts/v1/gtm/GTM-PD6Z2J4?shop=nativepath.myshopify.com HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Mon, 28 Nov 2022 10:55:10 GMT
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uNbf8LMsC5C6sgfkmYoAPRB7Oo6xGn9nzbd2JD5W_BexLXe1p5_qQA==
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
162.159.135.68200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
IP 162.159.135.68:0
GET /shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://checkout.shopify.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c440c1f8-4f18-42db-94a6-5a1f76e3a501
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 05:10:36 GMT
cf-cache-status: HIT
age: 8142272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VyypVEU5O9jMxxxLEArzM6V1pkAoH2WeAmlFAlX2ez6e%2FYtWuulRkkUe5j%2FraDR9kZ2BYpH5wHeP2HcI6ngSv9Z04PKF54EDuS7WsobU8KqvfcnDy6UF9ufaDzlyBllDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=46.589, imageryFetch;dur=46.429, cfRequestDuration;dur=59.999943
server: cloudflare
cf-ray: 771291d57acab506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
intg.snapchat.com/shopify/shopify-scevent-init.js?id=9c5712b0-acc7-4ba2-adff-ef6414082bcb&shop=nativepath.myshopify.com
54.230.111.77200 OK 0 B URL HTTP/2 intg.snapchat.com/shopify/shopify-scevent-init.js?id=9c5712b0-acc7-4ba2-adff-ef6414082bcb&shop=nativepath.myshopify.com
IP 54.230.111.77:0
GET /shopify/shopify-scevent-init.js?id=9c5712b0-acc7-4ba2-adff-ef6414082bcb&shop=nativepath.myshopify.com HTTP/1.1
Host: intg.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8J+mXcRSmMHx3M5aOHZfEN0hfJdlBkJS/hbqagu4BGKYYW/MHNUOStTIAAAA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 18:48:06 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 00:26:27 GMT
etag: W/"a65742ae31227369fe79296540c138fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HnRjTQTTg0iLhdZ3tzx9inTF8I78l1-J9LtLUaHNyLtAZG0SBpNrng==
age: 37724
X-Firefox-Spdy: h2
sdk.postscript.io/sdk.bundle.js?shopId=3640
54.230.111.15200 OK 0 B URL HTTP/2 sdk.postscript.io/sdk.bundle.js?shopId=3640
IP 54.230.111.15:0
GET /sdk.bundle.js?shopId=3640 HTTP/1.1
Host: sdk.postscript.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 18:39:08 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 14:10:45 GMT
etag: W/"f33e3cff3fc40ae11df5e734a6b46377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JYpckWY44dsjQ2GmzCWnV9osrOmGEl0oQ8hd7-aQ2hrhMS_GOpdjMQ==
age: 74666
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-7SCHfHZKAu793OPZc8GiZtWTukeO4ibPPAP-4w
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-7SCHfHZKAu793OPZc8GiZtWTukeO4ibPPAP-4w
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-7SCHfHZKAu793OPZc8GiZtWTukeO4ibPPAP-4w HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:55:13 GMT
x-fastly-to-nlb-rtt: 22181
access-control-allow-credentials: true
X-Firefox-Spdy: h2
checkout.shopify.com/1401585725/sandbox/google_maps?locale=en
23.227.38.33200 OK 0 B URL HTTP/2 checkout.shopify.com/1401585725/sandbox/google_maps?locale=en
IP 23.227.38.33:0
GET /1401585725/sandbox/google_maps?locale=en HTTP/1.1
Host: checkout.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:55:09 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 136
x-sorting-hat-shopid: 1401585725
vary: Accept-Encoding
x-shopid: 1401585725
x-shardid: 136
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en
cache-control: no-cache
strict-transport-security: max-age=315569520; includeSubdomains
x-shopify-stage: production
content-security-policy: frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=4fa629a5-1f70-4abc-b239-3585ab0e18fd
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1401585725&source%5Buuid%5D=4fa629a5-1f70-4abc-b239-3585ab0e18fd
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
set-cookie: _orig_referrer=https%3A%2F%2Fwww.nativepath.com%2F; Expires=Mon, 12-Dec-22 10:55:09 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F1401585725%2Fsandbox%2Fgoogle_maps%3Flocale%3Den; Expires=Mon, 12-Dec-22 10:55:09 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_y=d36bb9cc-0b69-4936-960f-b35d08786d4d; Expires=Tue, 28-Nov-23 10:55:09 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_s=63510c14-096b-4ca2-b8f4-5c513ba305b0; Expires=Mon, 28-Nov-22 11:25:09 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_y=d36bb9cc-0b69-4936-960f-b35d08786d4d; Expires=Tue, 28-Nov-23 10:55:09 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_s=63510c14-096b-4ca2-b8f4-5c513ba305b0; Expires=Mon, 28-Nov-22 11:25:09 GMT; Domain=shopify.com; Path=/; SameSite=Lax
x-request-id: 4fa629a5-1f70-4abc-b239-3585ab0e18fd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2j2%2BiHk2g3%2FfHek0Hh3tQB69F450NyhMa%2FVvvdhCmm1V8SUVMkfYN1wIqJB66flaTWcnzgbAWQxktkAOqb9BzKPKuu8D8RaWYJhujR8x8Vh1JeDZIaLIQONYdS%2FWlMVVYCDSuGM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=273.000002
server: cloudflare
cf-ray: 771291d398a1b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nativepath.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221128105509C2DC906B489776DC259A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ec92139c2a7eb463980833d3c7ac766c87b08a4030f6da907fe455839412963354c09372916e927306d5db11cbd06b225
content-encoding: gzip
expires: Mon, 28 Nov 2022 10:55:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Nov 2022 10:55:09 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
x-origin-response-time: 100,23.36.79.13
x-akamai-request-id: 99a7009e
X-Firefox-Spdy: h2