firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 09:14:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7MSO7qT454P-hr7MNzP89exuQb55da67XTuLefTcl_lSHkacrr-JAg==
Age: 3544
generatorsplus.kohlergeneratordealer.com/
104.196.98.241301 Moved Permanently 17 B URL HTTP/1.1 generatorsplus.kohlergeneratordealer.com/
IP 104.196.98.241:0
File type ASCII text, with no line terminators
Hash 58ace0ea86287f4a3c3258b0af3e6993
e04c5335922c5e457f0a7cd62c93c4a7f699f829
d18ed36671b8618520016c81125aa889a5b800872038c5e009ef49cd305088cd
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: generatorsplus.kohlergeneratordealer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://generatorsplus.kohlergeneratordealer.com/
Date: Sun, 25 Sep 2022 10:13:59 GMT
Content-Length: 17
Content-Type: text/plain; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5574
Expires: Sun, 25 Sep 2022 11:46:53 GMT
Date: Sun, 25 Sep 2022 10:13:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Df2nLp2TQriU9nvchX_EZJ_1KE7JwDiITexIEeIxwNFamVRKEv6zlg==
age: 20325
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 10:13:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 10:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 10:12:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z5TgVsLTL6l0-pHt2queul2WM2Yrg732uALFN8gh7-2Fw_A31I7dgw==
Age: 582
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 41d2fc897cc2ebf8399f33f9ea646645
9c1ebf0bfc9caccd26f83666d5042d3ee40d8208
be96e24ebf1d01f86e3c67b9744ca11252a9eb69177aae7e7bf11423f6e52862
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE96E24EBF1D01F86E3C67B9744CA11252A9EB69177AAE7E7BF11423F6E52862"
Last-Modified: Fri, 23 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 16:13:59 GMT
Date: Sun, 25 Sep 2022 10:13:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4547
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:13:59 GMT
Last-Modified: Sun, 25 Sep 2022 08:58:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: da5nOfvvh9sFlFcgol3kDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ca3KiGVVe4CfpxRt/08zMN1eKtI=
js.sentry-cdn.com/6c3673536dd7432188432efead68c915.min.js
151.101.194.217200 OK 1.0 kB URL HTTP/2 js.sentry-cdn.com/6c3673536dd7432188432efead68c915.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (512)
Hash 95b93bec0d09a7293f3910d8cf7ca6e4
ace9fce1b4ad117e844d22f88cc8a6e920985e71
0265cbe73dfcb0d9dfe01d823436414b04179ae6f6a2793e6a0876b9d4fb4914
GET /6c3673536dd7432188432efead68c915.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 12
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 10:14:00 GMT
age: 5205
x-served-by: getsentry-web-default-production-5bb879855d-mzbfw, cache-bma1654-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1022
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.13.0/bundle.es5.min.js
151.101.194.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.13.0/bundle.es5.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (61962)
Hash 0f00bb4d8082c2dff484801165c5f4af
f60bc39232156ff8d8c317714b6753f8ddf9b7b0
1a46a51d2f9c1e77aca1ba964bae66fe9848bac3b1d85a52fcf3c3ed41eaf677
GET /7.13.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 15 Sep 2023 14:46:33 GMT
last-modified: Thu, 15 Sep 2022 13:13:25 GMT
etag: "0f00bb4d8082c2dff484801165c5f4af"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 10:14:00 GMT
age: 847646
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20171
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4DF7M
142.250.74.72200 OK 96 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4DF7M
IP 142.250.74.72:0
File type ASCII text, with very long lines (58586)
Hash 54e8ae9e7fce128a4b127a43d7936c50
c2dcc55a8bbaa83ddd7e1b39267915254820b816
2e35d2aa90ac31ffd60a58172cd1d0b71f9898ac07f7e6faa39d7ab277b96c0a
GET /gtm.js?id=GTM-K4DF7M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 10:14:00 GMT
expires: Sun, 25 Sep 2022 10:14:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash db5859eae71e6a442724a46e72507d0b
1ad362ce627faccec6d082de69ae4ad03d1e9b1c
976b4eed2cc92c5cfa40b8725d0ca9bb714c91d51414f5f816106a620518edaa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6018
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:00 GMT
Last-Modified: Sun, 25 Sep 2022 08:33:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/61b2138b2359a30001cece73.png?auto=format,compress&fm=png
151.101.86.208200 OK 13 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/61b2138b2359a30001cece73.png?auto=format,compress&fm=png
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 0c50ae95bd9c524caf86ba8d7b2224a0
334371a9ed51e9ff9fc74f5f986645914d260bb6
19791a990f263926334d4a791ebe597bb97c23026fea125b88720d1bc529546f
GET /5d13c7f587c6fd00018a2b22/61b2138b2359a30001cece73.png?auto=format,compress&fm=png HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 07:45:28 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 2f75dabff047c1be27921cbc8370d8a7a302459c
x-imgix-render-farm: 01.592
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 1650513
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10044-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 12706
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3464
Expires: Sun, 25 Sep 2022 11:11:45 GMT
Date: Sun, 25 Sep 2022 10:14:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3464
Expires: Sun, 25 Sep 2022 11:11:45 GMT
Date: Sun, 25 Sep 2022 10:14:01 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4a854bddd5848d7ec4da9aa1c77ac75f
6e68d8290159f8a36dca41ccbefc82ebb821d2c8
668e5e2c495681195f7bc65edc5fa5597629766f271480d12fe7f071402e3cb6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:01 GMT
Last-Modified: Sun, 25 Sep 2022 08:33:52 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L-_2SZaDgyyk-f470W6UCPOIjjXtR8p8zLqe9rDKiMO-XxQvaZ_IEw==
Age: 6009
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3464
Expires: Sun, 25 Sep 2022 11:11:45 GMT
Date: Sun, 25 Sep 2022 10:14:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda26d83a-84d6-497f-974b-e97994a82e1c.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda26d83a-84d6-497f-974b-e97994a82e1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12b4e62eeac0a002ce34d748230878ca
47585668611fadb8bd8fa65e5e330bd3ed2f60b6
e871981eec0c113d0ccda82fabdc84d1881828f7cba1d76c50063c22d528a85e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda26d83a-84d6-497f-974b-e97994a82e1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: f3230dd3-8d7c-41e7-bf32-83376fd77eb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQGNaIAMF57Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-4aa0826f4b7d59d9651ad763;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xrsq6kYGG5mhvI-Xkxspuum-g0G7LBLfxVPayM611E-PiT71_ZsD2g==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 01:03:58 GMT
age: 33003
etag: "47585668611fadb8bd8fa65e5e330bd3ed2f60b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7eba9d4ed7413abb8e8824cc86071b50
1ec47b0f11a2b1173a1dcd32d541e5680b0088b1
399622d6099137974fa30a332c145b45182a7be272523a325418c63bfe70e5a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: 72d102a6-8552-473f-b3f8-99450722017d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHEgIAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-7e4789b1723913e2500ea5f2;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pai6CsC8F_VDgt6BkP9aRekL5WzUkwNdrvetIijRKlGByWm6skpb6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:14 GMT
age: 43967
etag: "1ec47b0f11a2b1173a1dcd32d541e5680b0088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 45389
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 45415
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JHbRgCQOZp244YWkU4o78m9HhC77v7LOWAvwnc2eRTW2vHnv99ygaA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 06:00:25 GMT
age: 15216
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 43965
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fast.fonts.net/t/1.css?apiType=css&projectid=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fast.fonts.net/cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css
Cookie: __cf_bm=fONdUC9ci37T1.YvNY2eKXPLrAbEBeo1fx_7GgIidtQ-1664100841-0-ATCBgGbEHLa0smq5N2NtU3s81F1QWyMM9urrygohA8trZoUtDRal2AeK/AwbAbbsUrTuwKV6iOyi9GaOXGQbbDg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:01 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: +7uMpgmUlwKdpGbsB049625Xn00Ktj5EUj7qYvgh49C6hq7b3Tp/bh17XYV8w/F6oNsQRJpWJvZ1U7HGXy3QlA==
x-amz-request-id: AMVZ0WC51AZR08T1
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7502fd92d9bfb4f9-OSL
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-6TKV8ZEDMH>m=2oe9l0&_p=1866846522&_gaz=1&cid=453303582.1664100839&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664100839&sct=1&seg=0&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&dt=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&en=page_view&_fv=1&_nsi=1&_ss=1&ep.organization_trunkID=5d13c7f587c6fd00018a2b22&ep.organization_ID=5d2cd0741b7bec000814cf2e&ep.organization_ancestors_ID=5ebefe091cafc10001b86f53%2C5ebeff9d1cafc10001b88293%2C5d1632bcbde845000870996b%2C5d13c7f587c6fd00018a2b22&ep.property=dealer&ep.organization_externalID=1123277&ep.organization_name=Sainato%20Electric%20Inc%20dba%20Generators%20Plus&ep.AreaManager=2580745&ep.SalesManager=3614165&ep.dealerEligibility=Air-Cooled%2C912631%2C912831%2C912731%2CPlatinum%20Dealer&ep.Director=3136562&ep.Master=MASTER123&up.client_id=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-6TKV8ZEDMH>m=2oe9l0&_p=1866846522&_gaz=1&cid=453303582.1664100839&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664100839&sct=1&seg=0&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&dt=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&en=page_view&_fv=1&_nsi=1&_ss=1&ep.organization_trunkID=5d13c7f587c6fd00018a2b22&ep.organization_ID=5d2cd0741b7bec000814cf2e&ep.organization_ancestors_ID=5ebefe091cafc10001b86f53%2C5ebeff9d1cafc10001b88293%2C5d1632bcbde845000870996b%2C5d13c7f587c6fd00018a2b22&ep.property=dealer&ep.organization_externalID=1123277&ep.organization_name=Sainato%20Electric%20Inc%20dba%20Generators%20Plus&ep.AreaManager=2580745&ep.SalesManager=3614165&ep.dealerEligibility=Air-Cooled%2C912631%2C912831%2C912731%2CPlatinum%20Dealer&ep.Director=3136562&ep.Master=MASTER123&up.client_id=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6TKV8ZEDMH>m=2oe9l0&_p=1866846522&_gaz=1&cid=453303582.1664100839&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664100839&sct=1&seg=0&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&dt=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&en=page_view&_fv=1&_nsi=1&_ss=1&ep.organization_trunkID=5d13c7f587c6fd00018a2b22&ep.organization_ID=5d2cd0741b7bec000814cf2e&ep.organization_ancestors_ID=5ebefe091cafc10001b86f53%2C5ebeff9d1cafc10001b88293%2C5d1632bcbde845000870996b%2C5d13c7f587c6fd00018a2b22&ep.property=dealer&ep.organization_externalID=1123277&ep.organization_name=Sainato%20Electric%20Inc%20dba%20Generators%20Plus&ep.AreaManager=2580745&ep.SalesManager=3614165&ep.dealerEligibility=Air-Cooled%2C912631%2C912831%2C912731%2CPlatinum%20Dealer&ep.Director=3136562&ep.Master=MASTER123&up.client_id=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Sun, 25 Sep 2022 10:14:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.amazonaws.com/clients.powerchord.io/KOH-PROD/get-quote+(2).svg
52.216.25.126200 OK 869 B URL HTTP/1.1 s3.amazonaws.com/clients.powerchord.io/KOH-PROD/get-quote+(2).svg
IP 52.216.25.126:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (701)
Hash 07e08b5322f5e8d2505db2abf2f4f4f7
c5679236a4f666e158d9e609a5e42b99bb904ba7
b06a8257721bc4ab6b5582f43d54b9a671417cc02cb8f48b22d41b6e111debbc
GET /clients.powerchord.io/KOH-PROD/get-quote+(2).svg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DMHUIfU5nT/vBIt1Wu+AU3E7YxxE+az1iXfATQWQn9XdzzOraZVk4P8/k8WX8pygQy2Er37Mvfg=
x-amz-request-id: R9NR5VJMWSQKSZAG
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Wed, 20 Oct 2021 16:45:08 GMT
ETag: "07e08b5322f5e8d2505db2abf2f4f4f7"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 869
stats.g.doubleclick.net/g/collect?v=2&tid=G-6TKV8ZEDMH&cid=453303582.1664100839>m=2oe9l0&aip=1
64.233.162.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-6TKV8ZEDMH&cid=453303582.1664100839>m=2oe9l0&aip=1
IP 64.233.162.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6TKV8ZEDMH&cid=453303582.1664100839>m=2oe9l0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Sun, 25 Sep 2022 10:14:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5fe208f60c316a000136275b.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&max-h=100%&max-w=100%&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 16 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5fe208f60c316a000136275b.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&max-h=100%&max-w=100%&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash e20ad7c3e13ac80172daaa9eba02fe37
686d7f627d89d32c8f7414a164831b428938dff6
3c748b4881723ab3d79628287f299406c29ed80b5c9dbd7e70a8c52d25f13aae
GET /5d13c7f587c6fd00018a2b22/5fe208f60c316a000136275b.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&max-h=100%&max-w=100%&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Aug 2022 12:46:34 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: e2e8b8b9d2bb0298dc527ef3baba79b58443eb6b
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 3706046
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10025-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 15531
X-Firefox-Spdy: h2
powerchord.imgix.net/KOH/files/resource/5751b68814e5570001c360e0/d/2019/08/09/15.00.12_022d781a-702e-4dfe-b62c-0bedf8992295.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 5.2 kB URL HTTP/2 powerchord.imgix.net/KOH/files/resource/5751b68814e5570001c360e0/d/2019/08/09/15.00.12_022d781a-702e-4dfe-b62c-0bedf8992295.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash e127d5e121068fb2aeec6f5c36e87831
8d95929d5fc34b709c2dff5fab7d03df344389bf
de5837486119f6f41ef2d23efbd65e1f6949622a3dc2521dfae93e212b98f5f3
GET /KOH/files/resource/5751b68814e5570001c360e0/d/2019/08/09/15.00.12_022d781a-702e-4dfe-b62c-0bedf8992295.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Aug 2022 13:45:09 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 20be7a093ec6718ae631df2095d3a0e8712430b0
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 3443332
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10037-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 5174
X-Firefox-Spdy: h2
powerchord.imgix.net/KOH/zab61929-rgb?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 3.3 kB URL HTTP/2 powerchord.imgix.net/KOH/zab61929-rgb?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 529430b9c8a2fe6226c280c98a436301
34f7662880ded8525cb5d08d8ad2bec49c3b4a4b
bede93583e29e3a02fae252b9f7ae604438c0fd7a72f234f2727bd6f68927a9e
GET /KOH/zab61929-rgb?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2022 10:16:56 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 9c85ed55eb28602159c11b1774b4a4e0aefad366
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 3369425
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 3287
X-Firefox-Spdy: h2
powerchord.imgix.net/KOH/zab61924-rgb?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 2.6 kB URL HTTP/2 powerchord.imgix.net/KOH/zab61924-rgb?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 914f76de87536ee963fe3bbea2bf409b
469ff4d1642709f1abbc34dc703a0fd58a72e53f
1ff5dc4b254e7b6ddc9e9557973ac33d47074cbf526309396df435aea828b08a
GET /KOH/zab61924-rgb?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 08:38:24 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: c1747c07f5c3aa1830302ae3ba9fecde9871f9d8
x-imgix-render-farm: 01.592
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 1647338
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10064-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 2553
X-Firefox-Spdy: h2
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/600839d8a851f8000112d6e9.jpg?auto=format,compress&fm=png&ar=1:1&fit=crop&crop=focalpoint&=undefined&ixlib=imgixjs-3.4.2&w=1074
151.101.86.208200 OK 52 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/600839d8a851f8000112d6e9.jpg?auto=format,compress&fm=png&ar=1:1&fit=crop&crop=focalpoint&=undefined&ixlib=imgixjs-3.4.2&w=1074
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash ad0384cb8861f095a523fe0ceff8bd62
28d849354a25dfd60aa9ad957011346bf5fc7336
ac2982839db69294baf92455f9611eea93f8a6c069c8dbbb636cb3aa7863a725
GET /5d13c7f587c6fd00018a2b22/600839d8a851f8000112d6e9.jpg?auto=format,compress&fm=png&ar=1:1&fit=crop&crop=focalpoint&=undefined&ixlib=imgixjs-3.4.2&w=1074 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2022 15:22:46 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 14155ace3a6d64edd1776871cf703c42f2582bdb
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 3351075
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10082-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 51827
X-Firefox-Spdy: h2
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5fda47bd9a155c0001542837.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 25 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5fda47bd9a155c0001542837.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 9ae81293ee1b4150800fa1bbef815a1e
373ca272ea1dc85fc84c9a42975a30bebe1c1750
5a18aa3388e30c5668883254579da28a76d7310e99b4b482b8468b70fdee0c59
GET /5d13c7f587c6fd00018a2b22/5fda47bd9a155c0001542837.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 12:18:12 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 0cf1f02ae3753cb66cbd9834a782da2b76c96ea7
x-imgix-render-farm: 01.1
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 2238949
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10074-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 24748
X-Firefox-Spdy: h2
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/61e1a66d3250540001c0bd6b.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 23 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/61e1a66d3250540001c0bd6b.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 7cebe53360d16f9b023b2d40bebbe4ec
13091bb4e85fb3ec8175365b16ffbf207ac8dae6
ac3d2ba2d9b1d6232d8b36e52a29c4ee29b46c4b5b87fa801752f8ef16ca2fa8
GET /5d13c7f587c6fd00018a2b22/61e1a66d3250540001c0bd6b.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 08:21:26 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 25155133d9a7697f9466c71c5106509a2055f2f9
x-imgix-render-farm: 01.1
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 2253155
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10067-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 22718
X-Firefox-Spdy: h2
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/60083ad6494f720001a3b236.jpg?auto=format,compress&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 4.7 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/60083ad6494f720001a3b236.jpg?auto=format,compress&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 03e66f59112bf549f23818c9985b6018
196c0da01c658b333773e5ae072703b69ffe2ec4
00cd8e91b68cbf2b5bc7b5d23f51bfe7b46d911f17253234f14f6799af44cd71
GET /5d13c7f587c6fd00018a2b22/60083ad6494f720001a3b236.jpg?auto=format,compress&fit=crop&crop=focalpoint&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2022 10:16:56 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 26de9b73d3d252a355d01a928e609f118959171f
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 3369425
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10052-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 4720
X-Firefox-Spdy: h2
powerchord.imgix.net/KOH/files/resource/5751b68814e5570001c360e0/d/2019/08/07/16.24.30_816bbe0a-8715-44e7-a4ab-4184fdde5b60.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ar=1:1&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 15 kB URL HTTP/2 powerchord.imgix.net/KOH/files/resource/5751b68814e5570001c360e0/d/2019/08/07/16.24.30_816bbe0a-8715-44e7-a4ab-4184fdde5b60.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ar=1:1&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 0f50c1aa7e1fa1bd37d31abf2aa909a6
86624e82c8850d9a933a08c4a29fc749abc88305
22fd1271c71ad5336f234a35072f8154f059430c88cf7db5b6ae8c3bcec8cf00
GET /KOH/files/resource/5751b68814e5570001c360e0/d/2019/08/07/16.24.30_816bbe0a-8715-44e7-a4ab-4184fdde5b60.png?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ar=1:1&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 13:58:12 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 6afdb6e46abde3e9991c59f085dcd5e6126e2ebf
x-imgix-render-farm: 01.592
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 1023349
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10069-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 15373
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5e4f12293823ff0001e22043.jpg?auto=format,compress&fm=png
151.101.86.208200 OK 5.8 kB URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5e4f12293823ff0001e22043.jpg?auto=format,compress&fm=png
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash af3b93bc2f4988727cd40aadab330f85
9996b9c6da3f57547c897930616aeafbe83102c3
2e35fc0379dafda4b5f68553fc0839a40eeb2d3cf7d4559be16fceb9f28c6937
GET /5d13c7f587c6fd00018a2b22/5e4f12293823ff0001e22043.jpg?auto=format,compress&fm=png HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Sep 2022 10:14:01 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: cf9ed0790405cb79a72a2913e537ce71f757a0a1
x-imgix-render-farm: 01.592
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 0
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10045-SJC, cache-bma1678-BMA
x-cache: MISS, MISS
vary: Accept, User-Agent
content-length: 5803
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=renderRecaptcha&render=explicit&hl=en
142.250.74.164200 OK 575 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=renderRecaptcha&render=explicit&hl=en
IP 142.250.74.164:0
File type ASCII text, with very long lines (910), with no line terminators
Hash 5d62c6898416f1c2273c01b5414a44a4
549132d27a6b4b34b11b3a070fe54305b384787a
8c53f2a405ea26535cdf19170bef714fca9bb81f7d4a38c3096dbdfc32a30c4a
GET /recaptcha/api.js?onload=renderRecaptcha&render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 25 Sep 2022 10:14:01 GMT
date: Sun, 25 Sep 2022 10:14:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 575
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5fe2092b0c316a0001362773.jpg?auto=format,compress&fm=png&fit=crop&ar=2:3&crop=focalpoint&ixlib=imgixjs-3.4.2&w=1074
151.101.86.208200 OK 967 B URL HTTP/2 powerchord.imgix.net/5d13c7f587c6fd00018a2b22/5fe2092b0c316a0001362773.jpg?auto=format,compress&fm=png&fit=crop&ar=2:3&crop=focalpoint&ixlib=imgixjs-3.4.2&w=1074
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 036b6433a7c679d711aa4cf3dfcd9f60
5f8f8a7f9b64f8b7df5efdb934c286c9b185ac0c
655dc953d4fb07f6b56e592efb4aab5268674b1f7edb58e0cc5ad6af5bec01d7
GET /5d13c7f587c6fd00018a2b22/5fe2092b0c316a0001362773.jpg?auto=format,compress&fm=png&fit=crop&ar=2:3&crop=focalpoint&ixlib=imgixjs-3.4.2&w=1074 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 13:04:54 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: cb358f6afb0fa0e99ab3621194ae09057653cffa
x-imgix-render-farm: 01.592
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 1026547
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10053-SJC, cache-bma1678-BMA
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 967
X-Firefox-Spdy: h2
powerchord.imgix.net/KOH-PROD/files/image/597b92ef9d029500010c77ed/d/2018/08/17/19.33.11_e3cb0aee-ad8f-4081-b43a-695423f5887e.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ar=1:1&ixlib=imgixjs-3.4.2&w=798
151.101.86.208200 OK 34 kB URL HTTP/2 powerchord.imgix.net/KOH-PROD/files/image/597b92ef9d029500010c77ed/d/2018/08/17/19.33.11_e3cb0aee-ad8f-4081-b43a-695423f5887e.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ar=1:1&ixlib=imgixjs-3.4.2&w=798
IP 151.101.86.208:0
File type ISO Media, AVIF Image\012- data
Hash 9297bfe8d22f1eecad311d69220bb66a
a87626bf31e716f159136da4107a04a94b2c0e62
1e7f9458511ccbd1f0694f706f4d339795555c1c06795cc941d0d18e15245a12
GET /KOH-PROD/files/image/597b92ef9d029500010c77ed/d/2018/08/17/19.33.11_e3cb0aee-ad8f-4081-b43a-695423f5887e.jpg?auto=format,compress&fm=png&fit=crop&crop=focalpoint&ar=1:1&ixlib=imgixjs-3.4.2&w=798 HTTP/1.1
Host: powerchord.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 16:35:21 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 12ea1cea024d7370d10e8a94ade40bd2c97bba4a
x-imgix-render-farm: 01.592
date: Sun, 25 Sep 2022 10:14:01 GMT
age: 927520
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10037-SJC, cache-bma1678-BMA
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 34386
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash edb9f0deb2339c1b9b0a529e42aba3c5
224c4331136c7b5e24382ce7d826659e70d17e9c
91274edd5c6342eb863cf6e0e47d3524d2b719742ea4c081bc677ffababbfe91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:01 GMT
Last-Modified: Sun, 25 Sep 2022 09:58:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash edb9f0deb2339c1b9b0a529e42aba3c5
224c4331136c7b5e24382ce7d826659e70d17e9c
91274edd5c6342eb863cf6e0e47d3524d2b719742ea4c081bc677ffababbfe91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:01 GMT
Last-Modified: Sun, 25 Sep 2022 09:58:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
fast.fonts.net/dv2/14/5b1fbd62-45dc-4433-a7df-a2b24a146411.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
104.17.224.78200 OK 18 kB URL HTTP/2 fast.fonts.net/dv2/14/5b1fbd62-45dc-4433-a7df-a2b24a146411.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
IP 104.17.224.78:0
File type Web Open Font Format (Version 2), TrueType, length 17672, version 1.0\012- data
Hash bc69d60c1fbeea60ca09d07b45a73740
3035f58916d31c3fdccd0ca431d1f3103d232556
0415958f00e0405cd409d616d701590ce2dd8562e258be3f2e83482480d137f9
GET /dv2/14/5b1fbd62-45dc-4433-a7df-a2b24a146411.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:01 GMT
content-type: application/octet-stream
content-length: 17672
x-amz-id-2: bML5N2eXWZxCj6xb6ZhxjzN5uHqazyJMNii/Pf2F2KiLAHZT0hWIYtmEDmHjorDImawj3C52jAw=
x-amz-request-id: R9NMFGHN4K1GS2PM
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 18:11:58 GMT
etag: "bc69d60c1fbeea60ca09d07b45a73740"
x-amz-meta-mtime: 1440085019
x-amz-version-id: null
cf-cache-status: MISS
expires: Sun, 25 Sep 2022 10:19:01 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=_5cb4V4B_0pEl5oLb6JnxFNsuk57TK5Rt51t68gmMp8-1664100841-0-AZ3FtVCxFQL0AhJfTeTzpYFh2ChM8eTB0e4hU2oJ4HtOIMXogwqw0cpdxp1eQvYwtsEiQCJff7oK3mFPcM2vD84=; path=/; expires=Sun, 25-Sep-22 10:44:01 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7502fd93692db50b-OSL
X-Firefox-Spdy: h2
fast.fonts.net/dv2/14/3dac71eb-afa7-4c80-97f0-599202772905.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
104.17.224.78200 OK 20 kB URL HTTP/2 fast.fonts.net/dv2/14/3dac71eb-afa7-4c80-97f0-599202772905.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
IP 104.17.224.78:0
File type Web Open Font Format (Version 2), TrueType, length 19612, version 0.0\012- data
Hash 4a334318c1d098aed2078f0229d8d2d5
998d6966b883be895799bb17ac5c71bbabcd9bef
9eca7386e75329085377f713ccba123575195cbf84467a615e2605ef6530b77f
GET /dv2/14/3dac71eb-afa7-4c80-97f0-599202772905.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
content-type: application/octet-stream
content-length: 19612
x-amz-id-2: BCQZWzf9Zy5ik29sOxNmo18082xK9MfMaUinhUes8/dfVqChQHjgMXxhx+zOjDPCsR7VYIfT8Wk=
x-amz-request-id: R9NN2CQMGPD698T3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 08:46:55 GMT
etag: "4a334318c1d098aed2078f0229d8d2d5"
x-amz-meta-mtime: 1529587677
x-amz-version-id: null
cf-cache-status: MISS
expires: Sun, 25 Sep 2022 10:19:01 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=kjkrK3nqC..ZSguS1CZhYbb_o.qJTTX0iWThV1WepM8-1664100841-0-AYX99dVD+dNuenO2KMwIn0ic4mAg7vPsLC4Ja5dMuLzbPKksJ1XP+RbOHQ+lVbqsU29rJqhl/aGKvyKvsI6/ogo=; path=/; expires=Sun, 25-Sep-22 10:44:01 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7502fd936919b50b-OSL
X-Firefox-Spdy: h2
fast.fonts.net/dv2/14/531c5a28-5575-4f58-96d4-a80f7b702d7b.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
104.17.224.78200 OK 18 kB URL HTTP/2 fast.fonts.net/dv2/14/531c5a28-5575-4f58-96d4-a80f7b702d7b.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a
IP 104.17.224.78:0
File type Web Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data
Hash 4622c9999e38ce864c1553f4b79830d5
858f5ebf8e376bb3da0cffc2f93a5a102ca26bf7
5f822f38968846d38e3d08895fd07ac1a981ffb50e95c4465d4da4ee50c22af0
GET /dv2/14/531c5a28-5575-4f58-96d4-a80f7b702d7b.woff2?d44f19a684109620e4841571a690e818cea9a73cdbefb96cc08b5f82c9643b8106f94c545aff54485afc29351de72df4c681903f94243a8ad3f8f7f3f4b773d65e8cd3c6959899b8cb735dc8a8299aa07617fbf7bd1e4cb394c928a6d167e51bb1fcf108f1c5e880b2187ea9b94ffe6e06aa6d3c11f7ba3c18591226c95d11aa2a14369d0ea800d727b8123ad5158d34d084d743a7aaea8c3d1f347c14c16151bcb552b32faeb652c71e2db630a222d38b99a9f564&projectId=d9655dc2-fef5-49e4-9c2a-fdfbc02a888a HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
content-type: application/octet-stream
content-length: 17660
x-amz-id-2: cm93/AYu1+OBDoZ9I5yEBxCXUX0OZk2RHmKULfInTrzHTHhYP/ohBvD5Jm3u9rMPCRhQKkUe2Ww=
x-amz-request-id: R9NN0YN00NHKFPMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 15:38:04 GMT
etag: "4622c9999e38ce864c1553f4b79830d5"
x-amz-meta-mtime: 1440089107
x-amz-version-id: null
cf-cache-status: MISS
expires: Sun, 25 Sep 2022 10:19:02 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=vPDunFE27Rcfw5gEL7AZeaOZS76atE3mjQRjDQy6_aM-1664100842-0-AefDHglOluCDuWBKskNMFT5gBMD98jdkAiKilks2LTEcTF7avThuM8uNjkbolIzSM9I0OiJw5ycaaN6LYXb3nYg=; path=/; expires=Sun, 25-Sep-22 10:44:02 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=zpPKFAU8pv9CBAMgOFFTJhfyRRLh02Of_F_YIjt0Or4-1664100842-0-Ac0e9I0krzXiiu6tYMRW4NVs_K0a3vVH5SP1gt_kBXOPtEk0yPIEFEcpQyj9TysLcHhu98rWaY2dcdqXAjH61yg"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=zpPKFAU8pv9CBAMgOFFTJhfyRRLh02Of_F_YIjt0Or4-1664100842-0-Ac0e9I0krzXiiu6tYMRW4NVs_K0a3vVH5SP1gt_kBXOPtEk0yPIEFEcpQyj9TysLcHhu98rWaY2dcdqXAjH61yg; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 7502fd935917b50b-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6843fcbba7c74f14a619b781e1b45ba1
782cd2ae87f9cbd202f5391796225dc65f512c09
a04fa7e5a82bed9931548bc16882e5f774ac5e0ecd37dbde337d4f86ee6ec659
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:01 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ENseFv2OK6bW_PBVDB7RMksSHAHuX8cUnITEOrON92tUa3gixvbqng==
tracking.logpostback.com/third_party_application_latest.js
54.230.111.117200 OK 5.1 kB URL HTTP/1.1 tracking.logpostback.com/third_party_application_latest.js
IP 54.230.111.117:0
File type ASCII text, with very long lines (5103), with no line terminators
Hash ac52ffd557da20839c2b5bd36400d9de
1973b17b6ad0ddfd75fa42101c22cde7d882841e
4d8958566924bd01d73e5c3fc578ca26710769ddf909377d14da7db571190f17
GET /third_party_application_latest.js HTTP/1.1
Host: tracking.logpostback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 5103
Connection: keep-alive
Last-Modified: Thu, 14 Mar 2019 23:55:41 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 25 Sep 2022 10:14:02 GMT
ETag: "ac52ffd557da20839c2b5bd36400d9de"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zYSXi7MD6n3RE_E3up6WE8Xf-eZp5QXVGS0aufHYjvghd2Il9iEpqA==
Age: 14949
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c6a4a8e3b18e562b4bed71eefd913481
9ed32697f78f7b72531decd850de97499c6f2574
54041ea6df222d529d39122b6e7d2e21b082b7c1f28f5565b088e3941b7788f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 08:41:09 GMT
expires: Sun, 25 Sep 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 5573
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 5.9 kB IP 188.125.94.206:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +8+x5UvXw4tN9jEcHgxkfNnqH83/YUHaEDaTHJuL3e6AN1sDEFHjRCZJecFusbDzH9uHhN43SNs=
x-amz-request-id: XD8V2EYVE1ZT2D2S
date: Sun, 25 Sep 2022 10:10:17 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
content-length: 5929
age: 226
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6738d1761d3c5000a4a15aa4abf2f7d0
7a81af5cdb7fb0d139ac3974e1fc3a031a0b0b49
7920e24baa7bcf6ac07d419e4e2a71ad39e8ad273e6d12003e0730adb95c9afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Sun, 25 Sep 2022 08:59:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6TKV8ZEDMH&cid=453303582.1664100839>m=2oe9l0&aip=1&z=1670311098
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6TKV8ZEDMH&cid=453303582.1664100839>m=2oe9l0&aip=1&z=1670311098
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6TKV8ZEDMH&cid=453303582.1664100839>m=2oe9l0&aip=1&z=1670311098 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:14:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=1A05333A7EA2697B08C521107F5768EE; domain=.bing.com; expires=Fri, 20-Oct-2023 10:14:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CAEA711AC5443C380F14AB94E06ABD5 Ref B: OSL30EDGE0522 Ref C: 2022-09-25T10:14:02Z
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
ad.doubleclick.net/activity;src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home?
216.58.207.198302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home?
IP 216.58.207.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:14:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 10:29:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:11:34 GMT
expires: Fri, 22 Sep 2023 07:11:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 270148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: pfR1slvYbGjHy5xId8rCQVy/VIifZkrpEhw38fKqYWOgMwcoqtxQtvNhdrTmaZfSvfcdei6Qb/vX3+RoOHffrw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Sun, 25 Sep 2022 10:14:02 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 12482f755f1264f5587bb8cdc7fff5c3
ff01e5ec3898e03cd21ddd586dab090e994abace
7560f40a0cd5c96d14d22048dc6c0a2937c0f7aad9b23b4e4baf36cd08cec337
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4006
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Sun, 25 Sep 2022 09:07:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
googleads.g.doubleclick.net/pagead/viewthroughconversion/865235912/?random=1664100840741&cv=9&fst=1664100840741&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&tiba=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&auid=694536593.1664100839&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/865235912/?random=1664100840741&cv=9&fst=1664100840741&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&tiba=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&auid=694536593.1664100839&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2424), with no line terminators
Hash 53fda115e9dec943e153eca379f10ee5
44909e442a1550ab66f4e20a583857eed05ea8c9
886411b073aed8fb736c7f6384c426cb1707526213bac418f6bc4756419db4c5
GET /pagead/viewthroughconversion/865235912/?random=1664100840741&cv=9&fst=1664100840741&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&tiba=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&auid=694536593.1664100839&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:14:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1075
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 10:29:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6738d1761d3c5000a4a15aa4abf2f7d0
7a81af5cdb7fb0d139ac3974e1fc3a031a0b0b49
7920e24baa7bcf6ac07d419e4e2a71ad39e8ad273e6d12003e0730adb95c9afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Sun, 25 Sep 2022 08:59:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c6a4a8e3b18e562b4bed71eefd913481
9ed32697f78f7b72531decd850de97499c6f2574
54041ea6df222d529d39122b6e7d2e21b082b7c1f28f5565b088e3941b7788f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/staticmap?center=39.63369,-79.96375&zoom=8&size=292x256&maptype=roadmap&markers=icon:https://s3.amazonaws.com/clients.powerchord.io/KOH/map-marker-kohler.png%7C39.63369,-79.96375&key=AIzaSyDvrefpzAo1jo8ivSdMOWKFLIWrcwIvzBU
172.217.21.170200 OK 29 kB URL HTTP/2 maps.googleapis.com/maps/api/staticmap?center=39.63369,-79.96375&zoom=8&size=292x256&maptype=roadmap&markers=icon:https://s3.amazonaws.com/clients.powerchord.io/KOH/map-marker-kohler.png%7C39.63369,-79.96375&key=AIzaSyDvrefpzAo1jo8ivSdMOWKFLIWrcwIvzBU
IP 172.217.21.170:0
File type PNG image data, 292 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9bfb39310068b169cbaf1c1e22f52cae
368fc8c6c7282b3582b8a379fb314e75bb53a26b
d362af6b2cfb6adad557310b6c46ee5f4083ddf906a5aec20024c537762fddcd
GET /maps/api/staticmap?center=39.63369,-79.96375&zoom=8&size=292x256&maptype=roadmap&markers=icon:https://s3.amazonaws.com/clients.powerchord.io/KOH/map-marker-kohler.png%7C39.63369,-79.96375&key=AIzaSyDvrefpzAo1jo8ivSdMOWKFLIWrcwIvzBU HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Sun, 25 Sep 2022 10:14:02 GMT
expires: Mon, 26 Sep 2022 10:14:02 GMT
cache-control: public, max-age=86400
vary: Accept-Language
access-control-allow-origin: *
server: scaffolding on HTTPServer2
content-length: 28742
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
172.217.21.170200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 172.217.21.170:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 25 Sep 2022 10:14:02 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://generatorsplus.kohlergeneratordealer.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10161062.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10161062.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10161062.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: EDFK2427RB6VF8C5
x-amz-id-2: YZmAg9hRBEAsCB78BGidD86KbK+PT6RCQGY0Medx8gcFrDQfzPJTHwdc8HTlDgSJUWx34GRhww6jWIYePjqZow==
content-type: application/json
date: Sun, 25 Sep 2022 10:14:02 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5524349&tm=gtm002&Ver=2&mid=20ede025-1185-4a40-9cc2-241f235e57ab&sid=c6672e303cba11edaee20f06c926928c&vid=c66745403cba11edb7e0f96db0beb454&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown,%20WV%2026501&p=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&r=<=2549&evt=pageLoad&sv=1&rn=142379
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5524349&tm=gtm002&Ver=2&mid=20ede025-1185-4a40-9cc2-241f235e57ab&sid=c6672e303cba11edaee20f06c926928c&vid=c66745403cba11edb7e0f96db0beb454&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown,%20WV%2026501&p=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&r=<=2549&evt=pageLoad&sv=1&rn=142379
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5524349&tm=gtm002&Ver=2&mid=20ede025-1185-4a40-9cc2-241f235e57ab&sid=c6672e303cba11edaee20f06c926928c&vid=c66745403cba11edb7e0f96db0beb454&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown,%20WV%2026501&p=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&r=<=2549&evt=pageLoad&sv=1&rn=142379 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0974741558A46FF93818663F59516EC3; domain=.bing.com; expires=Fri, 20-Oct-2023 10:14:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83866A5B133648BEBE3895E00131D3F6 Ref B: OSL30EDGE0522 Ref C: 2022-09-25T10:14:02Z
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:14:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/5524349.js
13.107.21.200200 OK 666 B URL HTTP/2 bat.bing.com/p/action/5524349.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 1f2245090c616508533bad808b292b5b
2d197943b38b2e57cd7a6ca9deb678b7d640c5bf
eabc1bd02b5e578b703374debc022342981ce9814514a3e5c23aa7069ed86941
GET /p/action/5524349.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 666
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=301A0A685A1862B1170218425BED6302; domain=.bing.com; expires=Fri, 20-Oct-2023 10:14:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16909C889B3449EA81B7F917A07764EF Ref B: OSL30EDGE0522 Ref C: 2022-09-25T10:14:02Z
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home
172.217.21.162200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=6342852;type=visit0;cat=dealvi0;ord=5563782827974;gtm=2wg9l0;auiddc=694536593.1664100839;u1=1123277;u3=Peter%20Pfeiffer;u4=3614165;u5=Home HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:14:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 78124
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 206731
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 7fb4df915d04b7ad9fc63a5387df0de8
b146aa5505e39b734c2591334dddc8192cade32c
4c25a2e5f33eeadf1f3e21cbc4fe7acc9e1ab87743b3130adda2fd94f1fd160b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Sun, 25 Sep 2022 09:16:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash c355ed9771e902f61a7b25899ee283c4
67f4c542d67acf7b206c6f9d19f04db21c588dbc
75d8d7a6cf95a6bcb3d4176ed97a3adafee0d1371480b7997b9e1361ba133dfa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2079
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Sun, 25 Sep 2022 09:39:23 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash c355ed9771e902f61a7b25899ee283c4
67f4c542d67acf7b206c6f9d19f04db21c588dbc
75d8d7a6cf95a6bcb3d4176ed97a3adafee0d1371480b7997b9e1361ba133dfa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2064
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:02 GMT
Last-Modified: Sun, 25 Sep 2022 09:39:38 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=UMETe180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJuU1olMkJNdzFqSEI4TWY1T0RVdTkzV0Y1bnVudEN6cUpPNmJzdUpWYVZiTw; expires=Fri, 20 Oct 2023 10:14:02 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 310904
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=173093713234121&ev=PageView&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&rl=&if=false&ts=1664100841360&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664100841358.1680913184&it=1664100840912&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=173093713234121&ev=PageView&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&rl=&if=false&ts=1664100841360&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664100841358.1680913184&it=1664100840912&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=173093713234121&ev=PageView&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&rl=&if=false&ts=1664100841360&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664100841358.1680913184&it=1664100840912&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/5524349
13.107.219.53200 OK 1.5 kB URL HTTP/2 www.clarity.ms/tag/uet/5524349
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1540), with no line terminators
Hash 5f6ac87c314b7749ad7f21c4d6d91565
d5d14540cf05087366b097a87670550dc845c143
f5e60445c16908b5f2f588fb3690d0fb245c89d7797fca8deda443cde3ccbb82
GET /tag/uet/5524349 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=6b1f3fc7009446f698ba808bf6e6e758.20220925.20230925; expires=Mon, 25 Sep 2023 10:14:02 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 06ikwYwAAAAALxDlWq6NmSJvKTjTFEyIVT1NMMjMxMDUwMjAzMDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=173093713234121&ev=Dealer&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&rl=&if=false&ts=1664100841363&cd[organization_id]=5d2cd0741b7bec000814cf2e&cd[organization_type]=Platinum%20Dealer&cd[property]=dealer&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664100841358.1680913184&it=1664100840912&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=173093713234121&ev=Dealer&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&rl=&if=false&ts=1664100841363&cd[organization_id]=5d2cd0741b7bec000814cf2e&cd[organization_type]=Platinum%20Dealer&cd[property]=dealer&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664100841358.1680913184&it=1664100840912&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=173093713234121&ev=Dealer&dl=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&rl=&if=false&ts=1664100841363&cd[organization_id]=5d2cd0741b7bec000814cf2e&cd[organization_type]=Platinum%20Dealer&cd[property]=dealer&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664100841358.1680913184&it=1664100840912&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.219.53200 OK 24 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54809)
Hash 1a7d206cf77e52160f7d49ab1c167fe5
08d824c483c1a2428bdc4e583d61a5ca8d1afb74
5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 23509
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 06ikwYwAAAADRem5LqR9rQ6I3MB0yOrx2T1NMMjMxMDUwMjAzMDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2010%3A14%3A01%20GMT&n=0&b=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&.yp=10161062&f=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2010%3A14%3A01%20GMT&n=0&b=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&.yp=10161062&f=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2010%3A14%3A01%20GMT&n=0&b=Sainato%20Electric%20Inc%20dba%20Generators%20Plus%20%7C%20Kohler%20Generator%20Dealer%20in%20Morgantown%2C%20WV%2026501&.yp=10161062&f=https%3A%2F%2Fgeneratorsplus.kohlergeneratordealer.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
expires: Sun, 25 Sep 2022 10:14:02 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOopMGMCEHju1-GlZCh3BPAU5xhdJh0FEgEBAQF7MWM6YwAAAAAA_eMAAA&S=AQAAAkj53dzTlZV650zJrBFe_Wk; Expires=Mon, 25 Sep 2023 16:14:02 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&RedC=c.clarity.ms&MXFR=0AEC6DF0F4056BA53BF07FDAF0056552
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0AEC6DF0F4056BA53BF07FDAF0056552; domain=.clarity.ms; expires=Fri, 20-Oct-2023 10:14:03 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 25 Sep 2022 10:14:03 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&RedC=c.clarity.ms&MXFR=0AEC6DF0F4056BA53BF07FDAF0056552
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&RedC=c.clarity.ms&MXFR=0AEC6DF0F4056BA53BF07FDAF0056552
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&RedC=c.clarity.ms&MXFR=0AEC6DF0F4056BA53BF07FDAF0056552 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&MUID=024575D50055631C054A67FF01A062B2
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=024575D50055631C054A67FF01A062B2; domain=c.bing.com; expires=Fri, 20-Oct-2023 10:14:03 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C5BBC54122D483AAF28AB05424E457B Ref B: OSL30EDGE0522 Ref C: 2022-09-25T10:14:03Z
date: Sun, 25 Sep 2022 10:14:03 GMT
content-length: 0
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 822
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://generatorsplus.kohlergeneratordealer.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 10:14:02 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&MUID=024575D50055631C054A67FF01A062B2
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&MUID=024575D50055631C054A67FF01A062B2
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=32394B44EC934DCE905E2328539E1D13&MUID=024575D50055631C054A67FF01A062B2 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 25-Sep-2022 10:24:03 GMT; path=/; SameSite=None; Secure;
date: Sun, 25 Sep 2022 10:14:03 GMT
content-length: 42
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=kohlergeneratordealer.com&sn=FirefoxSyncframe&so=0&topUrl=generatorsplus.kohlergeneratordealer.com&info=a6cYel80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJuU1olMkJNdzFqSEI4TWY1T0RVdTkzVnQlMkYxbWpEYk9WTzgxZVVQNDBTcEwy&idsd=-875680591,-1899012182&cw=1&lsw=1
178.250.2.146200 OK 335 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=kohlergeneratordealer.com&sn=FirefoxSyncframe&so=0&topUrl=generatorsplus.kohlergeneratordealer.com&info=a6cYel80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJuU1olMkJNdzFqSEI4TWY1T0RVdTkzVnQlMkYxbWpEYk9WTzgxZVVQNDBTcEwy&idsd=-875680591,-1899012182&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (422), with no line terminators
Hash 80e3ef3aa729fdb27889cdf36e88b9f3
3d8f446bf53e042c124e4d8fd312df53c548a713
75f2af6fb5573c0ec454a7408a09aa3a50f8999e6d05776a1abe64e3a4de3416
GET /sid/json?origin=onetag&domain=kohlergeneratordealer.com&sn=FirefoxSyncframe&so=0&topUrl=generatorsplus.kohlergeneratordealer.com&info=a6cYel80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJuU1olMkJNdzFqSEI4TWY1T0RVdTkzVnQlMkYxbWpEYk9WTzgxZVVQNDBTcEwy&idsd=-875680591,-1899012182&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=generatorsplus.kohlergeneratordealer.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1161840
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 443 B IP 178.250.2.146:0
Hash 4215924939647a89b95008d9e9f5b437
d1a60687b93cee19105b1f7e8176b65b944960a5
f0e82a0b07b31444e2784222480af4eaf4de57dbe4ab292fc07d2a1f6a950d61
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=UMETe180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJuU1olMkJNdzFqSEI4TWY1T0RVdTkzV0Y1bnVudEN6cUpPNmJzdUpWYVZiTw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=a6cYel80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJuU1olMkJNdzFqSEI4TWY1T0RVdTkzVnQlMkYxbWpEYk9WTzgxZVVQNDBTcEwy; expires=Fri, 20 Oct 2023 10:14:03 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 200422
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 358221
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://generatorsplus.kohlergeneratordealer.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 10:14:03 GMT
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 10:14:03 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 659956
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5c85847a2c328ce0ce16e9b16d690664
67aff9a779e8f0bf15a9536b5f4ae1b24372d2d3
c6a4beb8087632396abe412270967899610df0402c50ba4895aed9721e87500f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:55:46 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MR1zxU1KSRUsz_a2Hk1NYfzu43trk6u1XRQp4io7tYEE0kJyzNzkzg==
Age: 4698
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g
104.18.19.126302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 25 Sep 2022 10:14:04 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g&C=1
cf-ray: 7502fda65cd4b51d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YzAp7HQbSZhD.UY5QRtaegAA; Path=/; Domain=casalemedia.com; Expires=Mon, 25 Sep 2023 10:14:04 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4436; Path=/; Domain=casalemedia.com; Expires=Sat, 24 Dec 2022 10:14:04 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4436; Path=/; Domain=casalemedia.com; Expires=Sat, 24 Dec 2022 10:14:04 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTNxy8HR2o0Kf6g4EFpoVww1pg7%2B0go11Luy1uDxr5c%2F8wkbmwg1LQ7fK%2FJO6pmvZz3UK4EKB22PFk%2BGXSbHbZJidQP0iPAVQ2LQnSDUKMMxmcNmQMsf4K0jw0X2fCBsGnW3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-aOKsq8rQkPc-UzL23FvTZwD8gyb9ztmn2Ax0KQ
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-aOKsq8rQkPc-UzL23FvTZwD8gyb9ztmn2Ax0KQ
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-aOKsq8rQkPc-UzL23FvTZwD8gyb9ztmn2Ax0KQ HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3071024443580262000V10; Expires=Mon, 25 Sep 2023 10:14:04 GMT; domain=.media.net; Path=/;
data-c-ts=1664100844;Expires=Tue, 25 Oct 2022 10:14:04 GMT;path=/;domain=.media.net;
data-c=k-aOKsq8rQkPc-UzL23FvTZwD8gyb9ztmn2Ax0KQ~~3;Expires=Tue, 25 Oct 2022 10:14:04 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 25 Sep 2022 10:14:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 25 Sep 2022 10:14:04 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5d04731e7d05385c083d4d4a69bc885c
e9be1b168a98366bffada661dc712bbac816480f
87659ad44d0862b531d84882b8012918288ff667609dc86ce1002553f213c501
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:56:05 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw
142.250.74.98302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bb924e291308a9c32b015033d799fdfe
9d927093bd192c7c81b38a120daec97bf7bef93b
8e23feb11b3c2e6525106e5b351fc512faf16f21c4ba9a0b4f0f8d7583d4bde4
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm=&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw&google_tc=
date: Sun, 25 Sep 2022 10:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 10:29:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g&C=1
104.18.19.126200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g&C=1
IP 104.18.19.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-Iok8UcrQkPc-UzL23FvTZwD8gya7QDwHXU6x0g&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: image/gif
content-length: 43
cf-ray: 7502fda6cd40b51d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sA2WzbMlOhkv5ZBu1qYpiCBIs7DLtEzBgIJehZVuEwvpNkD1zJy8LipOKw1WpS%2BIXB75AWvjYYHiWLKOrbyo8TIrgUc5xy85kM8qP0IXwF%2BkGL5dLaO0sMAS2MUOga1NOy8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 10:14:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA&KRTB&23144-uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA&KRTB&23286-uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA&KRTB&23287-uid:k-kN4FycrQkPc-UzL23FvTZwD8gyYsEApKhNlDNA; domain=pubmatic.com; secure; expires=Tue, 25-Oct-2022 10:14:03 GMT; path=/
PugT=1664100843; domain=pubmatic.com; secure; expires=Tue, 25-Oct-2022 10:14:03 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5eb63d935525c73d27fe2ccc266c1f48
933536fe9ed7dfc94cb73ace4fb905e192a268f3
267a73a91a91b8b0ca8aba627a54ee2fdbb19dcd4d8dd04ae9f3a0841fa97134
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 09:13:59 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm=&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw&google_tc=
142.250.74.98302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm=&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw&google_tc=
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2f08719a0bd30032e23ac8e449bf9fef
f9ba7134d8db5bd2972482319cffd52b5d17121e
2657f28badd9e126e974dda52771751e4fd772ecc03b9f0548d966777210c699
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_cm=&google_hm=ay1LbXQ5ZDhyUWtQYy1VekwyM0Z2VFp3RDhneWJPbGlnSUE0R1FrZw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_error=3
date: Sun, 25 Sep 2022 10:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 10:14:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 188898d3-3f2c-4fdd-9cc2-1673c8128bb5
Set-Cookie: uuid2=8635700590122162291; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 24-Dec-2022 10:14:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
criteo-sync.teads.tv/um?eid=80&uid=k-qGTSq8rQkPc-UzL23FvTZwD8gyZTBYoYYqo66A
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-qGTSq8rQkPc-UzL23FvTZwD8gyZTBYoYYqo66A
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-qGTSq8rQkPc-UzL23FvTZwD8gyZTBYoYYqo66A HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sun, 25 Sep 2022 10:14:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 25 Sep 2022 10:14:04 GMT
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MJzgV8rQkPc-UzL23FvTZwD8gyYT10kK4T5e7A&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MJzgV8rQkPc-UzL23FvTZwD8gyYT10kK4T5e7A&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-MJzgV8rQkPc-UzL23FvTZwD8gyYT10kK4T5e7A&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
Content-Type: image/gif
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7bb6737f6e8c35b233a8b1cc5e285204
7043934dff49d97b315866a281cc931e6bd0db3d
7332f514cbcf7944ea163d9c7f9dc86a83117dfd5e687a56d4fe5c6381e4c5db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:55:42 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ultyn8-IBcxDvEmTaW0hl32H7ELoOmQ8n3kN1HNRCbp0q9pcKjIbyQ==
Age: 4702
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 54a26e69184e61e9105f77ef53573b5f
7a46c52218ac3b1223d3cecd1c85a5c79ba3ad26
120aee4dfbcd215660fbc4b588d99b20953c9155fc3ed0b17dca5f7a1653e947
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6342
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:28:22 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ
54.93.152.24302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ
IP 54.93.152.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ
set-cookie: tuuid=00570e7f-e64c-4b29-9399-8b4d997a5cf4; Expires=Sat, 24 Dec 2022 10:14:04 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1664100844; Expires=Sat, 24 Dec 2022 10:14:04 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 925dcfd890f0fc22ebce6e43cc497ecd
1d756347443f7bf74cbe47b8f4f3a7f011f34a6a
e7b0dd7394e21b78df7c84eef61e0dd3ca0811a470c06d594cd93f080dabc580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 10:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=487963,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7502fda78a240b06-OSL
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-TYm3C8rQkPc-UzL23FvTZwD8gyZqEyaWyjQDoQ
185.86.138.144404 Not Found 21 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-TYm3C8rQkPc-UzL23FvTZwD8gyZqEyaWyjQDoQ
IP 185.86.138.144:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash efa6ba503d1db3c0aeb36d2dfe12081a
bcb085dea063066be3fed25872f48e310261dc8f
673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a
GET /redir/?partnerid=79&partneruserid=k-TYm3C8rQkPc-UzL23FvTZwD8gyZqEyaWyjQDoQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
date: Sun, 25 Sep 2022 10:14:04 GMT
content-length: 21
content-type: text/plain; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6fe79ba72a558da210d1a9e6bc452721
1fdb8a8c04d463569f701cd49aab64b30e9423fa
736525326c32eab9d161abd3f2b12e4cfb66e532970ed1cec1ca6a9191c3265b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6480
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:26:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 10:14:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 1e265947-a46c-44f4-85d4-e3404774601e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4e95a5ef9cea692769875efb7acb535e
c2bdcd2df16aa99dcaf74703dda63f2ddb1acb63
e67fe6f2a6bf8033c54e1c9be8f1cd954d6390d337527ddf82aa9f975c027f1f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 09:01:31 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fpERBDG0ZaSP0lSKwAn2MVD6MMPKy3pll5UPC0AgtKN3VthDLlbc6g==
Age: 4353
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ
54.93.152.24200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ
IP 54.93.152.24:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-YRWLn8rQkPc-UzL23FvTZwD8gyYzkPPoCtNtrQ HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3a824e01a43ed2f2547b9090fab53c13
3069792f5c592e4e425afbbfc10eb7629250f2fd
368332581396cf01c61a9bfc12adfb66191b0a21c613533f608401555eff8e80
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:45:36 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v2XoZsFzu59vkYGxJxS0SsimSKDZTKf99dAG6OKrtcbdwMMJBwTeow==
Age: 5308
widget.us.criteo.com/event?a=49184&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1123277%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Dvp%26p%3D1123277&p3=e%3Ddis&adce=1&bundle=IEiBml9aRWxUYmFGZTVMR1VYWDR5V1hUYWRvTWhWZUpJRUx1SldObkVDaUhXT3pIVmIxN2k5RnNWcGtLcEdwOVlGUXRJWGVnTmFDRElNb3ZCMkpnaExDVm5NdG9lYzJGWkElMkZVemZMVFBQZm5UVkFSJTJCRGpab3ZwYlVmY1IlMkJ0Vm1yZ09KUzVid3luUjdaa2lJJTJCeWw3SWplc3Z4U0RSJTJGOVNhOWNEWkdTWFdoSFZJVm5NJTNE&tld=kohlergeneratordealer.com&fu=https%253A%252F%252Fgeneratorsplus.kohlergeneratordealer.com%252F&dtycbr=70570
74.119.119.150200 OK 4.1 kB URL HTTP/2 widget.us.criteo.com/event?a=49184&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1123277%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Dvp%26p%3D1123277&p3=e%3Ddis&adce=1&bundle=IEiBml9aRWxUYmFGZTVMR1VYWDR5V1hUYWRvTWhWZUpJRUx1SldObkVDaUhXT3pIVmIxN2k5RnNWcGtLcEdwOVlGUXRJWGVnTmFDRElNb3ZCMkpnaExDVm5NdG9lYzJGWkElMkZVemZMVFBQZm5UVkFSJTJCRGpab3ZwYlVmY1IlMkJ0Vm1yZ09KUzVid3luUjdaa2lJJTJCeWw3SWplc3Z4U0RSJTJGOVNhOWNEWkdTWFdoSFZJVm5NJTNE&tld=kohlergeneratordealer.com&fu=https%253A%252F%252Fgeneratorsplus.kohlergeneratordealer.com%252F&dtycbr=70570
IP 74.119.119.150:0
Hash 879d53e60292c6b3d5461fc0f0d8ba74
ee6ecf2715318f6d9ff9a3042631583bd72af699
4264260b4c85aa3307936e19ea2b95c89179cf0b7b231854b46c402e7e6b8980
GET /event?a=49184&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1123277%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Dvp%26p%3D1123277&p3=e%3Ddis&adce=1&bundle=IEiBml9aRWxUYmFGZTVMR1VYWDR5V1hUYWRvTWhWZUpJRUx1SldObkVDaUhXT3pIVmIxN2k5RnNWcGtLcEdwOVlGUXRJWGVnTmFDRElNb3ZCMkpnaExDVm5NdG9lYzJGWkElMkZVemZMVFBQZm5UVkFSJTJCRGpab3ZwYlVmY1IlMkJ0Vm1yZ09KUzVid3luUjdaa2lJJTJCeWw3SWplc3Z4U0RSJTJGOVNhOWNEWkdTWFdoSFZJVm5NJTNE&tld=kohlergeneratordealer.com&fu=https%253A%252F%252Fgeneratorsplus.kohlergeneratordealer.com%252F&dtycbr=70570 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:03 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 20741466
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 25 Sep 2022 10:14:04 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30
Set-Cookie: tuuid=81d65773-585f-4cce-accd-a913c4850820; path=/; expires=Mon, 25-Sep-2023 10:14:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664100844; path=/; expires=Mon, 25-Sep-2023 10:14:04 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664100844; path=/; expires=Mon, 25-Sep-2023 10:14:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664100844; path=/; expires=Mon, 25-Sep-2023 10:14:04 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 25 Sep 2022 10:14:04 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOwpMGMCEPWKGm8sce14TzRKi_0co5AFEgEBAQF7MWM6YwAAAAAA_eMAAA&S=AQAAApmr96L4r_AO43GN8lZ9BDA; Expires=Mon, 25 Sep 2023 16:14:04 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-5lglgsrQkPc-UzL23FvTZwD8gyYUfB7OCetodg
35.156.130.49204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-5lglgsrQkPc-UzL23FvTZwD8gyYUfB7OCetodg
IP 35.156.130.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-5lglgsrQkPc-UzL23FvTZwD8gyYUfB7OCetodg HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 10:14:04 GMT
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9caf0ef724c02dec64118a8ff017b367
89e98129b3c3ac5d3659e74814bc70fd54e7ee8b
1a021382f481917a475407b78d613ca2435265b81dcc819e22ec6a16f0a940b6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 09:00:32 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=2711&xuid=k-6TCKP8rQkPc-UzL23FvTZwD8gyajffQObJopEA&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-6TCKP8rQkPc-UzL23FvTZwD8gyajffQObJopEA&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-6TCKP8rQkPc-UzL23FvTZwD8gyajffQObJopEA&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a1f53e0af39f60ce7e9ed59b773eb3b0
34448321a48d2b8e56ab8ac8c2b3e6b74a556e29
29adec20a9d53d88d6b18936510411584ee9f1a54e3a7984a9ec8db2debf3a0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 09:09:37 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/ibs:dpid=28645&dpuuid=
34.241.100.149302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 34.241.100.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v042-00135db9e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=02476636418310316593958491440009205260; Max-Age=15552000; Expires=Fri, 24 Mar 2023 10:14:04 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: eTcZUCw2Q5k=
Content-Length: 0
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-fA4_rcrQkPc-UzL23FvTZwD8gyblA9PYMNo9rA
37.157.3.29200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-fA4_rcrQkPc-UzL23FvTZwD8gyblA9PYMNo9rA
IP 37.157.3.29:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-fA4_rcrQkPc-UzL23FvTZwD8gyblA9PYMNo9rA HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 07 Feb 2020 08:03:00 GMT
etag: "5e3d19b4-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q&verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q&verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-XGH3YcrQkPc-UzL23FvTZwD8gyaYXMz-AmRT2Q&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 10:14:04 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOwpMGMCEKQjWOOQq_1jQCsj62X_UnUFEgEBAQF7MWM6YwAAAAAA_eMAAA&S=AQAAAjoFJmJC46dJ3u-_sBDfubg; Expires=Mon, 25 Sep 2023 16:14:04 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4198fa094a76094df485c9e89231f691
856785aae5adf63dc734f076be4dcf74b53a292d
de133db7a975e49b2e3e4a6cfd324a07b6678cf1e9fe178ed9368d606f614d70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 10:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:11:55 GMT
Expires: Sat, 01 Oct 2022 15:11:54 GMT
Etag: "856785aae5adf63dc734f076be4dcf74b53a292d"
Cache-Control: max-age=535669,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7502fda80ab40b06-OSL
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30
3.126.157.114200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30
IP 3.126.157.114:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-b0afFsrQkPc-UzL23FvTZwD8gybu4rySlqWYvA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 25 Sep 2022 10:14:04 GMT
Content-Length: 43
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
34.241.100.149200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 34.241.100.149:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v042-031974a8c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: wlnOh8EMQS8=
Content-Length: 59
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-q4qCEcrQkPc-UzL23FvTZwD8gyaJJlxx5RWjBg
64.202.112.255200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-q4qCEcrQkPc-UzL23FvTZwD8gyaJJlxx5RWjBg
IP 64.202.112.255:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-q4qCEcrQkPc-UzL23FvTZwD8gyaJJlxx5RWjBg HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 10:14:04 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 50b68ce96c69a6f696d3a8c4ec6992cc
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 10:14:03 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 832100
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dm_id=8666&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dm_id=8666&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dm_id=8666&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 24 Sep 2022 10:14:04 GMT
Date: Sun, 25 Sep 2022 10:14:04 GMT
Connection: keep-alive
Set-Cookie: id=f23633cd-6384-45db-8037-e8f8ff2c3d18; Path=/; Domain=yieldlab.net; Expires=Mon, 25-Sep-2023 10:14:04 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7fafed3eac9f7134838a7da59250bb3a
032eadb5b5495b7ef05011a35bf5d582ce75d733
52859664bce692130ac009b0a7ada9b8d1a5f3870acaafbddacfbbb38d9a372c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 09:40:05 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a5du_AQIpareUiCFJV9sW7REKb-CZUsjnjTxEhie9uixld2tRFQtlg==
Age: 2039
sync-criteo.ads.yieldmo.com/sync?id=k-JBcvOMrQkPc-UzL23FvTZwD8gyaegU-YJ2L9Hg&pn_id=criteo&ext=1
63.34.53.236200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-JBcvOMrQkPc-UzL23FvTZwD8gyaegU-YJ2L9Hg&pn_id=criteo&ext=1
IP 63.34.53.236:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-JBcvOMrQkPc-UzL23FvTZwD8gyaegU-YJ2L9Hg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g2f4cdf4cf7334397728%7C1664100844963%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 25-Sep-2023 10:14:04 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-JBcvOMrQkPc-UzL23FvTZwD8gyaegU-YJ2L9Hg; Domain=ads.yieldmo.com; Expires=Mon, 25-Sep-2023 10:14:04 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 24 Sep 2022 10:14:04 GMT
Date: Sun, 25 Sep 2022 10:14:04 GMT
Connection: keep-alive
Set-Cookie: id=f406cef2-07b6-4018-80dc-7cbd1c5a74a4; Path=/; Domain=yieldlab.net; Expires=Mon, 25-Sep-2023 10:14:04 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9d0c4d31db713f6e0c4045953eb2c36e
41c25a649d9653c0e830e9aa2b75cd5142db32c4
3599c0d19052550915e434cb4456eebc40b02fe17d937e3008ffde3f07cbc13c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:14:04 GMT
Last-Modified: Sun, 25 Sep 2022 08:25:26 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NpjKI1SODhaTDAFixp1jIsJAw8Y8lDgP6k7wp6sHf-2I-4oE693dYQ==
Age: 6518
ad.yieldlab.net/m?dt_id=12438557&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=12438557&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=12438557&ext_id=k-NpStEsrQkPc-UzL23FvTZwD8gyYQq8ZnoeTFyA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 24 Sep 2022 10:14:05 GMT
Date: Sun, 25 Sep 2022 10:14:05 GMT
Connection: keep-alive
Set-Cookie: id=c01c62f0-12ec-4d7a-9bf0-b311cbfe2a13; Path=/; Domain=yieldlab.net; Expires=Mon, 25-Sep-2023 10:14:05 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5a6523225dc7ac830faca26492f48ca8
848bc1a13c50d15ca674225af2e189ac7a9cf041
a5a13f70ea9cf56156c6de36f6189e88eaef1d49e54c638d5000ad40bb345563
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4888
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:14:05 GMT
Last-Modified: Sun, 25 Sep 2022 08:52:37 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Y7-7XsrQkPc-UzL23FvTZwD8gyZNoyjv1y0JnQ
185.255.84.153200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Y7-7XsrQkPc-UzL23FvTZwD8gyZNoyjv1y0JnQ
IP 185.255.84.153:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Y7-7XsrQkPc-UzL23FvTZwD8gyZNoyjv1y0JnQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=662847fc170d66e93eabb1212d27d61e; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 25 Sep 2022 10:14:04 GMT
content-length: 49
x-envoy-upstream-service-time: 174
server: ayl-lb-fra02
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.215.16.237204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.215.16.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 10:14:05 GMT
set-cookie: _kuid_=PGZNfyjM; Expires=Fri, 24-Mar-23 10:14:05 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n018-dub-prod.krxd.net
x-request-time: D=30 t=1664100845
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 10:14:05 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 378546
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash a2ec6e13f21b0337961fb9a1a17678f1
72a1ca35a757339d3d1c4acf7c8ee5f5f69a25d1
f54ed9bad3faa1954170a65d666dd42bc93eaea234773b36ba242bacb7b8789c
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F54ED9BAD3FAA1954170A65D666DD42BC93EAEA234773B36BA242BACB7B8789C"
Last-Modified: Sun, 25 Sep 2022 08:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=2960
Expires: Sun, 25 Sep 2022 11:03:25 GMT
Date: Sun, 25 Sep 2022 10:14:05 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.15.245.229200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.15.245.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:05 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: c92fa580-3cba-11ed-a49f-0000ac1700b5
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 855
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://generatorsplus.kohlergeneratordealer.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 10:14:05 GMT
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=generatorsplus.kohlergeneratordealer.com&origin=onetag
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=generatorsplus.kohlergeneratordealer.com&origin=onetag
IP 178.250.2.146:0
GET /syncframe?topUrl=generatorsplus.kohlergeneratordealer.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:01 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=98b430c4-e088-4a5c-a77b-61ea790a6829; expires=Fri, 20 Oct 2023 10:14:01 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 628076
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
generatorsplus.kohlergeneratordealer.com/favicon.ico
104.196.98.241200 OK 0 B URL HTTP/2 generatorsplus.kohlergeneratordealer.com/favicon.ico
IP 104.196.98.241:0
GET /favicon.ico HTTP/1.1
Host: generatorsplus.kohlergeneratordealer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://generatorsplus.kohlergeneratordealer.com/
Connection: keep-alive
Cookie: pc_sid=9bea6291-803b-4778-814f-6888dd88aaef; pc_aid=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJjIjoiIiwiZCI6MzE1MzYwMDAwLCJkaWQiOiIiLCJoIjoiZ2VuZXJhdG9yc3BsdXMua29obGVyZ2VuZXJhdG9yZGVhbGVyLmNvbSIsImkiOjE2NjQxMDA4MzksIm8iOiI1ZDJjZDA3NDFiN2JlYzAwMDgxNGNmMmUiLCJzIjoiOWJlYTYyOTEtODAzYi00Nzc4LTgxNGYtNjg4OGRkODhhYWVmIiwidCI6IjVkMTNjN2Y1ODdjNmZkMDAwMThhMmIyMiJ9.KudAQWPewJtXwNK2TYOj_LMfQFxM6WUiZg7yX7c9ncf7JwXeyJzFiPAY9SFvFTvVGyp_b1lRKc3lbgUcYOfLGA; _pc_locale=en-US; _gcl_au=1.1.694536593.1664100839; _ga_6TKV8ZEDMH=GS1.1.1664100839.1.0.1664100839.60.0.0; _ga=GA1.1.453303582.1664100839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: report-uri https://pc.clickstream.events/events/csp; frame-ancestors 'none';
content-type: image/x-icon
date: Sun, 25 Sep 2022 10:14:02 GMT
referrer-policy: same-origin
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Kmt9d8rQkPc-UzL23FvTZwD8gybOligIA4GQkg&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:04 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 245684
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:03 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 471692
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fast.fonts.net/cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css
IP 104.17.224.78:0
GET /cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://generatorsplus.kohlergeneratordealer.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:01 GMT
content-type: text/css; charset=utf-8
x-amz-id-2: 096sBjvkQ/ICHGjhLArjK1F5a0b5jL4iKqUq1F1JMCHV5c+BA3Cyn4sz6r4ccUuP/jtFzcNi3dg=
x-amz-request-id: R9NNFAYZMDYQ2676
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 17 Feb 2021 22:50:55 GMT
etag: W/"7034a7df3f7040170ecde2eebc4899cc"
x-amz-meta-mtime: 1592925812
x-amz-version-id: null
cf-cache-status: MISS
expires: Sun, 25 Sep 2022 10:19:01 GMT
cache-control: public, max-age=300
set-cookie: __cf_bm=v3sWiY6coOybFaxpKVsqfPkq3jlvKTC_esk6aCm4SAo-1664100841-0-AeMEuIOP0UFspbJwSgMMpizSwJOw3xgnH1hr2h+/ZHekHcuv5xV4vk2WbcLdl6HSFk+RRd7YuapTeGD1R9aBUM4=; path=/; expires=Sun, 25-Sep-22 10:44:01 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7502fd8fbbecb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fast.fonts.net/cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css
IP 104.17.224.78:0
GET /cssapi/d9655dc2-fef5-49e4-9c2a-fdfbc02a888a.css HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:01 GMT
content-type: text/css; charset=utf-8
x-amz-id-2: 8tEbQ6EYEsyzD4bcmY9pI0t8q8n75EaPMZo4TPD04ja7tJwpVyeiTbTl1TTV5vn/6VTB9K0w7i8=
x-amz-request-id: AMVQBKMMVTGMB4D0
last-modified: Wed, 17 Feb 2021 22:50:55 GMT
etag: W/"7034a7df3f7040170ecde2eebc4899cc"
x-amz-meta-mtime: 1592925812
x-amz-version-id: null
cf-cache-status: REVALIDATED
expires: Sun, 25 Sep 2022 10:19:01 GMT
cache-control: public, max-age=300
set-cookie: __cf_bm=fONdUC9ci37T1.YvNY2eKXPLrAbEBeo1fx_7GgIidtQ-1664100841-0-ATCBgGbEHLa0smq5N2NtU3s81F1QWyMM9urrygohA8trZoUtDRal2AeK/AwbAbbsUrTuwKV6iOyi9GaOXGQbbDg=; path=/; expires=Sun, 25-Sep-22 10:44:01 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7502fd8fcdc5b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 10:14:01 GMT
content-type: text/javascript
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
etag: W/"630756af-a8d9"
expires: Mon, 26 Sep 2022 10:14:01 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-eeBeuMrQkPc-UzL23FvTZwD8gyYHzlleytRjHg
3.233.26.190200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-eeBeuMrQkPc-UzL23FvTZwD8gyYHzlleytRjHg
IP 3.233.26.190:0
GET /sync?UICR=k-eeBeuMrQkPc-UzL23FvTZwD8gyYHzlleytRjHg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:05 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-BiJnxcrQkPc-UzL23FvTZwD8gyYGIlPGlDMWkA
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-BiJnxcrQkPc-UzL23FvTZwD8gyYGIlPGlDMWkA
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-BiJnxcrQkPc-UzL23FvTZwD8gyYGIlPGlDMWkA HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 10:14:04 GMT
x-fastly-to-nlb-rtt: 25499
access-control-allow-credentials: true
X-Firefox-Spdy: h2
generatorsplus.kohlergeneratordealer.com/
104.196.98.241200 OK 0 B URL HTTP/2 generatorsplus.kohlergeneratordealer.com/
IP 104.196.98.241:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: generatorsplus.kohlergeneratordealer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: report-uri https://pc.clickstream.events/events/csp; frame-ancestors 'none';
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 10:14:00 GMT
referrer-policy: same-origin
set-cookie: pc_sid=9bea6291-803b-4778-814f-6888dd88aaef; SameSite=Lax
pc_aid=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJjIjoiIiwiZCI6MzE1MzYwMDAwLCJkaWQiOiIiLCJoIjoiZ2VuZXJhdG9yc3BsdXMua29obGVyZ2VuZXJhdG9yZGVhbGVyLmNvbSIsImkiOjE2NjQxMDA4MzksIm8iOiI1ZDJjZDA3NDFiN2JlYzAwMDgxNGNmMmUiLCJzIjoiOWJlYTYyOTEtODAzYi00Nzc4LTgxNGYtNjg4OGRkODhhYWVmIiwidCI6IjVkMTNjN2Y1ODdjNmZkMDAwMThhMmIyMiJ9.KudAQWPewJtXwNK2TYOj_LMfQFxM6WUiZg7yX7c9ncf7JwXeyJzFiPAY9SFvFTvVGyp_b1lRKc3lbgUcYOfLGA; Max-Age=157680000; SameSite=Lax
_pc_locale=en-US; Path=/; Domain=kohlergeneratordealer.com; SameSite=Lax
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.245200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.245:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 94162
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.48200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.48:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 10:14:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 97653
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2