urlquery - report: cj.dotomi.com/2m104zw43M/w27/LPONPSNQ/LKKNNORTQ/K/K/K?d=sxni=Dfi56hjDAB8f97EfDCCiD6C6ff888ghC<<myyux://111.pv43ko.htr/hqnhp-655889CEB-6A98AD8B<<L<myyu://111.4fqpp1jjy.htr<<6<6<5<5<5<

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
w.usabilla.com (1)	3254	2012-12-06T08:59:01Z	2023-03-29T06:00:53Z	373	736	54.171.128.205
app.shop.pe (3)	28969	2019-03-05T15:02:38Z	2023-03-28T21:01:48Z	1404	1936	35.227.244.1
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782	2374	35.241.9.150
www.emjcd.com (1)	13026	2012-05-22T19:01:00Z	2023-03-29T12:30:44Z	844	1543	89.207.16.75
o46710.ingest.sentry.io (1)	65751	2020-06-17T12:52:39Z	2023-03-28T15:03:49Z	585	9168	34.120.195.249
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3246	51038	34.120.237.76
shop.pe (1)	10635	2012-07-24T20:16:22Z	2023-03-29T14:43:39Z	368	652	35.227.244.1
i.geistm.com (1)	2299	2017-01-30T19:00:10Z	2023-03-28T13:24:54Z	378	12569	18.208.121.3
googleads.g.doubleclick.net (1)	42	2021-02-20T16:43:32Z	2023-03-29T10:24:16Z	812	1212	216.58.211.2
www.google.no (2)	25607	2016-04-05T21:50:59Z	2023-03-29T09:59:29Z	2827	1282	216.58.207.227
ocsp.digicert.com (2)	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	682	61276	192.229.221.95
ocsp.r2m01.amazontrust.com (6)	0	2022-10-12T22:43:53Z	2023-03-29T09:11:41Z	2100	27416	54.230.80.227
d3rr3d0n31t48m.cloudfront.net (3)	0	2015-04-02T03:14:22Z	2023-03-29T14:43:40Z	1213	132175	54.230.111.79
7a37ed0f6797.cdn4.forter.com (1)	115075	2020-11-29T17:41:28Z	2023-03-29T16:47:33Z	392	689	54.230.111.69
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606	127	52.32.229.246
cdn9.forter.com (1)	5233	2018-07-31T09:01:55Z	2023-03-29T17:38:28Z	500	592	54.230.111.53
cdn3.forter.com (1)	4640	2014-04-09T14:27:26Z	2023-03-29T17:01:09Z	460	7082	54.211.16.239
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413	5881	34.160.144.191
ocsp.pki.goog (13)	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	4501	11629	142.250.74.163
tag.wknd.ai (1)	7914	2020-03-12T01:16:57Z	2023-03-29T16:03:20Z	359	5215	34.120.253.250
q.quora.com (1)	3239	2017-05-08T21:06:57Z	2023-03-29T17:37:40Z	666	5166	54.209.227.7
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com (2)	104861	2021-07-05T16:07:10Z	2023-03-28T15:03:51Z	800	55267	52.218.30.8
duuytoqss3gu4.cloudfront.net (3)	0	2017-03-02T13:25:03Z	2023-03-29T10:59:43Z	1302	1588	54.230.245.35
ocsp.globalsign.com (1)	2075	2012-07-20T19:46:16Z	2023-03-29T05:11:35Z	359	1906	104.18.21.226
stats.g.doubleclick.net (1)	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	519	532	209.85.233.155
vc.hotjar.io (1)	2334	2019-04-16T12:33:25Z	2023-03-29T09:20:58Z	426	368	54.230.111.70
shopper.shop.pe (1)	12886	2017-07-18T21:28:17Z	2023-03-28T21:01:48Z	362	9794	35.190.54.17
f0f735cf6c814b0ba6c9d3e81c10b305-7a37ed0f6797.cdn.forter.com (1)	0			503	846	54.158.164.13
static.hotjar.com (1)	641	2014-11-01T06:14:27Z	2023-03-29T05:25:56Z	379	14929	54.230.111.66
r3.o.lencr.org (14)	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	4732	52591	23.33.119.27
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333	391	34.117.237.239
tms.hft.everyplate.com (2)	322014	2021-09-03T22:29:24Z	2023-03-23T16:03:58Z	1091	65698	34.160.69.63
ocsp.sca1b.amazontrust.com (3)	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1050	8693	54.230.245.110
d6tizftlrpuof.cloudfront.net (1)	0	2013-05-24T02:48:46Z	2023-03-29T08:31:42Z	460	2234	54.230.245.25
addshoppers.s3.amazonaws.com (3)	15696	2014-06-11T09:08:46Z	2023-03-28T21:01:48Z	1321	8976	52.217.165.97
nytrng.com (1)	3752	2017-05-13T02:54:58Z	2023-03-28T21:01:48Z	520	568	99.83.128.14
images.everyplate.com (4)	174595	2018-07-06T15:28:54Z	2023-03-24T17:38:31Z	2808	117179	2.18.173.70
bat.bing.com (4)	387	2014-04-08T11:23:16Z	2023-03-29T05:25:55Z	2243	14500	204.79.197.200
www.google.com (1)	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	485	578	142.250.74.164
script.hotjar.com (1)	887	2020-11-05T17:23:46Z	2023-03-29T08:27:03Z	387	69816	54.230.111.79
status.geotrust.com (2)	3662	2017-12-01T09:55:31Z	2023-03-29T05:13:49Z	686	3702	192.229.221.95
cdn0.forter.com (5)	5146	2016-01-26T18:42:32Z	2023-03-29T17:40:39Z	2406	1745	54.204.202.163
cj.dotomi.com (1)	13192	2014-02-07T10:51:46Z	2023-03-29T12:30:44Z	537	1928	89.207.16.75
logx.optimizely.com (2)	1233	2016-10-05T15:33:23Z	2023-03-29T10:15:21Z	940	858	54.86.47.230
cdn.nytrng.com (1)	25486	2020-10-02T20:00:48Z	2023-03-28T21:01:49Z	357	481	54.230.111.74
www.everyplate.com (1)	259192	2018-08-16T17:27:49Z	2023-03-27T19:50:34Z	608	825	104.18.153.11

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 15:04:10 UTC	high	Client IP	52.23.111.175	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-23 15:04:11 UTC	high	Client IP	52.23.111.175	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-23 15:04:11 UTC	high	Client IP	52.23.111.175	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-23 15:04:11 UTC	high	Client IP	52.23.111.175	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-23 15:04:12 UTC	high	Client IP	52.23.111.175	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-23 15:04:14 UTC	high	Client IP	52.23.111.175	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Date	UQ / IDS / BL	URL	IP
2023-06-02 06:01:09 UTC	0 - 4 - 0	cj.dotomi.com/a9103cy65O/y49/NQMOSTPT/NMMTTPT (...)	89.207.16.75
2023-06-01 14:29:47 UTC	5 - 4 - 0	cj.dotomi.com/p1115ft10J/t-4/IIMMJHLJ/IHHPHPN (...)	89.207.16.75
2023-06-01 09:47:51 UTC	5 - 3 - 0	cj.dotomi.com/2e106cy65O/y49/NOVPTNNT/NMMSRMM (...)	89.207.16.75
2023-06-01 08:35:28 UTC	0 - 2 - 0	cj.dotomi.com/o665hz76P/z5A/OSNPQUQO/ONNVOOOW (...)	89.207.16.75
2023-06-01 08:35:03 UTC	0 - 3 - 0	cj.dotomi.com/h4102ar-zH/ry2/GKFHIMIG/GFFNGGG (...)	89.207.16.75

Date	UQ / IDS / BL	URL	IP
2023-06-02 06:01:09 UTC	0 - 4 - 0	cj.dotomi.com/a9103cy65O/y49/NQMOSTPT/NMMTTPT (...)	89.207.16.75
2023-06-01 14:29:47 UTC	5 - 4 - 0	cj.dotomi.com/p1115ft10J/t-4/IIMMJHLJ/IHHPHPN (...)	89.207.16.75
2023-06-01 09:47:51 UTC	5 - 3 - 0	cj.dotomi.com/2e106cy65O/y49/NOVPTNNT/NMMSRMM (...)	89.207.16.75
2023-06-01 08:35:28 UTC	0 - 2 - 0	cj.dotomi.com/o665hz76P/z5A/OSNPQUQO/ONNVOOOW (...)	89.207.16.75
2023-06-01 08:35:03 UTC	0 - 3 - 0	cj.dotomi.com/h4102ar-zH/ry2/GKFHIMIG/GFFNGGG (...)	89.207.16.75

Date	UQ / IDS / BL	URL	IP
2023-06-02 06:01:09 UTC	0 - 4 - 0	cj.dotomi.com/a9103cy65O/y49/NQMOSTPT/NMMTTPT (...)	89.207.16.75
2023-06-01 14:29:47 UTC	5 - 4 - 0	cj.dotomi.com/p1115ft10J/t-4/IIMMJHLJ/IHHPHPN (...)	89.207.16.75
2023-06-01 09:47:51 UTC	5 - 3 - 0	cj.dotomi.com/2e106cy65O/y49/NOVPTNNT/NMMSRMM (...)	89.207.16.75
2023-06-01 08:35:28 UTC	0 - 2 - 0	cj.dotomi.com/o665hz76P/z5A/OSNPQUQO/ONNVOOOW (...)	89.207.16.75
2023-06-01 08:35:03 UTC	0 - 3 - 0	cj.dotomi.com/h4102ar-zH/ry2/GKFHIMIG/GFFNGGG (...)	89.207.16.75

Date	UQ / IDS / BL	URL	IP
2023-03-23 15:04:12 UTC	0 - 6 - 0	cj.dotomi.com/8066ft10J/t-4/IMLKMPKN/IHHKKLOQ (...)	89.207.16.75
2023-03-23 15:04:10 UTC	0 - 6 - 0	cj.dotomi.com/i5116nmvuC/mty/BFEDFIDG/BAADDEH (...)	89.207.16.75
2023-03-23 15:03:47 UTC	0 - 6 - 0	cj.dotomi.com/lr82mu21K/u05/JNMLNQLO/JIILLMPR (...)	89.207.16.75
2023-03-23 15:03:33 UTC	0 - 5 - 0	cj.dotomi.com/kl70nmvuC/mty/BFEDFIDG/BAADDEHJ (...)	89.207.16.75
2023-03-23 15:03:59 UTC	0 - 6 - 0	cj.dotomi.com/q570gv32L/v16/KONMORMP/KJJMMNQS (...)	89.207.16.75

JavaScript

Executed Scripts (102)

Executed Evals (60)

#1 JavaScript::Eval (size: 91) - SHA256: e5407c3dc49df806852d124bd22cceedf10193415554bc87255c0d431ad940a8

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(87);
    return a.split(" | ")[2]
})();

#2 JavaScript::Eval (size: 15081) - SHA256: 0145ad33b61d38490867e34c74d558254d064e1a521999fba4d255d9d2cfd65e

// START SECTION TO EDIT
var addshopSettings = {
    emailInputsToExclude: [ // array of document.querySelectorAll objects
        //document.querySelectorAll('[name=newsletter-email]')
    ],
    emailUtmsToExclude: [], // optional, include array of all utm codes that client has requested we suppress
    asAnonCartCampaignIds: ['60e86ffa27f7c314acfdf9f6'], // array of all Cart Abandon ERC campaigns (include more than one for A/B testing)
    asAnonProdCampaignIds: [], // array of all Browse (aka product) Abandon ERC campaigns (include more than one for A/B testing)
    asAnonGenCampaignIds: [], // array of all General Abandon ERC campaigns (include more than one for A/B testing)
    checkoutSuccessUrl: '', // optional, leave blank if you don't know it (but ROI Tracking must be installed if you leave it blank)
    daysToClearSavedProducts: 30, // optional, set to a number of days greater than 0 to clear out old saved products viewed
    daysToClearSavedCartData: 30, // optional, set to a number of days greater than 0 to clear out old cart data (products & campaign ID)
    minPageviewsForGen: 1,
    onProductPage: function() {
        // IMPORTANT
        // Make sure to check for the presence of an add to cart button (and further, make sure it's an add to cart button
        // for the main product, not a recommended/suggested/accessory product)
        if (document.querySelector('body.template-product')) {
            return true
        }
        return false;
    },
    getProductPageDetails: function() {
        // return the product details
        return {
            'product_name': "",
            'image': "",
            'price': "",
            'quantity': 1,
            'sku': ""
        }
    },
    onCartPage: function() {
        // return true if on cart page, false if not
        if (document.URL.search('/checkout') > -1) {
            return true
        }
        return false;
    },
    getCartRows: function() {
        // return array of all cart item elements
        return document.querySelectorAll('.cart-table tr');
    },
    getCartItemDetails: function(row) {
        // each row from getCartRows gets passed into this function
        // the row variable contains the cart item element 
        return {
            'product_name': "",
            'price': "",
            'image': "",
            'quantity': "",
            'sku': ""
        }
    },
    getCartTotal: function() {
        // return the order grand total (called on cart page only)
        return 1;
    },
    isLoggedIn: function() {
        // if we don't have to exclude signed in people, just always return false here
        // otherwise, return true if the user is signed in
        // if ( document.querySelector(".is-loggedin") !== null && document.querySelector(".is-loggedin") !== undefined) {
        //     return true;
        // }
        return false;
    },
    isExcludedPage: function() {
        // function here to exclude any pages from tracking
        // if you return true, the script won't run (but it won't exclude the user completely)
        return false;
    },
    addPushCustom: function(addPushObject) {
        // customizations to _add.push
        return addPushObject;
    },
    trackCustom: function() {
        // do anything custom here
        var asCampaignId = '60ff126b27f7c3756142546e';
        var initialTime = '';
        if (localStorage.getItem('asFirstTimeOnSite') === null || localStorage.getItem('asFirstTimeOnSite') === '') {
            initialTime = new Date().getTime();
            localStorage.setItem('asFirstTimeOnSite', initialTime);
        } else {
            initialTime = localStorage.getItem('asFirstTimeOnSite');
        }
        var totalTimeOnSite = 0;
        setInterval(function() {
            totalTimeOnSite = new Date().getTime() - initialTime;
            localStorage.setItem('timeOnSite', totalTimeOnSite);
            if (totalTimeOnSite > 150000 && localStorage.getItem('asHasViewedProductPage') !== 'true' && localStorage.getItem('asCartPushed') !== '1') {
                _add.push({
                    'active_cart': true,
                    'campaign_id': asCampaignId,
                });
                // reset time on site to 0
                localStorage.removeItem('asFirstTimeOnSite');
                localStorage.removeItem('timeOnSite');
                totalTimeOnSite = 0;
                initialTime = new Date().getTime();
            }
        }, 1000);
    }
}

// END SECTION TO EDIT

document.addEventListener('addshopNetworkReady', function(e) {
    addshopNetwork(addshopSettings);
}, false);

var lastTriggerTime = '';
const observer = new MutationObserver(function() {
    if (new Date().getTime() > lastTriggerTime + 15000 || lastTriggerTime === '') {
        lastTriggerTime = new Date().getTime();
        addshopNetwork(addshopSettings);
    }
});
observer.observe(document.body, {
    attributes: true,
    childList: true,
    subtree: true
});

try {
    var addshopNetwork = function(settings) {
        //---------START NETWORK EMAILS

        var emailInputsTracked = [];

        var asPageViews = parseInt(localStorage.getItem('asPageViews') || 1);

        if (settings.daysToClearSavedProducts > 0) {
            var asLastUpdatedStoredProducts = localStorage.getItem('asLastSavedProducts');

            // if it's been longer than 30 days since the products have been saved, clear them
            if ((asLastUpdatedStoredProducts && new Date() - new Date(asLastUpdatedStoredProducts) > (86400000 * settings.daysToClearSavedProducts)) || !asLastUpdatedStoredProducts) {
                localStorage.removeItem('asProductsViewed');
                localStorage.removeItem('asProdCampaignId');
                localStorage.setItem('asLastSavedProducts', new Date().toString());
            }
        }

        if (settings.daysToClearSavedCartData > 0) {
            var asLastPushedCart = localStorage.getItem('asLastPushedCart');

            // if it's been longer than 30 days since the products have been saved, clear them
            if ((asLastPushedCart && new Date() - new Date(asLastPushedCart) > (86400000 * settings.daysToClearSavedCartData)) || !asLastPushedCart) {
                localStorage.removeItem('asCartCampaignId');
                localStorage.setItem('asLastPushedCart', new Date().toString());
            }
        }

        if (localStorage.getItem('asAnonDisable') == '1' || settings.isExcludedPage()) {
            return;
        }

        //general visitor
        if (localStorage.getItem('asAnonPushed') !== '1') {
            var to_push = {
                "active_cart": true,
                'custom_values': {
                    'as_network': true
                }
            }
            if (settings.asAnonGenCampaignIds.length > 0 && asPageViews >= settings.minPageviewsForGen) {
                to_push.campaign_id = settings.asAnonGenCampaignIds[Math.floor(Math.random() * settings.asAnonGenCampaignIds.length)];
                localStorage.setItem('asGenCampaignId', to_push.campaign_id);
            }
            _add.push(settings.addPushCustom(to_push))
            localStorage.setItem('asAnonPushed', '1');
        }

        //-------if converted turn off anon email
        if (typeof AddShoppersConversion != "undefined" || (typeof settings.checkoutSuccessUrl == "string" && settings.checkoutSuccessUrl.length > 0 && document.URL.toLowerCase().search(settings.checkoutSuccessUrl.toLowerCase()) > -1)) {
            _add.push({
                "custom_values": {
                    "as_network": false
                },
                "active_cart": false,
                "campaign_id": "",
                "cart_contents": []
            });
            return;
        }
        // trigger general abandon if it meets the criteria (if it wasn't called on first pageview)
        else if (settings.asAnonGenCampaignIds.length > 0 && asPageViews >= settings.minPageviewsForGen && localStorage.getItem('asGenCampaignId') === null) {
            if (!settings.onCartPage() && !settings.onProductPage()) {
                var asGenCampaignId = settings.asAnonGenCampaignIds[Math.floor(Math.random() * settings.asAnonGenCampaignIds.length)];
                _add.push({
                    campaign_id: asGenCampaignId
                });
                localStorage.setItem('asGenCampaignId', asGenCampaignId);
            }
        }

        //-------if user came from an email, disable
        if (excludeEmailUtm()) {
            _add.push({
                "custom_values": {
                    "as_network": false
                },
                "active_cart": false
            });
            localStorage.setItem('asAnonDisable', '1');
            return;
        }


        //-------if user is signed in set anon to false
        if (settings.isLoggedIn()) {
            _add.push({
                "custom_values": {
                    "as_network": false
                },
                "active_cart": false
            });
            localStorage.setItem('asAnonPushed', '1');
            localStorage.setItem('asAnonDisable', '1');
            return;
        }

        //***************has cart***************
        if (settings.onCartPage() && settings.asAnonCartCampaignIds.length > 0) {
            //cart contents
            var cart_contents = settings.getCartRows();
            var asCartValue = parseFloat(settings.getCartTotal());
            var cartContentsArray = [];

            for (i = 0; i < cart_contents.length; i++) {
                var cart_item = settings.getCartItemDetails(cart_contents[i]);

                if (!cart_item) {
                    continue
                }

                if (typeof cart_item.sku == "string") {
                    var productsViewed = JSON.parse(localStorage.getItem('asProductsViewed')) || [];
                    if (productsViewed.length > 0) {
                        check_products_loop: for (var prod = 0; prod < productsViewed.length; prod++) {
                            if (productsViewed[prod].sku.toLowerCase() == cart_item.sku.toLowerCase()) {
                                cart_item.image = productsViewed[prod].image;
                                break check_products_loop;
                            }
                        }
                    }
                }

                cart_item.price = parseFloat(cart_item.price);
                cart_item.quantity = parseInt(cart_item.quantity);
                cartContentsArray.push(cart_item);
            }

            if (localStorage.getItem('asCartCampaignId') === null) {
                var campaign_id = settings.asAnonCartCampaignIds[Math.floor(Math.random() * settings.asAnonCartCampaignIds.length)];
                localStorage.setItem('asCartCampaignId', campaign_id);
            } else {
                var campaign_id = localStorage.getItem('asCartCampaignId');
            }

            asPushCartContents(cartContentsArray, asCartValue, campaign_id);

            localStorage.setItem('asCartPushed', '1');
            localStorage.setItem('asLastPushedCart', new Date().toString());
        }
        // product page
        else if (settings.onProductPage() && localStorage.getItem('asCartPushed') !== '1' && settings.asAnonProdCampaignIds.length > 0) {
            var productsViewed = JSON.parse(localStorage.getItem('asProductsViewed')) || [];
            var trackProduct = true;

            var productDetails = settings.getProductPageDetails();

            for (var i = productsViewed.length - 1; i >= 0; i--) {
                if (productsViewed[i].sku == productDetails.sku) {
                    if (productsViewed[i].product_name == productDetails.product_name && productsViewed[i].price == productDetails.price) {
                        trackProduct = false;
                    }
                    productsViewed.splice(i, 1);
                }
            }

            if (trackProduct) {
                productsViewed.push(productDetails);

                // console.log(productsViewed)
                if (localStorage.getItem('asProdCampaignId') === null) {
                    var campaign_id = settings.asAnonProdCampaignIds[Math.floor(Math.random() * settings.asAnonProdCampaignIds.length)];
                    localStorage.setItem('asProdCampaignId', campaign_id);
                } else {
                    var campaign_id = localStorage.getItem('asProdCampaignId');
                }

                if (asPageViews >= settings.minPageviewsForGen) {
                    asPushCartContents(productsViewed, 0, campaign_id);
                }

                localStorage.setItem('asProductsViewed', JSON.stringify(productsViewed));
                localStorage.setItem('asLastSavedProducts', new Date().toString());
            }
        }


        // Exclude email inputs
        for (var i = 0; i < settings.emailInputsToExclude.length; i++) {
            xloop: for (var x = 0; x < settings.emailInputsToExclude[i].length; x++) {
                if (emailInputsTracked.includes(settings.emailInputsToExclude[i][x])) {
                    continue xloop;
                }
                settings.emailInputsToExclude[i][x].addEventListener('blur', function(event) {
                    if (addshopValidateEmail(event.srcElement.value)) {
                        _add.push({
                            "custom_values": {
                                "as_network": false
                            },
                            "active_cart": false
                        });
                        localStorage.setItem('asAnonPushed', '1');
                        localStorage.setItem('asAnonDisable', '1');
                    }
                });
                emailInputsTracked.push(settings.emailInputsToExclude[i][x]);
            }
        }

        function excludeEmailUtm() {
            if (settings.emailUtmsToExclude.length == 0) {
                return false;
            }
            for (i = 0; i < settings.emailUtmsToExclude.length; i++) {
                if (document.URL.toLowerCase().search(settings.emailUtmsToExclude[i].toLowerCase()) > -1) {
                    return true;
                }
            }
            return false;
        }

        function asPushCartContents(cartRay, cartValue, campaignId) {
            _add.push(settings.addPushCustom({
                'campaign_id': campaignId,
                'active_cart': true,
                'cart_contents': cartRay,
                'cart_value': parseFloat(cartValue)
            }));
        }

        if (typeof settings.trackCustom == "function") {
            settings.trackCustom()
        }

    };

    function addshopValidateEmail(email) {
        var re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
        return re.test(email);
    }

    var addshopReadyEvent = document.createEvent('Event');
    addshopReadyEvent.initEvent('addshopNetworkReady', true, true);
    document.dispatchEvent(addshopReadyEvent);


    //---------END NETWORK EMAILS

} catch (e) {
    console.log(e);
}

#3 JavaScript::Eval (size: 437) - SHA256: f58a94b1c4ce4beb544851d2eda967102edaf7a7f2f3a656666e38b8420a9146

(function() {
    var a = 0,
        b = 0;
    "number" == typeof window.innerWidth ? (a = window.innerWidth, b = window.innerHeight) : document.documentElement && (document.documentElement.clientWidth || document.documentElement.clientHeight) ? (a = document.documentElement.clientWidth, b = document.documentElement.clientHeight) : document.body && (document.body.clientWidth || document.body.clientHeight) && (a = document.body.clientWidth, b = document.body.clientHeight);
    return a + "x" + b
})();

#4 JavaScript::Eval (size: 144) - SHA256: 83922537c84ccef06c4604729d8e467094cc38f9c2f60061b7ed7509b4b3bd1b

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(41)
    });
    return b
})();

#5 JavaScript::Eval (size: 94) - SHA256: ac0268139721ab8a26417da204639ecf4c993bd6805a6432e9d6649052eff371

(function() {
    var a = new Date("undefined"),
        b = new Date;
    a = 1.6534E-9 * (b - a);
    return Math.floor(a)
})();

#6 JavaScript::Eval (size: 85) - SHA256: a04c3943442defab7094288a6d20b07a844d53e39fbbdb544a772da02904073c

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(66);
    if (a) return "US-" + a
})();

#7 JavaScript::Eval (size: 47) - SHA256: 0b0baeb1d9c708a2ebe0feced3d1f71ed6144e89b3e243f1f6d66df89a038fa1

(function() {
    return (new Date).toISOString()
})();

#8 JavaScript::Eval (size: 2049) - SHA256: 2e5fdf7e51dd3d0a477b38983ec646f70009258d26cd64857aecb7cf2d87cf9f

(function() {
    var a = navigator.userAgent || navigator.vendor || window.opera;
    return /(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(a) || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(a.substr(0,
        4)) ? !0 : !1
})();

#9 JavaScript::Eval (size: 85) - SHA256: ecec43915794e6ecfd8b38a35d132fabff8395afdff96c107a9c0fb066f222ac

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(18);
    if (a) return "US-" + a
})();

#10 JavaScript::Eval (size: 1420) - SHA256: 2468a5e39ec6e778ecb183a7ec9ff3350ca98631ec721451a6dcafa9e2fa3c4e

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(19));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#11 JavaScript::Eval (size: 114) - SHA256: fd1f78ba7a1e8007b212b79031b555483e2af459035133e31d22e889f1587f91

(function() {
    var a = localStorage.getItem("em_base64"),
        b = google_tag_manager["GTM-P2Q9ZFQ"].macro(10);
    return b || a
})();

#12 JavaScript::Eval (size: 171) - SHA256: 2cd6b9f44c3796c6777283eb0135f5d52a42fc6a62accc76e13b2cd801a7a8ce

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(20) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#13 JavaScript::Eval (size: 1420) - SHA256: f6065a343fc48de08e024a98be686fcd66826f6fff0fa16ab1b37704c19ace32

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(43));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#14 JavaScript::Eval (size: 144) - SHA256: dd1b8c4063733dd45a514f6db9b8ca6726279dbd122bed5bf04a3280ecfaa97a

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(65)
    });
    return b
})();

#15 JavaScript::Eval (size: 68) - SHA256: dba9548a74568742c5f058172eb98a0b94a46265c49aec0d1d37c0b53aec661a

(function() {
    return window.screen.width + "x" + window.screen.height
})();

#16 JavaScript::Eval (size: 1420) - SHA256: 5c8d4261e29d18099618cb50117d56442399c667a14de0b624bfc6d127b961ef

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(56));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#17 JavaScript::Eval (size: 114) - SHA256: 408f7c709f93c9942ba04ca5b7a300901562b7abd208a4bbd01c8957b3a9b1f2

(function() {
    var a = localStorage.getItem("em_base64"),
        b = google_tag_manager["GTM-P2Q9ZFQ"].macro(69);
    return b || a
})();

#18 JavaScript::Eval (size: 144) - SHA256: a604d305c652f7300b435de9a4ed782c618430bd9a187aeaa18394fa21d77362

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(73)
    });
    return b
})();

#19 JavaScript::Eval (size: 171) - SHA256: ffbd4c0161a80fe9644379627ebbf06ffcff7466a6deb69b81f9061d48f522f0

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(78) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#20 JavaScript::Eval (size: 55) - SHA256: 7298340c9215e92c591ef8f21c78035181c3cc1ffd71ccc91e062f563f6e3fac

(function() {
    return window.screen.colorDepth + "-bit"
})();

#21 JavaScript::Eval (size: 85) - SHA256: 0980fc20a4b3f9c655a8b391dbad44b8ba3b3d7bdd47fbec6ee4482fbcd9695d

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(26);
    if (a) return "US-" + a
})();

#22 JavaScript::Eval (size: 171) - SHA256: 7398a51dc4d19afc07536c2d0aaafd2cdb11dac0acb824f1692e2d671361f25b

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(28) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#23 JavaScript::Eval (size: 1420) - SHA256: 12046c175ab54e3091403cf2c323cc334253eb2a6fbc8519d48987378d525725

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(36));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#24 JavaScript::Eval (size: 84) - SHA256: be4639d8879487a9267326640f1fad4a3b0453b9495fe26b002ad009693db13b

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(5);
    if (a) return "US-" + a
})();

#25 JavaScript::Eval (size: 144) - SHA256: fcd0aaeef2137a714fbb84c693128e7b1e202c785c9f9b58626b8e0124a20e29

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(54)
    });
    return b
})();

#26 JavaScript::Eval (size: 1420) - SHA256: ec9ecc6d2a0a86f0a69a46a001297ef62da0858fdb65e7f8a0460a8994273163

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(85));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#27 JavaScript::Eval (size: 171) - SHA256: 51f66d8a027ad26b87ce204829c41087199e93cda466d602f5c4d5f509a021d9

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(57) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#28 JavaScript::Eval (size: 43) - SHA256: 007cddfce59ab3c7b0d940e987ebe2c27ee1c2a171052809bdfd91f94a66f1db

(function() {
    return navigator.userAgent
})();

#29 JavaScript::Eval (size: 84) - SHA256: f3263094657350f2f8eb6131a742dc55abeaec74b080c6428d82cb0dd0ebf650

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(8);
    if (a) return "US-" + a
})();

#30 JavaScript::Eval (size: 144) - SHA256: 507919c085b18fabac7d26499091e0ddcbab074c6f2ea82c1d38699a8acb371e

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(25)
    });
    return b
})();

#31 JavaScript::Eval (size: 144) - SHA256: c7a200b7707339ed16ad4db047aa7334b0cae795721f0198c5c0ce987900050c

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(34)
    });
    return b
})();

#32 JavaScript::Eval (size: 85) - SHA256: dc0e2ae95d401895c5d38d339b291a0d36b10fbbfde8973025dc3b8337cec04c

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(55);
    if (a) return "US-" + a
})();

#33 JavaScript::Eval (size: 114) - SHA256: 916c32024f12657be1b76519232ff234413f00d127ab1a07f19ab5d4887563c5

(function() {
    var a = localStorage.getItem("em_base64"),
        b = google_tag_manager["GTM-P2Q9ZFQ"].macro(29);
    return b || a
})();

#34 JavaScript::Eval (size: 1420) - SHA256: a3a63cbda7d31f5e991c1ce6661f00478ed5e64056770236a2a80053631fa955

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(67));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#35 JavaScript::Eval (size: 85) - SHA256: b87edbcc66538ceb2730249093976a8e5dd4889ad16c734a9e5d3bdcb01f1a5d

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(35);
    if (a) return "US-" + a
})();

#36 JavaScript::Eval (size: 85) - SHA256: 0a39ceafe342651825802b1d736ff93e7a60352be0123a8540a0e8d954b39321

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(42);
    if (a) return "US-" + a
})();

#37 JavaScript::Eval (size: 171) - SHA256: c15eafcfca84d114c5c240e3dec441eaa06b053aaf19a2917ff309c9eb46922d

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(68) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#38 JavaScript::Eval (size: 144) - SHA256: 00170ec6864ad1b1e1d5d015c4623fb7eeba8f6dcd20ac2358ef710acfe912f3

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(82)
    });
    return b
})();

#39 JavaScript::Eval (size: 88) - SHA256: c7c5a76efc739a55534f9d32c21e209cb6f605c3de6e3d6abc2f5a1158f652fc

(function() {
    var a = window.navigator.userLanguage || window.navigator.language;
    return a
})();

#40 JavaScript::Eval (size: 144) - SHA256: a4ac4945372f84a516442b0471eb0e1713fd715842c9637be1497946fcd5bfc0

(function() {
    var b = window.dataLayer.filter(function(a) {
        return a["gtm.uniqueEventId"] == google_tag_manager["GTM-P2Q9ZFQ"].macro(17)
    });
    return b
})();

#41 JavaScript::Eval (size: 114) - SHA256: c18839c83ff0dc17e0d7f9757dd2e4807e992f3d4db463e9c71ceef39b0385cc

(function() {
    var a = localStorage.getItem("em_base64"),
        b = google_tag_manager["GTM-P2Q9ZFQ"].macro(21);
    return b || a
})();

#42 JavaScript::Eval (size: 260) - SHA256: 23f6bb2bf69256661c531072b42e74f544d609a828ab2918c285b454ecc45d57

(function() {
    var b = document.location.pathname,
        a = document.location.search,
        d = RegExp("prefillEmail|mi_u|prefillFirstName|prefillLastName");
    return a ? (a = a.substring(1), a = a.split("\x26"), a = a.filter(function(c) {
        if (!d.test(c)) return c
    }), a = a.join("\x26"), b + "?" + a) : b
})();

#43 JavaScript::Eval (size: 171) - SHA256: bb580c4f2044d75164d20641e3e5f16b6f4e764c45bc3714752fcdab58d70c14

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(44) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#44 JavaScript::Eval (size: 1915) - SHA256: 343d6c43991ff0597ce65a59714b85c774be820c2d96e0905a889a4bfc8fd2c6

/////////////////  refire affiliate link on cart  ////////////////////////////////////
AddShoppersWidget._asReFireAffLinkString = "https://www.tkqlhce.com/click-7738547-15259383"; //VARIABLE
AddShoppersWidget._asReFireAffLink = "asReFireAffLink";
if (window.location.href.indexOf('utm_source=AddShoppers') == -1) { //VARIABLE
    //if (window.location.pathname == '/plans') { //VARIABLE
    var lastLinkRefire = localStorage.getItem(AddShoppersWidget._asReFireAffLink);
    if (lastLinkRefire == null) lastLinkRefire = -1;
    if (lastLinkRefire < Date.now() - 86400000) {
        var url = 'https://app.shop.pe/app/attribution';
        var data = {
            siteId: AddShoppersWidget.id,
            sessionId: AddShoppersWidget.session_id
        };
        AddShoppersWidget.ajax({
                type: 'POST',
                data: AddShoppersWidget.jsonPoly.stringify(data),
                url: url,
                contentType: 'application/json',
                success: function(r) {
                    var json = JSON.parse(r.response);
                    if (json.results) {
                        if (json.results.triggered_email_click) {
                            if (json.results.triggered_email_click.whence == 'Email Click') {
                                var created_at = json.results.triggered_email_click.created_at;
                                created_at = created_at.replace('.Z', 'Z');
                                created_at = Date.parse(created_at);
                                //If event is created in last 24 hours
                                if (created_at > Date.now() - AddShoppersWidget.attribution_hours * 60 * 60 * 1000) {
                                    localStorage.setItem(AddShoppersWidget._asReFireAffLink, Date.now());

                                    window.location.href = AddShoppersWidget._asReFireAffLinkString;
                                }
                            }
                        }
                    }
                },
                error: function() {}
            }, {})
            /////////////////
    }
    // if url end: }
}
//////////////   eof # refire affiliate link on cart    ////////////////////////////

#45 JavaScript::Eval (size: 1419) - SHA256: a07360788b5a68f95beff997b84423b2ff17356bc3e6f501d785de3e35d5b468

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(9));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#46 JavaScript::Eval (size: 171) - SHA256: f4a4046a3d49139eec6eff2ffe750b71e365044fbcce4fe49aaa5d832b67158d

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(37) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#47 JavaScript::Eval (size: 85) - SHA256: b1a25ae378b3ac87fda442fa15b61c930a1e0b69ee532316cd9121523624c49b

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(74);
    if (a) return "US-" + a
})();

#48 JavaScript::Eval (size: 85) - SHA256: 40094d0e457cca4c5a3588ad6331637d76560d166747873af46a43690316314b

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(83);
    if (a) return "US-" + a
})();

#49 JavaScript::Eval (size: 274) - SHA256: 9acc977704569aa9c179f29799b7f6efcdea0690920991ab78bd0eb51d96fee3

(function() {
    var b = window.dataLayer.filter(function(a) {
        if ("gaEventTrigger" == a.event && a.hasOwnProperty("gaEventAction") && "applyVoucher" == a.gaEventCategory && a.gaEventAction.includes("notificationImpression | valid")) return a
    });
    return b[0].gaEventLabel.split("|")[0].trim()
})();

#50 JavaScript::Eval (size: 114) - SHA256: d16b0ed33f25df04e030763e6297127ba9d5128d085ba3b116286ba62921421f

(function() {
    var a = localStorage.getItem("em_base64"),
        b = google_tag_manager["GTM-P2Q9ZFQ"].macro(58);
    return b || a
})();

#51 JavaScript::Eval (size: 91) - SHA256: 234ab0e7b721721e814afc697c8dd0ea416a890f5cbd409a74cc066d66962820

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(76);
    return a.split(" | ")[2]
})();

#52 JavaScript::Eval (size: 170) - SHA256: 519c734c12dab554ec75ddf945cb770e6b7a1c4f7b4b15f629b42d729d0535bd

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(7) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#53 JavaScript::Eval (size: 1420) - SHA256: 454941d0d37940864217e3b8a8606a1cb6c28b993b107b74ffd35511c9236be0

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(27));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#54 JavaScript::Eval (size: 87) - SHA256: 7f04d3d2edc0da059f98dcf6f1ac6d0f768ef0dc784833acdec93a1c66bf7cb8

(function() {
    var a = "\/plans",
        b = /20+[\w-]+[\w-]+-W+[\w-]+[\w-]/g;
    return a = a.match(b)
})();

#55 JavaScript::Eval (size: 1420) - SHA256: e4b611c9127aab7fda1eb3ba1b18983d8825de86e4443744d8878ddc539744c7

(function() {
    var a = "analytics-training.pl 3ds-hanseaticbank.de 3dsecure-vrp.de 3dsecure.com 3dsecure.no abnamro.nl acs.sia.eu activa-card.com adyen.com americanexpress.com ampproject.org arcot.com asnbank.nl bankieren.ideal.ing.nl betalen.rabobank.nl bnz.co.nz bunq.com cardcomplete.com cardinalcommerce.com cartasi.it cic.fr cm-cic.com comdirect.de commerzbank.de consorsbank.de creditmutuel.fr deutsche-bank.de diensten.snsbank.nl easybank.at edb.com europabank.be everyplate.de hanseaticbank.de hellofresh.zendesk.com icscards.nl ideal.ing.nl ideal.knab.nl ideal.regiobank.nl ideal.snsbank.nl ideal.triodos.nl ideal.vanlanschot.com ing.be ing.com ing.de ing.nl klarna.com lcl.fr live.adyen.com lloydstsb.com mastercard.us mercurypaymentservices.it modirum.com mycardplace.com mycardsecure.com nab.com.au nxt.to paylife.at paypal.com pluscard.de psa.at rabobank.n rabobank.nl redsys.es regiobank.nl royalbank.com sbanken.no securecode.com securesuite.co.uk securesuite.net sia.eu slsp.sk snsbank.nl sofort.com sparebank1.no sparkasse.at sparkassen-kreditkarten.de swedbank.se swisscard.ch targobank.de touchtechpayments.com verifiedbyvisa.com westpac.com.au wlp-acs.com www.greenchef-biologischh.de www.greenchef-specialdiets.de mastercard.us".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-P2Q9ZFQ"].macro(77));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + "$")).test(b[1])) return "true"
})();

#56 JavaScript::Eval (size: 171) - SHA256: e3a39d925729d3252c254f404b3ff7e5706fdcd1b1522b7449893f93f7d0a38a

(function() {
    return google_tag_manager["GTM-P2Q9ZFQ"].macro(86) || window.location.protocol + "//" + window.location.hostname + window.location.pathname + window.location.search
})();

#57 JavaScript::Eval (size: 84) - SHA256: 35b0a2b3cb0cd5eeb26f94e3225d660313b82aa843ccf97cb7eb4775847af9a6

(function() {
    return document.location.hostname.match(/(everyplate.*\.?.*)/gi)[0]
})();

#58 JavaScript::Eval (size: 91) - SHA256: 798712397ddaf622d667052b2f6cff3fd68a96dff7c29c9aec4f0fd1f72a0ee7

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(75);
    return a.split(" | ")[2]
})();

#59 JavaScript::Eval (size: 91) - SHA256: 3bdf553a70f0797b9d4acc0e1c6f00f492b904653b71de38fac01e38a8224e99

(function() {
    var a = google_tag_manager["GTM-P2Q9ZFQ"].macro(84);
    return a.split(" | ")[2]
})();

#60 JavaScript::Eval (size: 6452) - SHA256: 31f5890232343beec75ab42b45e5b825c09b677644f6064d75f4115d6256baf5

;
(function(trigger, id, start, end) {
    var now = Date.now();
    if (now > start && (end == null || now < end)) {
        window.AddShoppersTriggerRunner(trigger, function() {
            window.AddShoppersTriggerRunner.updateUsersActiveEmailCampaign(id);
            _add.push({
                campaign_id: id,
                active_cart: true
            })
        })
    }
})({
    "id": null,
    "combinator": "all",
    "rules": [{
        "field": "cart-count",
        "id": "id_37neqcl0sv2",
        "value": 0,
        "operator": "greater-than"
    }]
}, "60e86ffa27f7c314acfdf9f6", 1657303258354, null);;
(function(trigger, id, start, end) {
    var now = Date.now();
    if (now > start && (end == null || now < end)) {
        window.AddShoppersTriggerRunner(trigger, function() {
            window.AddShoppersTriggerRunner.updateUsersActiveEmailCampaign(id);
            _add.push({
                campaign_id: id,
                active_cart: true
            })
        })
    }
})({
    "combinator": "all",
    "rules": [{
        "id": "id_rctj615r2ll",
        "value": {
            "duration": 720,
            "unitOfTime": "hours",
            "count": 0
        },
        "operator": "greater-than",
        "field": "product-views"
    }, {
        "id": "id_jej8qr0iz9",
        "operator": "greater-than",
        "value": 3,
        "field": "page-views"
    }, {
        "id": "id_8sdwd1402md",
        "value": "60e86ffa27f7c314acfdf9f6",
        "operator": "is-not",
        "field": "users-active-campaign"
    }],
    "id": null
}, "60ff126b27f7c3756142546e", 1657303234988, null);

(function() {
    // User code
    function asIsProductPage() {
            if (document.querySelector('[data-test-id="select-plan-button"]')) {
                try {
                    return {
                        'product_name': document.querySelector('#page h1').textContent.replace(';', ',').trim(),
                        'image': document.querySelector('img[alt="Top Rated"]').src.split('?')[0],
                        'price': parseFloat(document.querySelector('[data-test-id="box-price"]').textContent.replace(';', ',').replace(/[^0-9\.]/g, '')),
                        'quantity': 1,
                        'sku': document.URL.split('?')[0]
                    }
                } catch (e) {
                    _add.push({
                        'push_response': true,
                        'custom_values': {
                            'broken_selectors': 'product',
                            'url': document.URL.split('?')[0]
                        }
                    });
                }
            }
        }
        // End of user code
    if (typeof asIsProductPage === 'function') {
        window.asIsProductPage = asIsProductPage;
    }
})();


(function() {
    // User code
    function asCartRows() {
            try {
                return document.querySelectorAll('form+section');
            } catch (e) {
                _add.push({
                    'push_response': true,
                    'custom_values': {
                        'broken_selectors': 'cart',
                        'url': document.URL.split('?')[0]
                    }
                });
            }
        }
        // End of user code
    if (typeof asCartRows === 'function') {
        window.asCartRows = asCartRows;
    }
})();


(function() {
    // User code
    function asOfferRedemption(callback) {
            var element = document.querySelector('#voucherCode')
            if (typeof(element) != 'undefined' && element != null) {
                element.addEventListener('change', (event) => {
                    callback(element.value);
                });
            }
        }
        // End of user code
    if (typeof asOfferRedemption === 'function') {
        window.asOfferRedemption = asOfferRedemption;
    }
})();


(function() {
    // User code
    function asCartItems(cartRows) {
            if (cartRows.length > 0) {
                var asCartArr = [];
                for (let x = 0; x < cartRows.length; x++) {
                    try {
                        let asCartProduct = {
                            'product_name': cartRows[x].querySelector('form+section>dl:first-child>dt>div>span').innerText.trim().replace(/\r?\n|\r/g, ''),
                            'price': cartRows[x].querySelector('form+section>dl:first-child>dd>span').textContent.replace(/[^0-9\.]/g, ''),
                            'image': document.querySelector('img').src,
                            'quantity': 1,
                            'sku': document.URL.split('?')[0]
                        }
                        asCartArr.push(asCartProduct);
                    } catch (e) {
                        _add.push({
                            'push_response': true,
                            'custom_values': {
                                'broken_selectors': 'cart',
                                'url': document.URL.split('?')[0]
                            }
                        });
                    }
                }
                return asCartArr;
            }
        }
        // End of user code
    if (typeof asCartItems === 'function') {
        window.asCartItems = asCartItems;
    }
})();


(function() {
    // User code
    function asCart(isCartPage) {
            // console.log('asCart');
            isCartPage();

            function isCartPage() {
                if (document.URL.search('/checkout') > -1) {
                    return true;
                }
            }
        }
        // End of user code
    if (typeof asCart === 'function') {
        window.asCart = asCart;
    }
})();


(function() {
    // User code
    //Preventing takeback - Marinko
    try {
        localStorage.setItem(AddShoppersWidget._asPreventPopSpamLocalStorageItemKey, Date.now());
    } catch (eRr) {
        console.log(eRr)
    }

    // End of user code
    if (typeof asLoggedIn === 'function') {
        window.asLoggedIn = asLoggedIn;
    }
})();;
AddShoppersTriggerRunner.dataLayerLoaded();
AddShoppersWidget && AddShoppersWidget.dataLayerLoaded && AddShoppersWidget.dataLayerLoaded();

Executed Writes (2)

#1 JavaScript::Write (size: 173) - SHA256: 91dab7dfa62dd25a6c15b12e0266fe25b4a7a1bc74abfc0a052af189e4611ee1

< head > < /head><body onload="var d=document;d.getElementsByTagName('head')[0].appendChild(d.createElement('script')).src='https:/ / w.usabilla.com / 6349 bf73fcae.js ? lv = 1 '"></body>

#2 JavaScript::Write (size: 496) - SHA256: 8ac4ebd656f5f5598b6be266e80221522b3c18fa87ddbf9aaf01e90b49d1ae52

< !DOCTYPE html >
    < html lang = "en-US" >
    < base href = "https://d6tizftlrpuof.cloudfront.net/live/" > < /base> < title > Usabilla Feedback Button < /title> < style type = 'text/css'
nonce = '6349bf73fcae' >
    body {
        background: transparent;padding: 0;margin: 0;text - align: left;
    }
img {
    cursor: pointer;display: block;margin: 0 auto;
} < /style> < body >
    < img src = 'https://d6tizftlrpuof.cloudfront.net/themes/production/hellofresh-button-e43a26541055ffe8644286114c4c9d3c.png'
width = '35'
height = '100' / >
    < /body> < /html>

HTTP Transactions (108)

Request	Response
GET /2m104zw43M/w27/LPONPSNQ/LKKNNORTQ/K/K/K?d=sxni=Dfi56hjDAB8f97EfDCCiD6C6ff888ghC%3C%3Cmyyux://111.pv43ko.htr/hqnhp-655889CEB-6A98AD8B%3C%3CL%3Cmyyu://111.4fqpp1jjy.htr%3C%3C6%3C6%3C5%3C5%3C5%3C HTTP/1.1 Host: cj.dotomi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	89.207.16.75 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: Resin/4.0.66 P3P: policyref="/w3c/p3p-d.xml", CP="NOI DSP NID OUR STP" Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Thu, 23 Mar 2023 15:03:57 GMT Set-Cookie: CJSession=d2c38315-3eed-4a62-adec-4c0ec9708cc3; Max-Age=-1; Domain=.dotomi.com; Path=/; Secure; SameSite=None cjae=Wvrlw0OmDywo; Max-Age=34041593; Domain=.dotomi.com; Path=/; Secure; SameSite=None DotomiUser=400605114861181454$0$1; Max-Age=34041593; Domain=.dotomi.com; Path=/; Secure; SameSite=None LCLK=cjo!x9br-taws0ftc; Max-Age=34041593; Domain=.dotomi.com; Path=/; Secure; SameSite=None Location: https://www.emjcd.com/a4111ar-zJ/ry2/GKJIKNIL/GFFIIJMOL/F/JFFLFKGGJNLGGNGJKJ:l95-AFd0SCA2/tuqNtqsOrONqGGtsNGpOqNtuFpGNqNuL?l=mA0v%3DQsvIJuwQNOLsMKRsQPPvQJPJssLLLtuP%3cu16!FRt9-BsEAIxBu%3czBB7A%3A%2F%2FEEE.28HGx1.u64%2Fu30u2-JIILLMPRO-JNMLNQLO%3c%3cY%3czBB7%3A%2F%2FEEE.Hs322EwwB.u64%3cvKuLQLJN-Lwwv-MsOK-svwu-MuIwuRPIQuuL%3cJ%3cJ%3cI%3cI%3cI%3c Content-Length: 831 Date: Thu, 23 Mar 2023 15:03:57 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (413) Size: 831 Md5: 81353b8b49e3a7e3aa96e54c65e62487 Sha1: 58549b0ef8f5b93ca2369ab8dfbfc2a52a42ac35 Sha256: 1eb174a8e0cfe84216baba65f73d27bd99c2efbb67f4f71c5c23006670286b3d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14640 Expires: Thu, 23 Mar 2023 19:07:58 GMT Date: Thu, 23 Mar 2023 15:03:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bea3185dd820a31c1981317f37c3456d Sha1: 1a548a5d27270fc11df9011837a7149571cedd78 Sha256: 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8764 Expires: Thu, 23 Mar 2023 17:30:02 GMT Date: Thu, 23 Mar 2023 15:03:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65fc860bc043f3fb83bdc3debdcd322d Sha1: 418010755deae099ef1284e402813c5837a10f42 Sha256: d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6768 Expires: Thu, 23 Mar 2023 16:56:46 GMT Date: Thu, 23 Mar 2023 15:03:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 51a5d4696a6090c295850554508b51ce Sha1: c44e143c2223546e64b19f543b8101aaf3b11e97 Sha256: 8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 14:27:33 GMT age: 2185 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 4ad6984a756720fbfff47b37a75513a2 Sha1: 355e35258114452af8b9638985ed9d8ef3bf0aca Sha256: 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: odPhgwg5VGHljfPMaBaI7VW9O60Ro42N48rdgbOmjhoP/jR1RAwhmnGqow4JLKSRGhtJ3SnfJCU= x-amz-request-id: W5MDTQG944VE9YGC x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 15:00:00 GMT age: 238 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e7bace7c1e04d44012e37ddffe36e5d5 Sha1: 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:03:58 GMT Content-Length: 1432 Connection: keep-alive Expires: Mon, 27 Mar 2023 11:53:35 GMT ETag: "f3fe1d02807b48b311f909793b07dde51ba7d4fa" Last-Modified: Thu, 23 Mar 2023 11:53:36 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2631 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ac7906c4d92b50b-OSL --- Additional Info --- Magic: data Size: 1432 Md5: 9314e67558fdee4490dc889cac73bd92 Sha1: f3fe1d02807b48b311f909793b07dde51ba7d4fa Sha256: 0094371e031d3cdd74010dc04eed334d58261f2ad70c3813c27d07f1b00e9913
GET /a4111ar-zJ/ry2/GKJIKNIL/GFFIIJMOL/F/JFFLFKGGJNLGGNGJKJ:l95-AFd0SCA2/tuqNtqsOrONqGGtsNGpOqNtuFpGNqNuL?l=mA0v%3DQsvIJuwQNOLsMKRsQPPvQJPJssLLLtuP%3cu16!FRt9-BsEAIxBu%3czBB7A%3A%2F%2FEEE.28HGx1.u64%2Fu30u2-JIILLMPRO-JNMLNQLO%3c%3cY%3czBB7%3A%2F%2FEEE.Hs322EwwB.u64%3cvKuLQLJN-Lwwv-MsOK-svwu-MuIwuRPIQuuL%3cJ%3cJ%3cI%3cI%3cI%3c HTTP/1.1 Host: www.emjcd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: S=400304691067107314:pV.o1z2jD9Zf; LCLK=cjo!xdxv-an9g851-xeu3-wiu1cky Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	89.207.16.75 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: Resin/4.0.66 Set-Cookie: S=400605114861181454:Wvrlw0OmDywo; Max-Age=34041593; Domain=.emjcd.com; Path=/; Secure; SameSite=None LCLK=cjo!x9br-taws0ftc; Max-Age=34041593; Domain=.emjcd.com; Path=/; Secure; SameSite=None CJSession=d2c38315-3eed-4a62-adec-4c0ec9708cc3; Max-Age=-1; Domain=.emjcd.com; Path=/; Secure; SameSite=None S=400605114861181454:Wvrlw0OmDywo; Max-Age=34041593; Domain=.emjcd.com; Path=/; Secure; SameSite=None P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT" Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Thu, 23 Mar 2023 15:03:58 GMT Location: https://www.everyplate.com/plans?mealsize=4-5&c_comms=PER-SERVING&c=MVO139E&utm_source=M1&utm_medium=cpa&utm_campaign=100334796&utm_id=cj~15435836&cjevent=efb8ebd9c98b11ed81a9b8ef0a18b8f6 Content-Length: 549 Date: Thu, 23 Mar 2023 15:03:58 GMT X-VC-HTTPS: On --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 549 Md5: 209183b707c8e83553a304168e3b7e68 Sha1: d82a156ace9f457a25346358b1b53743392ad190 Sha256: 3f939b555cfde70ca27bc915e1ec4df04171d818d5945fc7eb03ef36ca3ca2ca
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 23 Mar 2023 15:03:58 GMT content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 14:14:33 GMT age: 2965 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3012 Expires: Thu, 23 Mar 2023 15:54:10 GMT Date: Thu, 23 Mar 2023 15:03:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 10173 Md5: bb9139d6e392244f42a8c92371cfd73e Sha1: 4a380438d9a835c12f5f5e3f3837b3af34d89a26 Sha256: 21959f2c7fb635d2017139a8463da2b1bb4c52b76ed82bf3871f97eafeb7a771
POST /s/gts1d4/dHjUbCpt8_E HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:03:58 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 2969 Md5: 00c6f622348fe8e63e1a6815174c6fe2 Sha1: dc7e910092bf26d903a1f72d4b1d9dcd3cb62158 Sha256: 17ace723b2b1a11e3a7036a260725082d15d966370847f58607cdf3583fbeb60
POST /s/gts1d4/dHjUbCpt8_E HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:03:58 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ca33dd981527ffd8204f070a6db7ada7 Sha1: 6166ee2d4a58addd83cabde6453f9b3164f30466 Sha256: 546ecaa78b39b4544c491408bba19db612cd6ca970aa34390a0a271a8b21c351
POST /s/gts1d4/dHjUbCpt8_E HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:03:59 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ca33dd981527ffd8204f070a6db7ada7 Sha1: 6166ee2d4a58addd83cabde6453f9b3164f30466 Sha256: 546ecaa78b39b4544c491408bba19db612cd6ca970aa34390a0a271a8b21c351
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "584FA8D0DEE40CFB0B503173012A0BF41D3B77DB78BC80FBBB903ED931B27673" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18118 Expires: Thu, 23 Mar 2023 20:05:57 GMT Date: Thu, 23 Mar 2023 15:03:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 13344 Md5: 554bbac2fd11521d1fdc7a9aa33516b9 Sha1: 5f9a8c045a47f243352479de2993f8d49eed031f Sha256: 864fa6aa42d8a44066047fe04b34f8bf4c3408f3c42943939c0a4f53fce1afe0
POST /api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0 HTTP/1.1 Host: o46710.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.everyplate.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://www.everyplate.com Content-Length: 421 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 23 Mar 2023 15:03:59 GMT content-length: 2 access-control-allow-origin: https://www.everyplate.com access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 8696 Md5: cf6adcbb2eb5555dbefb9a235ff5935b Sha1: 4669220364873f4f3a6538500fad058f5f6c8187 Sha256: 32a43e31164171d7fb36df206c34703a79b9abcd6828874a0326ee1566bfcf66
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: baKeZIct5EOtq0LUPfAhkw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.32.229.246 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: S06kz14+eban3xkDumKoJ/hW7RY= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "584FA8D0DEE40CFB0B503173012A0BF41D3B77DB78BC80FBBB903ED931B27673" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18118 Expires: Thu, 23 Mar 2023 20:05:57 GMT Date: Thu, 23 Mar 2023 15:03:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0d9dae9bb54c02b2c3b12c219d4c3084 Sha1: 6918a01c8f1486320e0770146fc0a4158ea29681 Sha256: 584fa8d0dee40cfb0b503173012a0bf41d3b77db78bc80fbbb903ed931b27673
GET /local-tagging-container HTTP/1.1 Host: tms.hft.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	34.160.69.63 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control vary: Accept-Encoding, Accept-Encoding cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 accept-ranges: none x-cloud-trace-context: e29866177300e9829b924ddbd55a9d64 date: Thu, 23 Mar 2023 15:03:58 GMT server: Google Frontend via: 1.1 google content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (11866) Size: 64308 Md5: e24c9d446da218dab40564a935428a73 Sha1: 2d5c2160fb073bed38e22b058cc551a6bef3a60d Sha256: 44a06b23e7b9d5dce15087cc751f0b176a35b70ad2810095478ffb8aeb449af4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15106 Expires: Thu, 23 Mar 2023 19:15:46 GMT Date: Thu, 23 Mar 2023 15:04:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15106 Expires: Thu, 23 Mar 2023 19:15:46 GMT Date: Thu, 23 Mar 2023 15:04:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15106 Expires: Thu, 23 Mar 2023 19:15:46 GMT Date: Thu, 23 Mar 2023 15:04:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15106 Expires: Thu, 23 Mar 2023 19:15:46 GMT Date: Thu, 23 Mar 2023 15:04:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 2737 Md5: 5ae547e2a1bcfaecf074af72436fb82c Sha1: b5f7d0b7e8d38bea8661e5397ae1f2ca17d1d749 Sha256: f9a81e667de74f6cc3576ff72e405317ec18772e360483f13e5fe28270ee51fd
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15106 Expires: Thu, 23 Mar 2023 19:15:46 GMT Date: Thu, 23 Mar 2023 15:04:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7424 x-amzn-requestid: 9a2bd57a-40d2-4bc0-b4ca-183e9a928bdc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM-3aGPzoAMFj6Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b782f-0dc56e4a7c4aaeb45b45c75b;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:50:39 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 8mTKClr9GKzzrm1TtEmMeBnOQfMLTO4dBuAO-fE4UEfV-SwrFbkjZQ== via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 02:54:31 GMT age: 43769 etag: "709b01a360624eceafb1876f56378824aa4936b3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7424 Md5: 05c7970e81559904d05b6e8cf693f085 Sha1: 709b01a360624eceafb1876f56378824aa4936b3 Sha256: a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4912 x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8H3Fl1IAMFYgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:47:44 GMT age: 62176 etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4912 Md5: f4a771935927950222124e14b56046df Sha1: d07fe53e4ac41048497b2732c017f6666c3eda9e Sha256: 4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10284 x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM6hjEqtIAMFvXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Pv-MA9gQ4PmXuY3EWSC77_g2fn_C9-bYUQ4azcrxLNvtwY6CZZg1nA== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 07:55:01 GMT age: 25739 etag: "5035ed41f497c97faefae9cdaf42dc07ab468557" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10284 Md5: 4e89d0b1281259e7399294fb5fa19d2b Sha1: 5035ed41f497c97faefae9cdaf42dc07ab468557 Sha256: f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4905 x-amzn-requestid: f2297c3e-1187-48f5-bffb-c5ea1a79a10b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CBFgcF4_oAMFd6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6416b602-02696af01c0d586c631c5b45;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 07:13:06 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: R9mjcik3i0kISOeO4gVZP6XhhvZO00mriabAtJ8vv1kNhRpz_lfsHQ== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 06:31:03 GMT age: 30777 etag: "4f25bdbffca3803b02c196c38491223684d36b4d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4905 Md5: 90f64fe111aa6e90ebf52e0335d21b75 Sha1: 4f25bdbffca3803b02c196c38491223684d36b4d Sha256: 37894e16112286470b7fd2e0bbd5ca74944e6cb5ca6e8aff189c4515122a0d40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6692 x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM9d9FcOoAMFaFQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 07:54:24 GMT age: 25776 etag: "156ef59e53564a4f2b27002b2695fafecd578d82" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6692 Md5: c05bfdf1411a931d8ea9adc64b07bc74 Sha1: 156ef59e53564a4f2b27002b2695fafecd578d82 Sha256: 15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:59:52 GMT age: 61448 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10480 Md5: 6f0b9e85381489dcf646c251722b21d4 Sha1: 5f7ea91288a2170bcabdca6be296718c4191eacd Sha256: 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/er/assets/plansPage/recipeTypes/Top.png HTTP/1.1 Host: images.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA=; __cfruid=75ee7eac51cd254fc66f9690a67daf0d43b261d6-1679583838 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	2.18.173.70 HTTP/2 200 OK content-type: image/avif etag: "b06c2dc98449f364c5b7da4d7dc40020" last-modified: Tue, 28 Feb 2023 07:40:18 GMT content-length: 22111 date: Thu, 23 Mar 2023 15:04:00 GMT cache-control: private, no-transform, immutable, max-age=31536000 access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options access-control-allow-origin: * accept-ranges: bytes timing-allow-origin: * server: Cloudinary strict-transport-security: max-age=604800 vary: Accept,User-Agent,Save-Data x-content-type-options: nosniff server-timing: cld-akam;dur=4;start=2023-03-23T15:04:00.252Z;desc=hit,rtt;dur=2 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, AVIF Image\012- data Size: 22111 Md5: b06c2dc98449f364c5b7da4d7dc40020 Sha1: 41a1ce5f43e501238839750c1f0e53efe557fb26 Sha256: ad1ce5774a590f13d1416a291d01b391d521876e5c83778285cc64c52181d083
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/er/assets/plansPage/recipeTypes/Veggie.png HTTP/1.1 Host: images.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA=; __cfruid=75ee7eac51cd254fc66f9690a67daf0d43b261d6-1679583838 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	2.18.173.70 HTTP/2 200 OK content-type: image/avif etag: "4a55b34d36bb12c356ad3fbec3cad66e" last-modified: Tue, 28 Feb 2023 07:40:19 GMT content-length: 37771 date: Thu, 23 Mar 2023 15:04:00 GMT cache-control: private, no-transform, immutable, max-age=31536000 access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options access-control-allow-origin: * accept-ranges: bytes timing-allow-origin: * server: Cloudinary strict-transport-security: max-age=604800 vary: Accept,User-Agent,Save-Data x-content-type-options: nosniff server-timing: cld-akam;dur=4;start=2023-03-23T15:04:00.252Z;desc=hit,rtt;dur=2 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, AVIF Image\012- data Size: 37771 Md5: 4a55b34d36bb12c356ad3fbec3cad66e Sha1: 4556be7ce6b2281c1a818f3158d9bf4611f8ab42 Sha256: ea8f5cfc23388356abf715e036d9de2da88e3c73545a5ef770d2ec60e983fe4a
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/er/assets/plansPage/recipeTypes/Spicy.png HTTP/1.1 Host: images.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA=; __cfruid=75ee7eac51cd254fc66f9690a67daf0d43b261d6-1679583838 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	2.18.173.70 HTTP/2 200 OK content-type: image/avif etag: "b8d39cd1e0a3ebb731137379993351b9" last-modified: Tue, 28 Feb 2023 07:40:18 GMT content-length: 26421 date: Thu, 23 Mar 2023 15:04:00 GMT cache-control: private, no-transform, immutable, max-age=31536000 access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options access-control-allow-origin: * accept-ranges: bytes timing-allow-origin: * server: Cloudinary strict-transport-security: max-age=604800 vary: Accept,User-Agent,Save-Data x-content-type-options: nosniff server-timing: cld-akam;dur=4;start=2023-03-23T15:04:00.252Z;desc=hit,rtt;dur=2 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, AVIF Image\012- data Size: 26421 Md5: b8d39cd1e0a3ebb731137379993351b9 Sha1: 1d587f9bbd4eac00ab52c8ac6bc7a4f50b214a35 Sha256: 2119ea94cbc46fe4605ab8fb2f5e929024aed2c00cfec5cf8093cf5012f15b89
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/er/assets/plansPage/recipeTypes/Family.png HTTP/1.1 Host: images.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA=; __cfruid=75ee7eac51cd254fc66f9690a67daf0d43b261d6-1679583838 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	2.18.173.70 HTTP/2 200 OK content-type: image/avif etag: "a8d9876f839f33ba95f151d68ba153e5" last-modified: Tue, 28 Feb 2023 07:40:18 GMT content-length: 26304 date: Thu, 23 Mar 2023 15:04:00 GMT cache-control: private, no-transform, immutable, max-age=31536000 access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options access-control-allow-origin: * accept-ranges: bytes timing-allow-origin: * server: Cloudinary strict-transport-security: max-age=604800 vary: Accept,User-Agent,Save-Data x-content-type-options: nosniff server-timing: cld-akam;dur=4;start=2023-03-23T15:04:00.258Z;desc=hit,rtt;dur=2 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 28052 Md5: 613a7ed4430323019d46b516393f214f Sha1: d3a451e17360c418310e7b272d1fc13ce7397786 Sha256: a6d3e7b3ea08f1b8c7d2651e336fab31d7339bec5d942edd7d3afba9ff836d3f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8D9D91A09D77AFEBBF204D381DD0858D2B8C28F49D55715EFE3947F0CA6F832D" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4037 Expires: Thu, 23 Mar 2023 16:11:18 GMT Date: Thu, 23 Mar 2023 15:04:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 4529 Md5: 12ac3c252ae013ba6c888a7b9c5ed11a Sha1: 82a8611332740bf634a5cd6952161c8f07fc5c0e Sha256: bf70d65c870fd3ddd1819c4c36992efda78124da2908d93616f0f18cac8339f3
GET /4613/i.js HTTP/1.1 Host: tag.wknd.ai User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.120.253.250 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: istio-envoy content-length: 4274 timing-allow-origin: * x-region: us-central1 access-control-allow-origin: * link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect content-encoding: gzip x-envoy-upstream-service-time: 0 via: 1.1 google date: Thu, 23 Mar 2023 15:03:05 GMT age: 56 etag: 3cfe3184562dac vary: Accept-Encoding cache-control: public,max-age=60 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (11554) Size: 4274 Md5: d06437ab4a693fef7ac87e8ec47931e3 Sha1: da295f2a77dedd2988e9be92dfe5d07a28ba3319 Sha256: afb797076a956314010e16a7fd6c9387a3e15cca4fc243608c79b773469b797d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8D9D91A09D77AFEBBF204D381DD0858D2B8C28F49D55715EFE3947F0CA6F832D" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4037 Expires: Thu, 23 Mar 2023 16:11:18 GMT Date: Thu, 23 Mar 2023 15:04:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 2213 Md5: f29f936028918dc0c06ce597ddaf12a2 Sha1: f5237b439bc63b7c4b02f184fce7dad613ec745b Sha256: 11fb0ae5c72674b2ee89fb911333f9442672eafd64d9920942defa47ebd053de
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 675 Cache-Control: max-age=100223 Date: Thu, 23 Mar 2023 15:04:01 GMT Etag: "641b4c3d-2d7" Expires: Fri, 24 Mar 2023 18:54:24 GMT Last-Modified: Wed, 22 Mar 2023 18:43:09 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 727 --- Additional Info --- Magic: data Size: 59894 Md5: 8ce861ad6eaa3207dd076a319b8850ca Sha1: b5dfe48d8b2ef12cb735bd667b34a9e1c0db8f61 Sha256: 7b1d7731584c9a49f3072099035653a141b17d769130079cb2df402a953e8e80
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B50610F2F1F12CA94D258BE634F1AFFC0A66F74F5146AF62670C206AB7C8D4C" Last-Modified: Tue, 21 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3614 Expires: Thu, 23 Mar 2023 16:04:15 GMT Date: Thu, 23 Mar 2023 15:04:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 10201 Md5: 863caf7a47b8897bd8bf806658b1e096 Sha1: e15d280b6994be183a26c0b6f31b19b649d546af Sha256: fa3b67a29eaad62835f1bdd94f1d2b9c6914e8bbc9f0a90aa973a901b3ca9c29
GET /widget/widget_async.js HTTP/1.1 Host: shop.pe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	35.227.244.1 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Thu, 23 Mar 2023 15:04:01 GMT content-length: 178 location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js x-frame-options: deny content-security-policy: frame-ancestors none; strict-transport-security: max-age=31536000; includeSubDomains referrer-policy: no-referrer-when-downgrade via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 178 Md5: cd2e0e43980a00fb6a2742d3afd803b8 Sha1: 81ffbd1712afe8cdf138b570c0fc9934742c33c1 Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4827 Cache-Control: max-age=104375 Date: Thu, 23 Mar 2023 15:04:01 GMT Etag: "641b4c3d-2d7" Expires: Fri, 24 Mar 2023 20:03:36 GMT Last-Modified: Wed, 22 Mar 2023 18:43:09 GMT Server: ECAcc (ska/F756) X-Cache: HIT Content-Length: 727 --- Additional Info --- Magic: data Size: 727 Md5: 11751681bda273139e2e4bf62e6ef802 Sha1: 5a675dc456243e86a638c31fe8e4284725ca1289 Sha256: 02ab5b2dce18ff56eefa9bd18fd5735eeff44eb1f90fb1cc7b963f985cb6882e
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=170898 Date: Thu, 23 Mar 2023 15:04:01 GMT Etag: "641c5748-1d7" Expires: Sat, 25 Mar 2023 14:32:19 GMT Last-Modified: Thu, 23 Mar 2023 13:42:32 GMT Server: ECAcc (nya/78BE) X-Cache: Miss from cloudfront Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: jFthjWN4V9Z2HH57CM3vZ_vGJpBtkpOdElk6JaxK_Oc1DY2pha-aEw== Age: 2987 --- Additional Info --- Magic: data Size: 21912 Md5: 006abd3e3e63047f62ba77626d681925 Sha1: 48c371c16cca30a96045b51528c3727d91b8efb8 Sha256: 83776e78a0211cb75e1139c2510356ae5c423abb2db51631a03e38ea389795a0
GET /_/ad/8826af35621f4d989db31f02b360c0b9/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.everyplate.com%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6 HTTP/1.1 Host: q.quora.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.209.227.7 HTTP/1.1 200 OK Content-Type: image/gif Date: Thu, 23 Mar 2023 15:04:01 GMT Server: nginx Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Q-Stat: ,494cb4ae8264825f8eaeafd6cb389278,10.0.0.238,43940,91.90.42.154,,112504526484,1,1679583841.331,0.002,,.,0,0,0.000,0.004,-,0,0,197,177,88,10,34729,,,,,,-, Content-Length: 43 Connection: keep-alive --- Additional Info --- Magic: data Size: 4790 Md5: 5ac3200f6910cb7eec4e300023698136 Sha1: 4d2d050f96c1d57f5f1636a403f49c35aceac267 Sha256: 1d067ff21ef050b2dc2ed4a7b7c8cdf6ddb09a6192b25be6772b4911d282b1fb
GET /x/EPUS HTTP/1.1 Host: i.geistm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	18.208.121.3 HTTP/2 200 OK content-type: image/gif date: Thu, 23 Mar 2023 15:04:01 GMT content-length: 43 server: nginx x-powered-by: Express access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type, Accept x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 12217 Md5: bc148f4ba51970354960fa3ad26f8c9e Sha1: 8de764fde9ed3307e075c370ff89cd4bcac2be6c Sha256: ed6174596edff390d418b54fc669474bd6724618f7e7163c8506335aae854246
GET /widget/widget_async.js HTTP/1.1 Host: d3rr3d0n31t48m.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.111.79 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 content-length: 906 date: Thu, 23 Mar 2023 14:14:23 GMT last-modified: Tue, 21 Mar 2023 15:08:55 GMT etag: "9ab65ad65189c43fcf8835d4fcf3706e" x-amz-server-side-encryption: AES256 cache-control: max-age=3600, public content-encoding: gzip x-amz-meta-mtime: 1679411333.36 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: jFY2ixG7n_pbP6Uxv5NzWIi1JsjQmAS7h6HMIBk9xhuwV9DLm7crNQ== age: 2978 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 78033 Md5: fb4374b412b6df74ab0cbc58d4eff2d1 Sha1: 25ab3ad906fe2cc000d016101468c36bfb4cf6cb Sha256: 25e7e8fd07d935fbe89400700b572251bf10985912301a93f2b8f55a00cc0793
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: af767a0f38aa932dc23106c403e9b5f3 Sha1: 5a5662e147f43d1561ba78517738f6be86eb2cde Sha256: 359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 78815ec28cdd11dab4f66f2eaab35658 Sha1: c6fd7f2a657d87c6e7641be6fc69913c427cd26a Sha256: f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3
GET /bat.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	204.79.197.200 HTTP/2 200 OK content-type: application/javascript cache-control: private,max-age=1800 content-length: 11894 content-encoding: gzip last-modified: Thu, 16 Feb 2023 18:31:53 GMT accept-ranges: bytes etag: "8072cff03442d91:0" vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 87224171EBE04B93B4A7807CB5FC0D6D Ref B: OSL30EDGE0211 Ref C: 2023-03-23T15:04:01Z date: Thu, 23 Mar 2023 15:04:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (40607), with no line terminators Size: 11894 Md5: 04651bf0c51742f9007b1ae2b4486dee Sha1: 6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd Sha256: 5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666
GET /j/collect?t=dc&aip=1&v=1&_r=3&_v=j108&tid=UA-115749411-1&cid=288996551.1679583849&jid=645160666&gjid=440497750&_gid=378530595.1679583849 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	209.85.233.155 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: * strict-transport-security: max-age=10886400; includeSubDomains; preload date: Thu, 23 Mar 2023 15:04:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
GET /ads/ga-audiences?t=sr&aip=1&v=1&_r=4&_v=j108&slf_rd=1&tid=UA-115749411-1&cid=288996551.1679583849&jid=645160666 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.164 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 15:04:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f0607231b4674d2bfb5a6798b0b4093 Sha1: 6c14f5c952e413365703144951b09b7126ff8e2d Sha256: 869816689cb9507d294d69f953e8ea33452a177d405816ad86f729b123ceaa98
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: af767a0f38aa932dc23106c403e9b5f3 Sha1: 5a5662e147f43d1561ba78517738f6be86eb2cde Sha256: 359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
GET /widget/triggerRunner.js?v=bbf7e2b HTTP/1.1 Host: d3rr3d0n31t48m.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	54.230.111.79 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 content-length: 3812 date: Tue, 21 Mar 2023 15:09:15 GMT last-modified: Tue, 21 Mar 2023 15:08:54 GMT etag: "b5196f0a4553d619ed9ef3349b7e4fce" x-amz-server-side-encryption: AES256 cache-control: max-age=2592000, public content-encoding: gzip x-amz-meta-mtime: 1679411333.34 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: OSZAi88Tjh6RqpBPj1riceV9-bxFVsO9uG2MkUTiKFasDaaob8uoyg== age: 172487 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (577) Size: 3812 Md5: b5196f0a4553d619ed9ef3349b7e4fce Sha1: db05ad806144093227bae7727689ded6e5e6ed8c Sha256: f69e50a50a7f2e02144631f9b8f079d7a4f4ce4c4c5d9cf38ae25ad2832f3f76
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.245.110 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=152869 Date: Thu, 23 Mar 2023 15:04:01 GMT Etag: "641c05be-1d7" Expires: Sat, 25 Mar 2023 09:31:50 GMT Last-Modified: Thu, 23 Mar 2023 07:54:38 GMT Server: ECAcc (nya/7946) X-Cache: Miss from cloudfront Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: jQRO_nh9uY2rlxI2Fa4t5jLJzPAbJCHhZpzSUdp2onk7WM-p0FNqhA== Age: 5832 --- Additional Info --- Magic: data Size: 6266 Md5: 3d4e25f59a6b0a3bc2eac7d6caca8078 Sha1: b2103f4c8444478550e43d286b42f6d12ac8886e Sha256: e802f5a86a43433cfce1b4a24432d0b09b1db93c87bb26e4a03e39ac28a11d05
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=127211 Date: Thu, 23 Mar 2023 15:04:01 GMT Etag: "641ba4a9-1d7" Expires: Sat, 25 Mar 2023 02:24:12 GMT Last-Modified: Thu, 23 Mar 2023 01:00:25 GMT Server: ECAcc (nya/1C6C) X-Cache: Miss from cloudfront Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: v2EAFkIZkq2SjJJWZZScuOBOI6WGUdLSNI41Ny95srzaH-Sv-IHcKA== Age: 5027 --- Additional Info --- Magic: data Size: 471 Md5: e49f0fcce020dcc2c52dbe52245db31c Sha1: 694fb8118b3424cae8e6ee2275d1a6361a70dd17 Sha256: 90f5d369783b39fcbb151f7dfe06f943c93af639e1cacbbec50273bbc370d1b0
GET /live/chat-live.js HTTP/1.1 Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	52.218.30.8 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: cfgt9Nq3IEu3vzVz9oIykNhdUueJ2DaqwFY5XN4eEiS9zYULGPGCFAWZRaSAPcDofmr+bxbU1UU= x-amz-request-id: 3AGY2H2SF3BSA99Y Date: Thu, 23 Mar 2023 15:04:02 GMT x-amz-replication-status: FAILED Last-Modified: Tue, 07 Feb 2023 09:25:10 GMT ETag: "02866e2f4919b743a6fc28e322c8b805" x-amz-server-side-encryption: AES256 Cache-Control: no-cache,max-age=0,immutable Content-Encoding: gzip x-amz-version-id: bNodLFIyGgX.LCyl1WPp1nBqQRKnpOWR Accept-Ranges: bytes Server: AmazonS3 Content-Length: 53127 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65459) Size: 53127 Md5: 02866e2f4919b743a6fc28e322c8b805 Sha1: b213e9c00c046f9df62e059017462e55a8d1e766 Sha256: b3b71bffba704efed44b4715f0ae26719c1725ddfa77b7fe88f0b4778c1efb07
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Thu, 23 Mar 2023 15:04:01 GMT Last-Modified: Thu, 23 Mar 2023 13:55:05 GMT Server: ECAcc (bsa/EA9A) X-Cache: Miss from cloudfront Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: hyJIVepN494md-Yjwwk1t-zHGtu9TQ7Pra1kmGKn9lHEUwRoOMFOrg== Age: 4136 --- Additional Info --- Magic: data Size: 471 Md5: e49f0fcce020dcc2c52dbe52245db31c Sha1: 694fb8118b3424cae8e6ee2275d1a6361a70dd17 Sha256: 90f5d369783b39fcbb151f7dfe06f943c93af639e1cacbbec50273bbc370d1b0
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=125381 Date: Thu, 23 Mar 2023 15:04:02 GMT Etag: "641b9f3a-1d7" Expires: Sat, 25 Mar 2023 01:53:43 GMT Last-Modified: Thu, 23 Mar 2023 00:37:14 GMT Server: ECAcc (nya/79E6) X-Cache: Miss from cloudfront Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: PUDlUPWa9NKnPxMzol6IllrXgHvFvNj0afITTNMHqQ1ETl-y0o97eg== Age: 4589 --- Additional Info --- Magic: data Size: 471 Md5: 1349bc42374e65404e7c9ea6dc570217 Sha1: 62e1d11d187aa8c7273436ec392bf9409267de9a Sha256: 326582f0d29be8fc61a938b5f6fe2f671443a4129e8826c2355432820918b9ff
GET /widget/widget.js?v=c98ff27 HTTP/1.1 Host: d3rr3d0n31t48m.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	54.230.111.79 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 content-length: 48478 date: Tue, 21 Mar 2023 15:09:14 GMT last-modified: Tue, 21 Mar 2023 15:08:55 GMT etag: "77efb5e80c2b14bb2e6cced80e1dfe96" x-amz-server-side-encryption: AES256 cache-control: max-age=2592000, public content-encoding: gzip x-amz-meta-mtime: 1679411331.62 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: RbwfyMJy185C-C9TbyiYMZHeBCmGcfSQBk7y_UEm5ZSIiN2HLpuZRA== age: 172488 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (817) Size: 48478 Md5: 77efb5e80c2b14bb2e6cced80e1dfe96 Sha1: f924851b294a1dc98d44083606ba680016c236cd Sha256: 91f5ee622d3beadb2e899dff1c1cbf107eb4e5d1168aee060668984d99c77d0f
GET /action/0?ti=26018772&Ver=2&mid=2f187b32-fe45-404d-9d71-36f059ecea33&sid=f705de80c98b11ed9516e165085a293f&vid=f705fe80c98b11ed8d19032d340e88b5&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Select%20your%20plan&kw=cooking,%20EveryPlate&p=https%3A%2F%2Fwww.everyplate.com%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6&r=&lt=3218&evt=pageLoad&sv=1&rn=63774 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	204.79.197.200 HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=00B3CE3199F6646C1736DCEC980365FF; domain=.bing.com; expires=Tue, 16-Apr-2024 15:04:02 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 47A07073FCFE4BFF9EF16943CFF12580 Ref B: OSL30EDGE0211 Ref C: 2023-03-23T15:04:02Z date: Thu, 23 Mar 2023 15:04:02 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /modules.6af44455668b675aade1.js HTTP/1.1 Host: script.hotjar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.111.79 HTTP/2 200 OK content-type: application/javascript content-length: 69096 date: Thu, 23 Mar 2023 14:31:09 GMT accept-ranges: bytes access-control-allow-origin: * cache-control: max-age=31536000 content-encoding: br cross-origin-resource-policy: cross-origin etag: "77f3f89a0a86a9ed3647edf2670ebff3" last-modified: Thu, 23 Mar 2023 14:31:08 GMT strict-transport-security: max-age=2592000; includeSubDomains x-content-type-options: nosniff x-robots-tag: none vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: l7JqBYN0rEm9tFDEPolbMJOmzy4aqVOvyrP919LQKYcapVsgk0sTvw== age: 1973 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (50842) Size: 69096 Md5: 77f3f89a0a86a9ed3647edf2670ebff3 Sha1: 53016e740b30c545ea018af0d2412d1ddf80ad18 Sha256: c82b9db33bfaa349a2a8bc520787f21f5d2519307404e02df877ddf5cb0bdb30
GET /action/0?ti=26018772&Ver=2&mid=2f187b32-fe45-404d-9d71-36f059ecea33&sid=f705de80c98b11ed9516e165085a293f&vid=f705fe80c98b11ed8d19032d340e88b5&vids=0&msclkid=N&ea=PageView&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=397352 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	204.79.197.200 HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=29C9FA531482671607E6E88E15776683; domain=.bing.com; expires=Tue, 16-Apr-2024 15:04:02 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: D493C70BE9AF40C19E67FC28E8378A1F Ref B: OSL30EDGE0211 Ref C: 2023-03-23T15:04:02Z date: Thu, 23 Mar 2023 15:04:02 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/events HTTP/1.1 Host: logx.optimizely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.everyplate.com/ Origin: https://www.everyplate.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.86.47.230 HTTP/1.1 200 OK Content-Type: text/plain Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Origin: https://www.everyplate.com Access-Control-Max-Age: 1800 Allow: POST,OPTIONS Date: Thu, 23 Mar 2023 15:04:02 GMT Server: nginx/1.21.0 X-Request-Id: 75636702-9f7b-49cb-b966-abb34e687621 Content-Length: 13 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with no line terminators Size: 13 Md5: 1424eb76249899d757e4d168341a50dc Sha1: 42101e71440abd46c8112a96d4d5c0dd445120ce Sha256: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
POST /v1/events HTTP/1.1 Host: logx.optimizely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 1035 Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.86.47.230 HTTP/1.1 204 No Content Content-Type: text/plain Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://www.everyplate.com Access-Control-Expose-Headers: X-Results-Data-Source Date: Thu, 23 Mar 2023 15:04:02 GMT Server: nginx/1.21.0 Timing-Allow-Origin: * X-Request-Id: c8a8ace5-e695-404f-8f39-111189c14446 Connection: keep-alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/core-bubble.js HTTP/1.1 Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	52.218.30.8 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: LFDCQJOcKzM6QVAB3MK45Vk/TlaWjgBK6qyIZKweuDZCbvR/g3Ihl2smpDPBJhKMmPLS2Yk7SDQ= x-amz-request-id: 2B1704CT1H2WCC1H Date: Thu, 23 Mar 2023 15:04:03 GMT x-amz-replication-status: FAILED Last-Modified: Tue, 07 Feb 2023 09:25:10 GMT ETag: "4f9eca1bb3e3abc3a0b39117cc9b54d2" x-amz-server-side-encryption: AES256 Cache-Control: no-cache,max-age=0,immutable Content-Encoding: gzip x-amz-version-id: K08vsidhhiopMq7SzX4miABpOCHpzM6X Accept-Ranges: bytes Server: AmazonS3 Content-Length: 1031 --- Additional Info --- Magic: ASCII text, with very long lines (2132), with no line terminators Size: 1031 Md5: 4f9eca1bb3e3abc3a0b39117cc9b54d2 Sha1: 67a1564ce97d6e7d5c0139de09a4bdaf35cca517 Sha256: f275a273641cea011f4a9cba98091e0cf57090db9f6e0a8b35b919d629ffd0af
GET /p/action/26018772.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	204.79.197.200 HTTP/2 204 No Content cache-control: private,max-age=1800 strict-transport-security: max-age=31536000; includeSubDomains; preload x-powered-by: ARR/3.0 x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 0B10FB1C0E3D4B8AB779F2288D810339 Ref B: OSL30EDGE0211 Ref C: 2023-03-23T15:04:02Z date: Thu, 23 Mar 2023 15:04:02 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/production/hellofresh-button-e43a26541055ffe8644286114c4c9d3c.png HTTP/1.1 Host: d6tizftlrpuof.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.245.25 HTTP/1.1 200 OK Content-Type: image/png Content-Length: 1662 Connection: keep-alive Date: Mon, 19 Sep 2022 01:41:08 GMT Last-Modified: Tue, 11 Sep 2018 14:13:18 GMT ETag: "e43a26541055ffe8644286114c4c9d3c" Cache-Control: max-age=315360000, no-transform, public x-amz-version-id: Lqf1EAdAKTfQxfeWY77naff5qlmASary Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: y69Yy6J9nGmfDtIi42wU4hMSV77HkboBGmu2cX2eQglOU5mv-0XDGg== Age: 16032175 --- Additional Info --- Magic: PNG image data, 70 x 200, 8-bit colormap, non-interlaced\012- data Size: 1662 Md5: e43a26541055ffe8644286114c4c9d3c Sha1: 05bfab45fbbced43709d6c7980e583b29d3fe4b1 Sha256: ae023d69b1633912960a55720c9d3d94e6c22fae5d30a9a9a59ed3e908c05483
GET /sessions/919432?s=0.25&r=0.2431665502973377 HTTP/1.1 Host: vc.hotjar.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.230.111.70 HTTP/2 204 No Content access-control-allow-origin: * cache-control: no-store date: Thu, 23 Mar 2023 15:04:02 GMT server: Python/3.8 aiohttp/3.8.4 x-cache: Miss from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PwS32NjPDWe-m5qdzXEFdiVG7Z8gzXAz3eVxLsCyF6q3FotdaGCnTw== X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /input.js HTTP/1.1 Host: shopper.shop.pe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	35.190.54.17 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 x-guploader-uploadid: ADPycdtYE9V_jW_J2z-Z7SJUhhWvSwJx1qaEiCuDbj90B6yiDhIq3l85SsAQ3onuOhnui6hSzWYnp-xwhB03Gmp0jcnoN7zHW1Sc x-goog-generation: 1676478788444714 x-goog-metageneration: 2 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 8877 content-encoding: gzip x-goog-hash: crc32c=cHI6Vg==, md5=Vr5hc7XQu8Voms0uTcQM8g== x-goog-storage-class: STANDARD accept-ranges: bytes content-length: 8877 access-control-allow-origin: * access-control-expose-headers: Access-Control-Allow-Origin server: UploadServer date: Thu, 23 Mar 2023 13:21:03 GMT expires: Thu, 23 Mar 2023 17:21:03 GMT cache-control: public, max-age=14400 age: 6180 last-modified: Wed, 15 Feb 2023 16:33:08 GMT etag: "56be6173b5d0bbc5689acd2e4dc40cf2" vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (17023) Size: 8877 Md5: 56be6173b5d0bbc5689acd2e4dc40cf2 Sha1: a48f9c0ac17d02994370c71af4e0f5ab6ce5401e Sha256: 7cac3b28a677a56fb194ea4bb877e4648d3d9b0f24f2f946f75d94d74d78e0f3
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5475 Cache-Control: 'max-age=158059' Date: Thu, 23 Mar 2023 15:04:03 GMT Last-Modified: Thu, 23 Mar 2023 13:32:48 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 2635 Md5: 85e4d28d2f6ed3932ae701add4ed182d Sha1: 2c2845ca38bf78649ddb05e4b33cc8e3cc37cb79 Sha256: 4454e7a94894a5c8f8177b158d8a1e7e88ed09a61dd98f7e7ba46fc72f3c4316
GET /6349bf73fcae.js?lv=1 HTTP/1.1 Host: w.usabilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.171.128.205 HTTP/2 200 OK content-type: text/javascript date: Thu, 23 Mar 2023 15:04:02 GMT content-length: 10810 cache-control: public,max-age=0 content-encoding: gzip etag: "7c99f56e390cf09a44550249efaee5b9" pragma: no-cache x-widget-server: 2.1 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 471 Md5: 99ecd3e059165c91e1cc035c144f5212 Sha1: 0fa220a3cbf7b815a54a1fd55ae8e95d8162fee6 Sha256: 132087f0f34ceda5c159d97f98bb57a16feffb75434c79e40a2ccb0996f366e2
POST /prop.json HTTP/1.1 Host: f0f735cf6c814b0ba6c9d3e81c10b305-7a37ed0f6797.cdn.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 0 Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.158.164.13 HTTP/1.1 200 OK Content-Type: application/json Date: Thu, 23 Mar 2023 15:04:03 GMT Server: Apache Last-Modified: Thu, 23 Mar 2023 12:09:02 GMT ETag: "2-5f790246e26df" Accept-Ranges: bytes Content-Length: 2 Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Access-Control-Allow-Origin: https://www.everyplate.com Access-Control-Allow-Credentials: true Timing-Allow-Origin: * Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS Connection: close --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 224 Md5: 266c1994fe03f0897886a4b64ee9e9f5 Sha1: 7123820a5e493bc79001422b6a96ba3d7f2b8604 Sha256: e76a289995ca949cee068ba007387fabc9126e869d04b143b60f83d9da05fc61
GET /c/hotjar-919432.js?sv=7 HTTP/1.1 Host: static.hotjar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.111.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Thu, 23 Mar 2023 15:03:28 GMT access-control-allow-origin: * cache-control: max-age=60 content-encoding: br cross-origin-resource-policy: cross-origin etag: W/fa83d8dfe8fe1afd136ae7aee7cfc863 strict-transport-security: max-age=2592000; includeSubDomains x-cache-hit: 1 x-content-type-options: nosniff vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: JKtsp7979kpbcHHhy76voJeLrU3yfLzpLq49tRV_EDdjVx8C5j6YJA== age: 33 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (21469) Size: 14297 Md5: 5e08e2fe95bf1e5ff5525126c50314b2 Sha1: b196a8cbcc26482701df292971673ed951bb9bfa Sha256: 6527a7f1a564962929de7fb42c7a83a5d981d38e4f1805bd4a109d80602bcca3
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.245.110 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Thu, 23 Mar 2023 15:04:03 GMT Last-Modified: Thu, 23 Mar 2023 14:10:05 GMT Server: ECAcc (nya/79CE) X-Cache: Miss from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: B1CvC8yu4rxM-cFdhCh1UHEQzWzYTLovrsH0HLyT9IzJW8AdWzw8IA== Age: 3238 --- Additional Info --- Magic: data Size: 471 Md5: 16b37da4e00b760120db2510ca3a3bea Sha1: 29722d25ce28ab58a8f79dc4d1d124c8f3c8a725 Sha256: fa70f3f63310890b07aaf2a277b36ac45c2bbceb7c89a89761edc169819158d4
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.245.110 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Thu, 23 Mar 2023 15:04:03 GMT Last-Modified: Thu, 23 Mar 2023 13:25:34 GMT Server: ECAcc (bsa/EB76) X-Cache: Miss from cloudfront Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: jHwpt9gSqyxX4CyHJUim4I605YtbJjnGfVGrIQ1enYZ1U1z6654JcA== Age: 5909 --- Additional Info --- Magic: data Size: 471 Md5: 16b37da4e00b760120db2510ca3a3bea Sha1: 29722d25ce28ab58a8f79dc4d1d124c8f3c8a725 Sha256: fa70f3f63310890b07aaf2a277b36ac45c2bbceb7c89a89761edc169819158d4
GET /7a37ed0f6797/f0f735cf6c814b0ba6c9d3e81c10b305/prop.json?_=1679583850994 HTTP/1.1 Host: cdn0.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.204.202.163 HTTP/1.1 200 OK Content-Type: application/json Access-Control-Allow-Origin: https://www.everyplate.com Vary: Origin Access-Control-Allow-Credentials: true Timing-Allow-Origin: * Cache-Control: no-cache Expires: -1 Pragma: no-cache Connection: keep-alive Date: Thu, 23 Mar 2023 15:04:03 GMT Transfer-Encoding: chunked --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 20 Md5: 5820854f62a6eb3d38ba7ba0d1b3ea75 Sha1: 639df0b84fe699b4a290a713fd6b9a94bd4deb95 Sha256: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /5e583961e694aa04a4e32b17/5ecd5aa7d559300469446a88/A.js?_t=1663082965 HTTP/1.1 Host: addshoppers.s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	52.217.165.97 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 x-amz-id-2: ZQh/ZK9RM29KhPGTpz13Drx8IDRkekLiBiHCZh923DdXEtiNzrVM3ugbe/O3rolIL12VHnbtseQ= x-amz-request-id: EH476SC9W229SVBH Date: Thu, 23 Mar 2023 15:04:04 GMT Last-Modified: Tue, 13 Sep 2022 15:29:26 GMT ETag: "770a0a06a68de5aca73a7fedaed6b5e5" Cache-Control: max-age=2592000, public Content-Encoding: gzip x-amz-version-id: UafNIQ4XPZkFy5l52GGKUhPZw4bwSwUT Accept-Ranges: bytes Server: AmazonS3 Content-Length: 3817 --- Additional Info --- Magic: ASCII text, with very long lines (15885), with no line terminators Size: 3817 Md5: 770a0a06a68de5aca73a7fedaed6b5e5 Sha1: d0e5fa9b991724514d7c6af5999b6d6bf4ae8ba5 Sha256: be05855c74d826886090640a79bef857a3880a5385160d7a87fe902f3428f5f1
GET /customize/5e583961e694aa04a4e32b17/5522f21c998642228d40763002e33e18.js?_t=1679573197 HTTP/1.1 Host: addshoppers.s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	52.217.165.97 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 x-amz-id-2: nOz9neeNu5GcZx4/2WvpTelw1unuaHv8LUEY9pIg9qrDaBYBq/CqUi4tTHYmIgqOxoy6PC6oXcs= x-amz-request-id: EH41CE00TJTQC6W5 Date: Thu, 23 Mar 2023 15:04:04 GMT Last-Modified: Thu, 23 Mar 2023 12:06:39 GMT ETag: "28aa5e4aa5fbca451ec15050d843e139" x-amz-server-side-encryption: AES256 Cache-Control: max-age=2592000, public Content-Encoding: gzip x-amz-version-id: CkV2cshRxijiyS3LknyH8Ye54xre5kzm Accept-Ranges: bytes Server: AmazonS3 Content-Length: 1595 --- Additional Info --- Magic: ASCII text, with very long lines (6858), with no line terminators Size: 1595 Md5: 28aa5e4aa5fbca451ec15050d843e139 Sha1: e15636912f8b74ca88a944d69fd3ecc2d6699cb4 Sha256: 0ab5d3e9dd91f51b4a84ec1cfa53e34fd20ad6a605beda2024c40ebbec884f0b
GET /5e583961e694aa04a4e32b17/640f90f4b8357f03c9638364/A.js?_t=1679426009 HTTP/1.1 Host: addshoppers.s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	52.217.165.97 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 x-amz-id-2: 5LX12I46elM2gXIWpd/CuJg3EXgbdvT6tPZ4A8kh5QHCzg+oCn6S8i0x5HUJlOuIZAywIGMTrqo= x-amz-request-id: EH47TEJ3PD6KYDA5 Date: Thu, 23 Mar 2023 15:04:04 GMT Last-Modified: Tue, 21 Mar 2023 19:13:31 GMT ETag: "b1561dc28c086e590879557e979372cb" x-amz-server-side-encryption: AES256 Cache-Control: max-age=2592000, public Content-Encoding: gzip x-amz-version-id: _.AcgeAavocLOZqnWks2xpFFxdBmyVvB Accept-Ranges: bytes Server: AmazonS3 Content-Length: 1196 --- Additional Info --- Magic: ASCII text, with very long lines (4850), with no line terminators Size: 1991 Md5: e842cf6bbb918ad3a3cb7a63076a6cc2 Sha1: e2f7c0346f0a28058f0524ecf15bbf595cb0ce9f Sha256: d0db12f41cdc4956230eee207b8e0255bb872574c57ca54604ccb950b6073a9b
OPTIONS /app/attribution HTTP/1.1 Host: app.shop.pe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.everyplate.com/ Origin: https://www.everyplate.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	35.227.244.1 HTTP/2 204 No Content server: nginx date: Thu, 23 Mar 2023 15:04:03 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH x-frame-options: deny strict-transport-security: max-age=31536000; includeSubDomains via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7a37ed0f6797/f0f735cf6c814b0ba6c9d3e81c10b305/prop.json?_=1679583851648 HTTP/1.1 Host: cdn0.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.204.202.163 HTTP/1.1 200 OK Content-Type: application/json Access-Control-Allow-Origin: https://www.everyplate.com Vary: Origin Access-Control-Allow-Credentials: true Timing-Allow-Origin: * Cache-Control: no-cache Expires: -1 Pragma: no-cache Connection: keep-alive Date: Thu, 23 Mar 2023 15:04:03 GMT Transfer-Encoding: chunked --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 20 Md5: 5820854f62a6eb3d38ba7ba0d1b3ea75 Sha1: 639df0b84fe699b4a290a713fd6b9a94bd4deb95 Sha256: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=87367 Date: Thu, 23 Mar 2023 15:04:03 GMT Etag: "641b047c-1d7" Expires: Fri, 24 Mar 2023 15:20:10 GMT Last-Modified: Wed, 22 Mar 2023 13:37:00 GMT Server: ECAcc (bsa/EB32) X-Cache: Miss from cloudfront Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: zhEeMkmKgRrvpAjjk8mf4twR1ZGc9kx2hHBX12tx43zPF6tmTlAIwQ== Age: 6190 --- Additional Info --- Magic: data Size: 471 Md5: b7ab7ef649fc9a04c828187bee9e1ec1 Sha1: 33678509bce368f7d5cdf03cc1742e87f2056d37 Sha256: ca1f35374e6cab6336208f03e0787ba323bff8cb3296b5986d0077678a646019
GET /iframe?vcp=4dd5h0np&as_id=9b63ab3b659c4dd5bc58de3094ca0ae4 HTTP/1.1 Host: nytrng.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	99.83.128.14 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 23 Mar 2023 15:04:03 GMT content-length: 417 server: gunicorn X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (417), with no line terminators Size: 417 Md5: c2773f257b80be60fb721cf17d144b16 Sha1: 8cf45ac9036ec30a0e8d9d1152f10cd450fc6516 Sha256: 1ca7802a16d35f341ac89b1529af5a038caabc473efaae988dab2f33059b613c
GET /logo_small.gif?dfpadname=&check=1679583851941 HTTP/1.1 Host: duuytoqss3gu4.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.245.35 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Tue, 21 Mar 2023 07:08:19 GMT last-modified: Thu, 16 Mar 2017 14:48:30 GMT etag: "b4491705564909da7f9eaf749dbbfbb1" cache-control: max-age=1296000 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: kz5Y2Q39GUkPcqoA7xSLirdxANcQWK7-t0MjseFGBQKqFAYihwUKMg== age: 201345 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /logo_large.gif?1679583851941&-linkd-32. HTTP/1.1 Host: duuytoqss3gu4.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.245.35 HTTP/2 200 OK content-type: image/gif content-length: 43 date: Wed, 15 Mar 2023 03:31:03 GMT last-modified: Thu, 16 Mar 2017 14:48:02 GMT etag: "b4491705564909da7f9eaf749dbbfbb1" cache-control: max-age=1296000 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: DhXsfYbLgmqJCRHd4Ma3Keebx6J_kdvpFJrs-p0cNX_zyG_-V99E3A== age: 732781 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /7a37ed0f6797/f0f735cf6c814b0ba6c9d3e81c10b305/prop.json?_=1679583851950 HTTP/1.1 Host: cdn0.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.204.202.163 HTTP/1.1 200 OK Content-Type: application/json Access-Control-Allow-Origin: https://www.everyplate.com Vary: Origin Access-Control-Allow-Credentials: true Timing-Allow-Origin: * Cache-Control: no-cache Expires: -1 Pragma: no-cache Connection: keep-alive Date: Thu, 23 Mar 2023 15:04:03 GMT Transfer-Encoding: chunked --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 20 Md5: 5820854f62a6eb3d38ba7ba0d1b3ea75 Sha1: 639df0b84fe699b4a290a713fd6b9a94bd4deb95 Sha256: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /logo_medium.gif?check=1679583851941&refererPageDetail= HTTP/1.1 Host: duuytoqss3gu4.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.245.35 HTTP/2 200 OK content-type: image/gif content-length: 43 last-modified: Thu, 16 Mar 2017 14:48:14 GMT accept-ranges: bytes server: AmazonS3 date: Wed, 15 Mar 2023 16:01:44 GMT cache-control: max-age=1296000 etag: "b4491705564909da7f9eaf749dbbfbb1" x-cache: Hit from cloudfront via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: UuwSCxp7Srw-fMWUBU1nGladCxbmhpJKEUnw1Fhksmaxyk6Z449Q9Q== age: 1040991 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5673 Cache-Control: max-age=116389 Date: Thu, 23 Mar 2023 15:04:03 GMT Etag: "641b77df-1d7" Expires: Fri, 24 Mar 2023 23:23:52 GMT Last-Modified: Wed, 22 Mar 2023 21:49:19 GMT Server: ECAcc (ska/F7A3) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 817b4a936976c19bc63c1bc5e46c9fe0 Sha1: c2d0d37a873586e8236d92f1658abfe501149d79 Sha256: 5ead8034dc98eca53a457aab99b259b28e2d08badf32447b07a714f482aa221c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:03 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: dbc894785ae20116c66b1cc6cccad36f Sha1: 6eda4388f08c74b4889aa28de5b314fbf610b4f9 Sha256: dbe9dc4e1f970aeda1c2d439eaa58135358b3d4f04c9b774cec2cbc3feee25bd
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:03 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d09ed5b5ccfa429cf3ded7d6634ce586 Sha1: e1d26f666c2b0ecf75aa847b3ee907c41514b588 Sha256: b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /app/attribution HTTP/1.1 Host: app.shop.pe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 84 Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	35.227.244.1 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx date: Thu, 23 Mar 2023 15:04:03 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR" set-cookie: _xsrf=2\|09045558\|9d3146a1322d26ebb5b6669133f84146\|1679583843; Path=/ x-frame-options: deny strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 92 Md5: ac6d809216159bd642351eb7a63ed7b2 Sha1: be2e6e62ca23aeca2430b314c83ac635062f2849 Sha256: ca4b749c0a335dcb1540bb82d39355017bfbc4d9f4d4d967bf2ae6f465bb1d85
GET /pagead/viewthroughconversion/812248422/?random=1679583841859&cv=10&fst=1679583841859&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024&gtm=45h91e33l1&url=https%3A%2F%2Fwww.everyplate.com%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6&tiba=Select%20your%20plan&auid=175134034.1679583842 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	216.58.211.2 HTTP/2 302 Found content-type: image/gif p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 15:04:03 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate location: https://www.google.com/pagead/1p-user-list/812248422/?random=1679583841859&cv=10&fst=1679583600000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024&gtm=45h91e33l1&url=https%3A%2F%2Fwww.everyplate.com%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6&tiba=Select%20your%20plan&is_vtc=1&random=3327150293 x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 15:19:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 15a79d87680ced9baa769b58a70a08c9 Sha1: 5a6bd5d054b135b021d03f3148a249aa274d5930 Sha256: 9e075624b17dbee04f9cd5544c2f0f053f4fadfc49ab3572edd5f350c35a7816
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d09ed5b5ccfa429cf3ded7d6634ce586 Sha1: e1d26f666c2b0ecf75aa847b3ee907c41514b588 Sha256: b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
OPTIONS /7a37ed0f6797/f0f735cf6c814b0ba6c9d3e81c10b305/wpt.json HTTP/1.1 Host: cdn0.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.everyplate.com/ Origin: https://www.everyplate.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.204.202.163 HTTP/1.1 204 No Content Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Vary: Access-Control-Request-Headers Access-Control-Allow-Headers: content-type Content-Length: 0 Date: Thu, 23 Mar 2023 15:04:04 GMT Connection: keep-alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=146080 Date: Thu, 23 Mar 2023 15:04:04 GMT Etag: "641bf0aa-1d7" Expires: Sat, 25 Mar 2023 07:38:44 GMT Last-Modified: Thu, 23 Mar 2023 06:24:42 GMT Server: ECAcc (bsa/EB4C) X-Cache: Miss from cloudfront Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: gRow_YUVYGANjg6KMDtQu40mKFUxyH9R8HO6vh9grIn39xA6SIToOQ== Age: 4442 --- Additional Info --- Magic: data Size: 471 Md5: 0d331201b9b68e0f9175b51356ecf396 Sha1: 052d093ab5d656c97f3f9b616d346ee0089bd327 Sha256: 2437e69f9aeec9d532abd7afa6807e439075e589ba25efb06173248d10b85a33
GET /pl.2.2.min.js HTTP/1.1 Host: cdn.nytrng.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nytrng.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	54.230.111.74 HTTP/2 200 OK content-type: text/plain content-length: 0 date: Thu, 09 Mar 2023 01:09:36 GMT last-modified: Wed, 31 Jul 2019 16:57:19 GMT etag: "d41d8cd98f00b204e9800998ecf8427e" x-amz-version-id: null accept-ranges: bytes server: AmazonS3 x-cache: Error from cloudfront via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: FbSeRSR-eiPEupghMf8g3eQ2PIEQpCP2m3CdUgOdCSJYepfzAB6Dxw== age: 1259668 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /7a37ed0f6797/f0f735cf6c814b0ba6c9d3e81c10b305/wpt.json HTTP/1.1 Host: cdn0.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json; charset=utf-8 Content-Length: 29 Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.204.202.163 HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Access-Control-Allow-Origin: https://www.everyplate.com Vary: Origin Access-Control-Allow-Credentials: true Timing-Allow-Origin: * Cache-Control: private, no-cache, no-store Expires: -1 Pragma: no-cache Content-Length: 20 ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U" Date: Thu, 23 Mar 2023 15:04:04 GMT Connection: keep-alive --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 20 Md5: 5820854f62a6eb3d38ba7ba0d1b3ea75 Sha1: 639df0b84fe699b4a290a713fd6b9a94bd4deb95 Sha256: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 8795e5b287f501dc39ee441cd6bd7125 Sha1: 9d420cfc40477940eff7fcfc1aee2c7731fd17a5 Sha256: a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
GET /pagead/1p-user-list/812248422/?random=1679583841859&cv=10&fst=1679583600000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024&gtm=45h91e33l1&url=https%3A%2F%2Fwww.everyplate.com%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6&tiba=Select%20your%20plan&is_vtc=1&random=3327150293&ipr=y HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.everyplate.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	216.58.207.227 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 15:04:04 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/812248422/?random=2062917470&fst=1679583841861&cv=10&fmt=3&label=GMHsCOagyJ0DEP367MUB&bg=ffffff&guid=ON&u_w=1280&u_h=1024&gtm=45h91e33l1&value=0&url=https%3A%2F%2Fwww.everyplate.com%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6&tiba=Select%20your%20plan&data=event%3Dpage_view%3Bcd42%3DUS%3Bcd5%3DMVO139E%3Bcd6%3DMVO139E%3Bsd%3D24-bit%3Bsr%3D1280x1024%3Bvp%3D1280x939%3Bul%3Den-US%3Bhashed_em%3D%3Bcd9%3D%2Fplans%3Bcd10%3D%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6%3Bdh%3Dwww.everyplate.com%3Bpage_hostname%3Dwww.everyplate.com%3Bde%3DUTF-8%3Bgjid%3D440497750%3Bhftr%3D288996551.1679583849%3Bpage_path%3D%2Fplans%3Fmealsize%3D4-5%26c_comms%3DPER-SERVING%26c%3DMVO139E%26utm_source%3DM1%26utm_medium%3Dcpa%26utm_campaign%3D100334796%26utm_id%3Dcj~15435836%26cjevent%3Defb8ebd9c98b11ed81a9b8ef0a18b8f6%3Bhf_event_name%3Dpage_view%3Btimestamp_seconds%3D1679583849&auid=175134034.1679583842&uip=91.90.42.0&s3p=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBIdm9BWVFpSV9WcWVlU284RmZFaVVBV0JGajlwT1RzT3BnWmpja0xpVlcxZWlmY0dPOHc1Zno0bGlhWmFzY2h1c1h3eGNRGldDaEFJOFBIdm9BWVFfYTZOcFBmNWxQNXdFaTBBRUF0MWtaYWN3dDRHWUdjRTdhV3dhTnBrOHRkVk9qdEh5QXNsWmZiM3Y2R1VLX09wd2VEYVBPMy1xMU0&is_vtc=1&ocp_id=Y2ocZIutO5aK-cAPqqqQ2A4&eitems=ChEI8PHvoAYQ4MDuh9vm8PSEARIdAIIL5W_pQ6kEbucYWPZKqUU8ditasfN_ZQUunZg&random=146696041&ipr=y&prhg=0 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.everyplate.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	216.58.207.227 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 15:04:04 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.163 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 15:04:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 8795e5b287f501dc39ee441cd6bd7125 Sha1: 9d420cfc40477940eff7fcfc1aee2c7731fd17a5 Sha256: a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
POST /events HTTP/1.1 Host: cdn3.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain; charset=utf-8 Content-Length: 20033 Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.211.16.239 HTTP/2 200 OK date: Thu, 23 Mar 2023 15:04:04 GMT access-control-allow-origin: https://www.everyplate.com vary: Origin access-control-allow-credentials: true timing-allow-origin: * cache-control: private, no-cache, no-store expires: -1 pragma: no-cache strict-transport-security: max-age=86400; includeSubDomains X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 6739 Md5: fcac5f3f850e0c50cfcbb238f41884b1 Sha1: 347ba3deab2b36d057855d9550029af1e3a16c04 Sha256: cc76bdfca4939f603ebad177f740b82766aa02f13b79f0dde1010501e770a00a
GET /core-tagging-container HTTP/1.1 Host: tms.hft.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	34.160.69.63 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control vary: Accept-Encoding, Accept-Encoding cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 accept-ranges: none x-cloud-trace-context: f034750eb7c3b824fc9aa80c50bace03 date: Thu, 23 Mar 2023 15:03:58 GMT server: Google Frontend via: 1.1 google content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sn/7a37ed0f6797/script.js HTTP/1.1 Host: 7a37ed0f6797.cdn4.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	54.230.111.69 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 23 Mar 2023 13:34:45 GMT strict-transport-security: max-age=86400; includeSubDomains access-control-allow-origin: * timing-allow-origin: * last-modified: Thu, 23 Mar 2023 13:34:45 GMT expires: Thu, 23 Mar 2023 13:39:45 GMT cache-control: private, max-age=300 x-sourcemap: https://cdn4.forter.com/map/suid/7a37ed0f6797/81053984317 content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: MsN0NdccdbKGNCfiJSYm7zHH4e9YDsDtE6vGTmSMtSkErptBy-g_kg== age: 5356 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /app/datapartners/status?usersite_id=5e583961e694aa04a4e32b17 HTTP/1.1 Host: app.shop.pe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.227.244.1 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx date: Thu, 23 Mar 2023 15:04:03 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR" etag: W/"0467ba22658b680d6de72dc567071b5bc495547f" set-cookie: _xsrf=2\|c61547a2\|4f1e4bf577b2a818f74a535e542583e4\|1679583843; Path=/ x-frame-options: deny strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /vchk2 HTTP/1.1 Host: cdn9.forter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: eyJyIjowLjg4NDEwMDM4NTExNTQzMzUsInUiOiJmMGY3MzVjZjZjODE0YjBiYTZjOWQzZTgxYzEwYjMwNSIsInMiOiI3YTM3ZWQwZjY3OTcifQ== Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.everyplate.com Connection: keep-alive Referer: https://www.everyplate.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	54.230.111.53 HTTP/2 301 Moved Permanently location: https://cdn9.forter.com/vchk2/v1/28bf0c9c3f4f7f2d3b77ba1b18fc06eda1b5cd027a8b136db9b5605fedc7c211ac7f4bc96a125fe4d1f44bdda570 date: Thu, 23 Mar 2023 15:04:02 GMT access-control-allow-origin: * timing-allow-origin: * cache-control: private, s-maxage=0, proxy-revalidate strict-transport-security: max-age=86400; includeSubDomains x-cache: Miss from cloudfront via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: vC_qHeu6SZ5AHmR6Q3P5YZx_vlfKmMkmsa14sRYzZ0mOz3psbYpo7w== X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /plans?mealsize=4-5&c_comms=PER-SERVING&c=MVO139E&utm_source=M1&utm_medium=cpa&utm_campaign=100334796&utm_id=cj~15435836&cjevent=efb8ebd9c98b11ed81a9b8ef0a18b8f6 HTTP/1.1 Host: www.everyplate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	104.18.153.11 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 23 Mar 2023 15:03:58 GMT cf-ray: 7ac7906cba620b4d-OSL age: 34 cache-control: public, max-age=14400 content-language: en-US last-modified: Thu, 23 Mar 2023 05:46:07 GMT vary: Accept-Encoding cf-cache-status: HIT x-content-type-options: nosniff x-envoy-upstream-service-time: 1138 x-frame-options: SAMEORIGIN x-powered-by: Next.js x-xss-protection: 1; mode=block set-cookie: __cf_bm=KHIIfoJJGinEhpYaa4IXo7ADcmGaABCB2y8oqweUFTw-1679583838-0-AeWj+jN6xzDIq11YbyWb4l7IsWi+/V1Gl0kiSj1ah/UVl5TZ/XFRaFlo2093Itl83ySjuS4Zg70ag2FeFzSYLfA=; path=/; expires=Thu, 23-Mar-23 15:33:58 GMT; domain=.everyplate.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

URL	cj.dotomi.com/2m104zw43M/w27/LPONPSNQ/LKKNNORTQ/K/K/K?d=sxni=Dfi56hjDAB8f97EfDCCiD6C6ff888ghC<<myyux://111.pv43ko.htr/hqnhp-655889CEB-6A98AD8B<<L<myyu://111.4fqpp1jjy.htr<<6<6<5<5<5<
IP	89.207.16.75 (United States)
ASN	#41041 Conversant LLC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-03-23 15:04:09 UTC
Status	Loading report..
IDS alerts	6
Blocklist alert	0
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (46)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 89.207.16.75

Last 5 reports on ASN: Conversant LLC

Last 5 reports on domain: dotomi.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (102)

Executed Evals (60)

#1 JavaScript::Eval (size: 91) - SHA256: e5407c3dc49df806852d124bd22cceedf10193415554bc87255c0d431ad940a8

#2 JavaScript::Eval (size: 15081) - SHA256: 0145ad33b61d38490867e34c74d558254d064e1a521999fba4d255d9d2cfd65e

#3 JavaScript::Eval (size: 437) - SHA256: f58a94b1c4ce4beb544851d2eda967102edaf7a7f2f3a656666e38b8420a9146

#4 JavaScript::Eval (size: 144) - SHA256: 83922537c84ccef06c4604729d8e467094cc38f9c2f60061b7ed7509b4b3bd1b

#5 JavaScript::Eval (size: 94) - SHA256: ac0268139721ab8a26417da204639ecf4c993bd6805a6432e9d6649052eff371

#6 JavaScript::Eval (size: 85) - SHA256: a04c3943442defab7094288a6d20b07a844d53e39fbbdb544a772da02904073c

#7 JavaScript::Eval (size: 47) - SHA256: 0b0baeb1d9c708a2ebe0feced3d1f71ed6144e89b3e243f1f6d66df89a038fa1

#8 JavaScript::Eval (size: 2049) - SHA256: 2e5fdf7e51dd3d0a477b38983ec646f70009258d26cd64857aecb7cf2d87cf9f

#9 JavaScript::Eval (size: 85) - SHA256: ecec43915794e6ecfd8b38a35d132fabff8395afdff96c107a9c0fb066f222ac

#10 JavaScript::Eval (size: 1420) - SHA256: 2468a5e39ec6e778ecb183a7ec9ff3350ca98631ec721451a6dcafa9e2fa3c4e

#11 JavaScript::Eval (size: 114) - SHA256: fd1f78ba7a1e8007b212b79031b555483e2af459035133e31d22e889f1587f91

#12 JavaScript::Eval (size: 171) - SHA256: 2cd6b9f44c3796c6777283eb0135f5d52a42fc6a62accc76e13b2cd801a7a8ce

#13 JavaScript::Eval (size: 1420) - SHA256: f6065a343fc48de08e024a98be686fcd66826f6fff0fa16ab1b37704c19ace32

#14 JavaScript::Eval (size: 144) - SHA256: dd1b8c4063733dd45a514f6db9b8ca6726279dbd122bed5bf04a3280ecfaa97a

#15 JavaScript::Eval (size: 68) - SHA256: dba9548a74568742c5f058172eb98a0b94a46265c49aec0d1d37c0b53aec661a

#16 JavaScript::Eval (size: 1420) - SHA256: 5c8d4261e29d18099618cb50117d56442399c667a14de0b624bfc6d127b961ef

#17 JavaScript::Eval (size: 114) - SHA256: 408f7c709f93c9942ba04ca5b7a300901562b7abd208a4bbd01c8957b3a9b1f2

#18 JavaScript::Eval (size: 144) - SHA256: a604d305c652f7300b435de9a4ed782c618430bd9a187aeaa18394fa21d77362

#19 JavaScript::Eval (size: 171) - SHA256: ffbd4c0161a80fe9644379627ebbf06ffcff7466a6deb69b81f9061d48f522f0

#20 JavaScript::Eval (size: 55) - SHA256: 7298340c9215e92c591ef8f21c78035181c3cc1ffd71ccc91e062f563f6e3fac

#21 JavaScript::Eval (size: 85) - SHA256: 0980fc20a4b3f9c655a8b391dbad44b8ba3b3d7bdd47fbec6ee4482fbcd9695d

#22 JavaScript::Eval (size: 171) - SHA256: 7398a51dc4d19afc07536c2d0aaafd2cdb11dac0acb824f1692e2d671361f25b

#23 JavaScript::Eval (size: 1420) - SHA256: 12046c175ab54e3091403cf2c323cc334253eb2a6fbc8519d48987378d525725

#24 JavaScript::Eval (size: 84) - SHA256: be4639d8879487a9267326640f1fad4a3b0453b9495fe26b002ad009693db13b

#25 JavaScript::Eval (size: 144) - SHA256: fcd0aaeef2137a714fbb84c693128e7b1e202c785c9f9b58626b8e0124a20e29

#26 JavaScript::Eval (size: 1420) - SHA256: ec9ecc6d2a0a86f0a69a46a001297ef62da0858fdb65e7f8a0460a8994273163

#27 JavaScript::Eval (size: 171) - SHA256: 51f66d8a027ad26b87ce204829c41087199e93cda466d602f5c4d5f509a021d9

#28 JavaScript::Eval (size: 43) - SHA256: 007cddfce59ab3c7b0d940e987ebe2c27ee1c2a171052809bdfd91f94a66f1db

#29 JavaScript::Eval (size: 84) - SHA256: f3263094657350f2f8eb6131a742dc55abeaec74b080c6428d82cb0dd0ebf650

#30 JavaScript::Eval (size: 144) - SHA256: 507919c085b18fabac7d26499091e0ddcbab074c6f2ea82c1d38699a8acb371e

#31 JavaScript::Eval (size: 144) - SHA256: c7a200b7707339ed16ad4db047aa7334b0cae795721f0198c5c0ce987900050c

#32 JavaScript::Eval (size: 85) - SHA256: dc0e2ae95d401895c5d38d339b291a0d36b10fbbfde8973025dc3b8337cec04c

#33 JavaScript::Eval (size: 114) - SHA256: 916c32024f12657be1b76519232ff234413f00d127ab1a07f19ab5d4887563c5

#34 JavaScript::Eval (size: 1420) - SHA256: a3a63cbda7d31f5e991c1ce6661f00478ed5e64056770236a2a80053631fa955

#35 JavaScript::Eval (size: 85) - SHA256: b87edbcc66538ceb2730249093976a8e5dd4889ad16c734a9e5d3bdcb01f1a5d

#36 JavaScript::Eval (size: 85) - SHA256: 0a39ceafe342651825802b1d736ff93e7a60352be0123a8540a0e8d954b39321

#37 JavaScript::Eval (size: 171) - SHA256: c15eafcfca84d114c5c240e3dec441eaa06b053aaf19a2917ff309c9eb46922d

#38 JavaScript::Eval (size: 144) - SHA256: 00170ec6864ad1b1e1d5d015c4623fb7eeba8f6dcd20ac2358ef710acfe912f3

#39 JavaScript::Eval (size: 88) - SHA256: c7c5a76efc739a55534f9d32c21e209cb6f605c3de6e3d6abc2f5a1158f652fc

#40 JavaScript::Eval (size: 144) - SHA256: a4ac4945372f84a516442b0471eb0e1713fd715842c9637be1497946fcd5bfc0

#41 JavaScript::Eval (size: 114) - SHA256: c18839c83ff0dc17e0d7f9757dd2e4807e992f3d4db463e9c71ceef39b0385cc

#42 JavaScript::Eval (size: 260) - SHA256: 23f6bb2bf69256661c531072b42e74f544d609a828ab2918c285b454ecc45d57

#43 JavaScript::Eval (size: 171) - SHA256: bb580c4f2044d75164d20641e3e5f16b6f4e764c45bc3714752fcdab58d70c14

#44 JavaScript::Eval (size: 1915) - SHA256: 343d6c43991ff0597ce65a59714b85c774be820c2d96e0905a889a4bfc8fd2c6

#45 JavaScript::Eval (size: 1419) - SHA256: a07360788b5a68f95beff997b84423b2ff17356bc3e6f501d785de3e35d5b468

#46 JavaScript::Eval (size: 171) - SHA256: f4a4046a3d49139eec6eff2ffe750b71e365044fbcce4fe49aaa5d832b67158d

#47 JavaScript::Eval (size: 85) - SHA256: b1a25ae378b3ac87fda442fa15b61c930a1e0b69ee532316cd9121523624c49b

#48 JavaScript::Eval (size: 85) - SHA256: 40094d0e457cca4c5a3588ad6331637d76560d166747873af46a43690316314b

#49 JavaScript::Eval (size: 274) - SHA256: 9acc977704569aa9c179f29799b7f6efcdea0690920991ab78bd0eb51d96fee3

#50 JavaScript::Eval (size: 114) - SHA256: d16b0ed33f25df04e030763e6297127ba9d5128d085ba3b116286ba62921421f

#51 JavaScript::Eval (size: 91) - SHA256: 234ab0e7b721721e814afc697c8dd0ea416a890f5cbd409a74cc066d66962820

#52 JavaScript::Eval (size: 170) - SHA256: 519c734c12dab554ec75ddf945cb770e6b7a1c4f7b4b15f629b42d729d0535bd

#53 JavaScript::Eval (size: 1420) - SHA256: 454941d0d37940864217e3b8a8606a1cb6c28b993b107b74ffd35511c9236be0

#54 JavaScript::Eval (size: 87) - SHA256: 7f04d3d2edc0da059f98dcf6f1ac6d0f768ef0dc784833acdec93a1c66bf7cb8

#55 JavaScript::Eval (size: 1420) - SHA256: e4b611c9127aab7fda1eb3ba1b18983d8825de86e4443744d8878ddc539744c7

#56 JavaScript::Eval (size: 171) - SHA256: e3a39d925729d3252c254f404b3ff7e5706fdcd1b1522b7449893f93f7d0a38a

#57 JavaScript::Eval (size: 84) - SHA256: 35b0a2b3cb0cd5eeb26f94e3225d660313b82aa843ccf97cb7eb4775847af9a6

#58 JavaScript::Eval (size: 91) - SHA256: 798712397ddaf622d667052b2f6cff3fd68a96dff7c29c9aec4f0fd1f72a0ee7

#59 JavaScript::Eval (size: 91) - SHA256: 3bdf553a70f0797b9d4acc0e1c6f00f492b904653b71de38fac01e38a8224e99

Network Intrusion Detection Systems