www.empik.com/?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0
104.17.158.55301 Moved Permanently 0 B URL HTTP/1.1 www.empik.com/?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0
IP 104.17.158.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0 HTTP/1.1
Host: www.empik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 08:00:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 18 Jan 2023 09:00:51 GMT
Location: https://www.empik.com/?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0
Server-Timing: cf-q-config;dur=6.0000002122251e-06
Vary: Accept-Encoding
Set-Cookie: __cfruid=34994bb418e1d333981eb26935f8dc0e2a7518e9-1674028851; path=/; domain=.empik.com; HttpOnly
Server: cloudflare
CF-RAY: 78b5cc9f3b54b4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3812
Expires: Wed, 18 Jan 2023 09:04:23 GMT
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Wed, 18 Jan 2023 10:13:45 GMT
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20481
Expires: Wed, 18 Jan 2023 13:42:12 GMT
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 07:49:19 GMT
content-type: application/json
age: 692
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
subca.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash af4d542f75414dac4471c36946600d6a
0451ae0c806af466749f840ff578ab060eb28309
3e0051e60b62f26213ebd8feec9a857e0a9b5b41266ca449c3903f72315d34b8
POST / HTTP/1.1
Host: subca.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1579
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=438
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
X-N: S
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ynJihqvxfBnYgI9b+RleHYILMqje3nTuI6CyI2NZwPuu9wAA7tq4yylPVvCWHHDKZvSYMZosT+U=
x-amz-request-id: 6CG0ZA2RA8K8Z4TX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 07:56:36 GMT
age: 255
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 08:00:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
evcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 evcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 55ed568ef8e05a3db46d0b0e9f1e3197
76812064026f5f7cca4b58039f19828c1feb3403
a8850e4906d2bde3a788fbea48e13a7246e0de276498b9fb2dc33ed4078099d3
POST / HTTP/1.1
Host: evcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1605
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=88
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
subca.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash af4d542f75414dac4471c36946600d6a
0451ae0c806af466749f840ff578ab060eb28309
3e0051e60b62f26213ebd8feec9a857e0a9b5b41266ca449c3903f72315d34b8
POST / HTTP/1.1
Host: subca.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1579
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=438
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
X-N: S
evcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 evcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 55ed568ef8e05a3db46d0b0e9f1e3197
76812064026f5f7cca4b58039f19828c1feb3403
a8850e4906d2bde3a788fbea48e13a7246e0de276498b9fb2dc33ed4078099d3
POST / HTTP/1.1
Host: evcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1605
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=88
Date: Wed, 18 Jan 2023 08:00:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2745
Cache-Control: max-age=93102
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:52 GMT
Etag: "63c66529-1d7"
Expires: Thu, 19 Jan 2023 09:52:34 GMT
Last-Modified: Tue, 17 Jan 2023 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 07:17:25 GMT
age: 2607
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.25.78.204101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.78.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mjAk/fvt934N+AqypWNwlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c30pSKVexKUkuH03K37Jw8qBLoE=
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 1.1 kB IP 216.58.207.195:0
Hash f8c2f0d5ee257170dc35860e3dee8918
1b1da9d2b0820984a0b8ee9ee515322503828708
299089c701183220850226b49bf3d3e686c5aa362beca24694d08f5e473348af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PS28TV
142.250.74.72200 OK 135 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PS28TV
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (65281)
Size 135 kB (134926 bytes)
Hash f6e7c500845926fa01916bd6b2cc8db0
e008d5e2b7cdf0227db8a474ed249ff4598b281c
962773b19e42da702cf98cbb9b9b1566c7b8a055af8f64f958a4fc6be5760643
GET /gtm.js?id=GTM-PS28TV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 08:00:52 GMT
expires: Wed, 18 Jan 2023 08:00:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 134926
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 698cde65513f20fde821c7fc41efbe49
5c745036f6a423799898d41f03cf811f0183a4dc
6808cc3d62f2d7879f09d42119886458ae348a7db3db7ed95980fc7df5a67c89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=CaptchaCallback&render=explicit
142.250.74.131200 OK 1.2 kB URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=CaptchaCallback&render=explicit
IP 142.250.74.131:0
Hash 3b6e808acf0dbfae8cc86586eef6a549
b9fe10f6277ca8e59b24f43744a72e027d56c1cc
5304808a0b722407681c966961e6cd9f071a25a153df527e0e8dd68131aa9b3c
GET /recaptcha/api.js?onload=CaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 18 Jan 2023 08:00:53 GMT
date: Wed, 18 Jan 2023 08:00:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 698cde65513f20fde821c7fc41efbe49
5c745036f6a423799898d41f03cf811f0183a4dc
6808cc3d62f2d7879f09d42119886458ae348a7db3db7ed95980fc7df5a67c89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 250 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Size 250 kB (250038 bytes)
Hash 0e35cca5389d4d9761e9003b8e3e3553
f0c58eb57ca5b79648f25290a3c69bbaf7a9aa43
4dc479497105c7259db4f29097499faeef49b18c1e4827193e00c2a49eb316d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7199
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 08:00:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7199
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 08:00:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7199
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 08:00:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7199
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 08:00:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
IP 34.120.237.76:0
Hash bb761d49c7c87b803b39adc749cb32b0
11665bc63a4b498da17d0425142f6acdba405f9b
1e5c4695c5e03f8e782963f8ae1a8064e24761ad5b0315a491331c937853ad51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6454
x-amzn-requestid: 79329eb3-8d89-423f-8626-32c5e2e2831a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gHpeoAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-5e859dc121cd322c6b684eee;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKl5JNASQseZsuX_yJtVaUT2TCY5lKIxjJ8QvhDIXDAkC8GwIRilYg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:08 GMT
age: 35986
etag: "3070340147ced46e5fdf73408272aa39391976fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP 34.120.237.76:0
Hash f6f951994e89cebc23677899f1229a8f
0565d4c495d6b9631e9d87ee8a86b1d3418c8404
debf097703688e1b60350aba94087945a7b3ad62fd3fa80523b7c9e1ce113a42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 36069
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 928e970121a035e9f8d537e4bfe6bf5c
ce4aadc6b3500508d1c4b42b76f09be4414b6eee
2da1438b17cf05aed64e565350dcc706420f2bae7e8c5e36d1b5bad38248c275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 5b743b27-b6d4-4d98-9984-3a5e17cb28e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1xH8BIAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f1-2f1031db0871abae4760d5b6;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jyWosZVSdPHomvHRyf-MuxVp0gR7sKIJ0-jmMStDeixhd8Bhoqzitg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:09 GMT
age: 35985
etag: "ce4aadc6b3500508d1c4b42b76f09be4414b6eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df397b10a8e03cec7f74cd8f0fbb4e6e
625e8a1b7e865def8861e194ac754c486cd374e7
6bafab2eaac6814dd4c0f2155119f71e01cf6ecd602d51fa5d5e547db3588705
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7574
x-amzn-requestid: e330d010-6465-47c6-b45f-b25a6de84f9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A16GjsIAMFYgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f2-17ca5566719117874cb6a6d0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wF_siKELQDBuWLkhNtrGzLwKyuMaGaSoCQNpE5etDRs6XotQgRYF3w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:02:53 GMT
age: 35881
etag: "625e8a1b7e865def8861e194ac754c486cd374e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F861225b5-aa80-4ecb-b68c-3a62a2e3d376.gif
34.120.237.76200 OK 25 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F861225b5-aa80-4ecb-b68c-3a62a2e3d376.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash e9e29acd071f93411556a2a1cbb076fa
6cc5c64b7e82cc5bdc148be6f4760e98cb06f414
a1d23e683f912c5c9a334df441908c7d522ae8f41c91dbb0e99e6bf5162bc54e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F861225b5-aa80-4ecb-b68c-3a62a2e3d376.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 24970
x-amzn-requestid: 65ccc511-17aa-468c-a607-f531ccba1e91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K86HLgIAMFfxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-798eaf875ae85c5e1d73e183;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RCzR1Y9Aya6p6jIR9T0rDo5BEyR_q238uzLQpJ7veDu2HDPCaMtKbg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:56:47 GMT
age: 14647
etag: "6cc5c64b7e82cc5bdc148be6f4760e98cb06f414"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:29 GMT
age: 14425
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (534)
Size 163 kB (162972 bytes)
Hash 76ec8636078661afbc2c6fdd811b0b76
035c5fe2d57e0363a7abaedc294ef890a6e2a081
194068b0223ebb32c7e7026851a4c1eb6b70c988b269c7fa10f4dd3362bd650a
GET /recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 15:07:39 GMT
expires: Tue, 16 Jan 2024 15:07:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
content-type: text/javascript
age: 147195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.empik.com/?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0
104.17.158.55200 OK 153 kB URL HTTP/2 www.empik.com/?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0
IP 104.17.158.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4176), with CRLF, LF line terminators
Size 153 kB (153216 bytes)
Hash 4c52795f4e2aa36f2bdb377fba4c608b
94ec3cb5321315e9a9f2b405e7d18170fcef0f96
ea520af9e1d8a3ba83e3f2543b09ff1e444f8b6690e863ef54f746af1b7f079a
GET /?utm_source=fallback&utm_medium=fallback&utm_campaign=fallback&utm_id=fallback&utm_term=fallback&utm_content=0 HTTP/1.1
Host: www.empik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:51 GMT
content-type: text/html;charset=UTF-8
cf-ray: 78b5cca219a20b41-OSL
cache-control: public, max-age=14400
content-language: pl-PL
expires: Wed, 18 Jan 2023 12:00:51 GMT
last-modified: Wed, 18 Jan 2023 07:59:09 GMT
vary: accept-encoding
cf-cache-status: HIT
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1
set-cookie: __cfruid=34994bb418e1d333981eb26935f8dc0e2a7518e9-1674028851; path=/; domain=.empik.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 18 Jan 2023 07:45:20 GMT
expires: Wed, 18 Jan 2023 09:45:20 GMT
cache-control: public, max-age=7200
age: 934
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash b77f77f4f821a11c0a501be8d6a19659
7bba3d65db27d7c0e050bbf2294021433221de5d
e80b6b1a2f792de4681310088abf8d9172a81ee10a54965c8eb602fae2d92319
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11472
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=1D83060E2D376F9936E114932C606E2C; domain=.bing.com; expires=Mon, 12-Feb-2024 08:00:54 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C8D44A8E94047C281D7650AFE42F578 Ref B: OSL30EDGE0412 Ref C: 2023-01-18T08:00:54Z
date: Wed, 18 Jan 2023 08:00:53 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.5bc662be9faceb9038da.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.5bc662be9faceb9038da.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (47958)
Hash 80bbbdc2c462ad6e55b13b4def9dd8de
a50995d5a88154acb5328008140d677998da15c0
c52e08d76e10f378120f0d28428fedee20f57c8afcc71d52a8e770a16d7cf25b
GET /modules.5bc662be9faceb9038da.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68986
date: Tue, 17 Jan 2023 10:32:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "80bbbdc2c462ad6e55b13b4def9dd8de"
last-modified: Tue, 17 Jan 2023 10:31:25 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7OCLRyQLDEUoclyZuGXrNZzZNff2SY2XvNBZcpAzDOsYbWLA7A8-Hg==
age: 77329
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 38de5599544ffa789bad3f8686808c5e
fa442ea8ec124d47130fe75d0e848330a279e19e
d0344819ecf4cb1795fcd668d5f1a806121a48e174588ecd2eb8751595ac61ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GZPJMXEQ40&cid=443075643.1674028855>m=2oe1a1&aip=1&z=236231524
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GZPJMXEQ40&cid=443075643.1674028855>m=2oe1a1&aip=1&z=236231524
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GZPJMXEQ40&cid=443075643.1674028855>m=2oe1a1&aip=1&z=236231524 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:00:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 6a6b2d9466c78838d5b89a24b1afc5f1
056b045d2648e975609cc689aace2cebf56dc4b8
87f1afd429d569be0ae89952298d447806d8c9d543b4ed8d2bc80cd9dc3d125d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-223724-2&cid=443075643.1674028855&jid=1598608270&gjid=1067255897&_gid=1167299718.1674028855&_u=YCDAgAABAAAAAEAEK~&z=402531306
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-223724-2&cid=443075643.1674028855&jid=1598608270&gjid=1067255897&_gid=1167299718.1674028855&_u=YCDAgAABAAAAAEAEK~&z=402531306
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-223724-2&cid=443075643.1674028855&jid=1598608270&gjid=1067255897&_gid=1167299718.1674028855&_u=YCDAgAABAAAAAEAEK~&z=402531306 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.empik.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Jan 2023 08:00:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 38de5599544ffa789bad3f8686808c5e
fa442ea8ec124d47130fe75d0e848330a279e19e
d0344819ecf4cb1795fcd668d5f1a806121a48e174588ecd2eb8751595ac61ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Sat, 03 Dec 2022 04:42:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9BzPSlg5gE5941ZvAPgcmQBGqJEjUOZVkBSZ0UJwVkFJDCV2TIYW3Q==
age: 3986332
X-Firefox-Spdy: h2
ecsmedia.pl/c/jak-mniej-sie-meczyc-w-zwyczajnym-swiecie-dla-analizujacych-bez-konca-i-wysoko-wrazliwych-p-iext115557120.jpg
104.17.9.235200 OK 7.2 kB URL HTTP/2 ecsmedia.pl/c/jak-mniej-sie-meczyc-w-zwyczajnym-swiecie-dla-analizujacych-bez-konca-i-wysoko-wrazliwych-p-iext115557120.jpg
IP 104.17.9.235:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 143x204, components 3\012- data
Hash c288a507d79c9009281301259287ffe3
bc01d16da8fdb2de73c028a51c6b61d3656b74a1
4323887f8b48ce96d106983dd6f4bd39e609616fba85de20ea458d1d96ea5d2c
GET /c/jak-mniej-sie-meczyc-w-zwyczajnym-swiecie-dla-analizujacych-bez-konca-i-wysoko-wrazliwych-p-iext115557120.jpg HTTP/1.1
Host: ecsmedia.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:54 GMT
content-type: image/jpeg
content-length: 7194
cache-control: public, max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=7520, status=webp_bigger
expires: Thu, 26 Jan 2023 08:00:54 GMT
last-modified: Fri, 22 Jul 2022 18:03:42 GMT
x-server: bin-1
cf-cache-status: HIT
age: 1934642
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: __cfruid=acdab444d3d0db73c0d60db7c3bd3c461c15d010-1674028854; path=/; domain=.ecsmedia.pl; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78b5ccb6581db512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecsmedia.pl/c/samsung-galaxy-s22-ultra-sm-s908bdrheue-5g-12-gb-512-gb-burgundowy-p-iext104874187.jpg
104.17.9.235200 OK 10 kB URL HTTP/2 ecsmedia.pl/c/samsung-galaxy-s22-ultra-sm-s908bdrheue-5g-12-gb-512-gb-burgundowy-p-iext104874187.jpg
IP 104.17.9.235:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 204x204, components 3\012- data
Hash 095b55bf46e6a4e45bf027a49842f671
3e8a928970233c0418d2487fc4fe478ef83345b1
c95c4660f12a8a6aa24a16583d3ba6ba36e2cd44ea4e5e109518eae7718fa4ac
GET /c/samsung-galaxy-s22-ultra-sm-s908bdrheue-5g-12-gb-512-gb-burgundowy-p-iext104874187.jpg HTTP/1.1
Host: ecsmedia.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:54 GMT
content-type: image/jpeg
content-length: 10256
cache-control: public, max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10609, status=webp_bigger
expires: Thu, 26 Jan 2023 08:00:54 GMT
last-modified: Fri, 25 Feb 2022 12:42:30 GMT
x-server: bin-1
cf-cache-status: HIT
age: 1122936
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: __cfruid=acdab444d3d0db73c0d60db7c3bd3c461c15d010-1674028854; path=/; domain=.ecsmedia.pl; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78b5ccb6682fb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecsmedia.pl/c/depilator-philips-bre715-00-p-iext68237519.jpg
104.17.9.235200 OK 5.1 kB URL HTTP/2 ecsmedia.pl/c/depilator-philips-bre715-00-p-iext68237519.jpg
IP 104.17.9.235:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 204x204, components 3\012- data
Hash aa51d29ef0cfc43499a409ccb9390437
f5e8a815c10b7a3155d90821fc4edb34722cb16e
ab9512f7cf3c4c70e38dd3118648125437ff4f9c7c5ce259a9d881f51184e914
GET /c/depilator-philips-bre715-00-p-iext68237519.jpg HTTP/1.1
Host: ecsmedia.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:54 GMT
content-type: image/jpeg
content-length: 5095
cache-control: public, max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5236, status=webp_bigger
expires: Thu, 26 Jan 2023 08:00:54 GMT
last-modified: Sat, 27 Feb 2021 05:11:05 GMT
x-server: bin-1
cf-cache-status: HIT
age: 1122936
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: __cfruid=acdab444d3d0db73c0d60db7c3bd3c461c15d010-1674028854; path=/; domain=.ecsmedia.pl; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78b5ccb66838b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
euromero.ediemidnightzombies.com/sxp/i/9ef64ce21940025d1f40452d369b12f3.js
54.230.111.53200 OK 32 kB URL HTTP/2 euromero.ediemidnightzombies.com/sxp/i/9ef64ce21940025d1f40452d369b12f3.js
IP 54.230.111.53:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 2b8e2e42ca09beaf937992d84f4d0d21
ac9df0d51703e1f4233c41f19dedfba070fd7e0a
8da31d51db79df416dd1e09923e84e7014dbd8b03b720d485fde8137c7dab095
GET /sxp/i/9ef64ce21940025d1f40452d369b12f3.js HTTP/1.1
Host: euromero.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 31911
content-encoding: gzip
server: Caddy
etag: "1575d-g8aL5MU9+6Og+fTNS7zG3ykHiHk"
cache-control: max-age=43200
date: Tue, 17 Jan 2023 20:50:06 GMT
expires: Wed, 18 Jan 2023 08:50:06 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K162PMnHoAzUbToRFznjOuAw3kyN0l8KOZoc6pr-a9ZdUI19DxWl1A==
age: 40248
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 6a6b2d9466c78838d5b89a24b1afc5f1
056b045d2648e975609cc689aace2cebf56dc4b8
87f1afd429d569be0ae89952298d447806d8c9d543b4ed8d2bc80cd9dc3d125d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 19e9c21f1e72949764d8ffcb5747bec5
65af9cb30aa7959c39889fd28d3f870dbbf896cd
3deb58a447d7318ef995f772ea43eeb2af3eaca23f96e68638d2303bbbb65108
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4719629.fls.doubleclick.net/activityi;src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0?
142.250.74.38200 OK 381 B URL HTTP/2 4719629.fls.doubleclick.net/activityi;src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1078), with no line terminators
Hash 0069480b026172816e5b2f1a9265ee4e
7108a693aa5c99dcde879345a1dc7413e494b024
8937a3db08972eb826541b28e5b7d4203e0a256b8c7a62cf04e66bcfe1a49c79
GET /activityi;src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0? HTTP/1.1
Host: 4719629.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:00:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 08:15:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.194.133:0
Hash b565dd4b6cf53e3960fb4da73f3a9f25
b8d4fccfe5b4e0967cb5aaa464df6467963251ac
05dfc6938b06882d5801cd7562fd7ddcf8cacbe53da6625d10770d52bf9e0091
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 22 Jan 2023 05:01:19 GMT
ETag: "b8d4fccfe5b4e0967cb5aaa464df6467963251ac"
Last-Modified: Wed, 18 Jan 2023 05:01:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 18 Jan 2023 08:00:54 GMT
Age: 3569
X-Served-By: cache-qpg1254-QPG, cache-bma1631-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 9, 3
X-Timer: S1674028855.908840,VS0,VE0
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 19e9c21f1e72949764d8ffcb5747bec5
65af9cb30aa7959c39889fd28d3f870dbbf896cd
3deb58a447d7318ef995f772ea43eeb2af3eaca23f96e68638d2303bbbb65108
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12
80.158.18.121200 OK 46 kB URL HTTP/1.1 dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12
IP 80.158.18.121:0
ASN #6878 T-Systems International GmbH
File type ASCII text, with very long lines (35529)
Hash bce218b4df08c591de540bf37521b472
9781daa63caa8c99c9b9b31b5e0f7d07112a6a2e
f78076c88dc1857960ecdcb0b9e32d22ec71921e25bfbbd4ea5285c33d8606c9
GET /download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12 HTTP/1.1
Host: dtm-dre.platform.hicloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:00:49 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private,max-age=900
Content-Disposition: inline
X-XSS-Protection: 1; mode=block
X-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: elb
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 5cf4d2f816b765ec911ce39ed46dbc8f
b85da611ce513ac5839b2b9ce0ad405605dc82a7
86c428fb0d4e82d58d5af29670c9a899bfb1e938a26b89cb9c1ebc0ebe66c397
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1758
Cache-Control: max-age=102214
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Etag: "63c68c9f-13a"
Expires: Thu, 19 Jan 2023 12:24:29 GMT
Last-Modified: Tue, 17 Jan 2023 11:55:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0
216.58.207.194200 OK 386 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1077), with no line terminators
Hash 8cfd625d29054b40248ff82dfb180621
c5fd313e3fddfdfa1a233b320bab2e2343ade8e1
ce99c383b2df00744dc298708a3c35407f06afb95dfb647d52812a00156e5d92
GET /ddm/fls/i/src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4719629.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:00:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-GZPJMXEQ40>m=2oe1a1&_p=1011709887&_gaz=1&cid=443075643.1674028855&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&uid=&sid=1674028854&sct=1&seg=0&dl=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&dt=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&en=page_view&_fv=2&_nsi=1&_ss=2&ep.content_group=Homepage&ep.status=Niezalogowany&up.ep=false&up.me=false&up.status=Niezalogowany
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-GZPJMXEQ40>m=2oe1a1&_p=1011709887&_gaz=1&cid=443075643.1674028855&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&uid=&sid=1674028854&sct=1&seg=0&dl=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&dt=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&en=page_view&_fv=2&_nsi=1&_ss=2&ep.content_group=Homepage&ep.status=Niezalogowany&up.ep=false&up.me=false&up.status=Niezalogowany
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GZPJMXEQ40>m=2oe1a1&_p=1011709887&_gaz=1&cid=443075643.1674028855&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&uid=&sid=1674028854&sct=1&seg=0&dl=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&dt=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&en=page_view&_fv=2&_nsi=1&_ss=2&ep.content_group=Homepage&ep.status=Niezalogowany&up.ep=false&up.me=false&up.status=Niezalogowany HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.empik.com
date: Wed, 18 Jan 2023 08:00:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/ct?id=22031&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1674028854924&hl=1&op=0&ag=1317291471&rand=247695262897186897118507601266886506571120116862007099087688899910080876269&fs=1152x836&fst=1152x836&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDQ1NjBdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMCwxMiwxMSwxLDIsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCw0Il0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjksSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJjY0hlbHBlcnNcIixcInRhYlNldEFCXCIsXCJ3ZWJwYWNrSnNvbnBcIixcInByZXJlbmRlclJlYWR5XCIsXCJqc0Nvbm5lY3REYXRhXCIsXCJ1dGY4X2VuY29kZVwiLFwibWQ1XCIsXCJkYXRhTGF5ZXJcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcIiRcIixcImpRdWVyeVwiLFwiYW5ndWxhclwiLFwiU2x5XCIsXCJhbmd1bGFyU2x5XCIsXCJkZWZhdWx0T3B0aW9uc1wiLFwidmlzaWJpbGl0eVNlcnZpY2VcIixcInNlbmREYXRhQm94ZXNEYXRhVG9IYWRvb3BcIixcImRhdGFMYXllclNlcnZpY2VcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiSGFtbWVyXCIsXCJfXCIsXCJGVExDb25uZWN0b3JcIixcImRvd25sb2FkTWVkYWxsaWFKU1wiLFwiTWVkYWxsaWFGb3JtQ29udGFpbmVyTGlzdGVuZXJcIixcInJlZ2lzdGVyTWVkYWxsaWFcIixcInJlZ2lzdGVyQ2hhdGJvdFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJwb3N0c2NyaWJlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJfZXh0ZXJuYWxcIixcIl9fY2ZCZWFjb25cIixcIl9sb2FkZWRTY3JpcHRzXCIsXCJfX19ncmVjYXB0Y2hhX2NmZ1wiLFwiZ3JlY2FwdGNoYVwiLFwiX19yZWNhcHRjaGFfYXBpXCIsXCJfX2dvb2dsZV9yZWNhcHRjaGFfY2xpZW50XCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImV2ZW50VHlwZVwiLFwiaGpcIixcIl9oalNldHRpbmdzXCIsXCJoalNpdGVTZXR0aW5nc1wiLFwiaGpCb290c3RyYXBcIixcImhqQm9vdHN0cmFwQ2FsbGVkXCIsXCJoakxhenlNb2R1bGVzXCIsXCJndG1Qcm9kdWN0Q2xpY2tcIixcImd0bVByb2R1Y3RJbXByZXNzaW9uc1wiLFwib25Zb3VUdWJlSWZyYW1lQVBJUmVhZHlcIixcImdhR2xvYmFsXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAyNCwxMjgwLDEwMjQsMTE1Miw5MjEsMTE1Miw4MzYsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI0NDMwNzU2NDMuMTY3NDAyODg1NSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3NDAyODg1NDg4OSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMjcwLDAsMjgsMCwxMSwyNjIsMzEyLC0xLDAsLDE5OTMsMzk4NCwzOTg0Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzIwODQzNjU0NFwiXSxcImRcIjpbXSxcImJcIjpbXCIzNTUwNTU1NjE1XCIsXCIxMTQ3ODE2OTA5XCIsXCJfMVwiLFwiMTYyNDM4MDM3OVwiXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjAsMTAsMCwxLDMsNCwwLDAsMCwwLDEsMCwwLDAsNiwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMywwLDAsMCwwLDAsMSwwLDIsMSwwLDI0LDAsMSwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsMTEyXSxbImFibmNoIiwxMTJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=Vny9wY2kOb&pto=4020&ver=50&gac=443075643.1674028855&mei=&ap=&duid=1.1674028854.BfY74QvCgCiqlRB1&suid=1.1674028854.bHeoAuYsT5esRRtZ&tuid=1.1674028854.C3Vi7ZM7M0rFayY2&fbc=->m=WyJob3RqYXItaGVhdG1hcCIsInBhZ2VTcGVlZERhdGEiLCJhYiJd&it=70%2C3748%2C103&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
54.75.69.192200 OK 965 B URL HTTP/2 eor.ediemidnightzombies.com/ct?id=22031&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1674028854924&hl=1&op=0&ag=1317291471&rand=247695262897186897118507601266886506571120116862007099087688899910080876269&fs=1152x836&fst=1152x836&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDQ1NjBdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMCwxMiwxMSwxLDIsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCw0Il0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjksSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJjY0hlbHBlcnNcIixcInRhYlNldEFCXCIsXCJ3ZWJwYWNrSnNvbnBcIixcInByZXJlbmRlclJlYWR5XCIsXCJqc0Nvbm5lY3REYXRhXCIsXCJ1dGY4X2VuY29kZVwiLFwibWQ1XCIsXCJkYXRhTGF5ZXJcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcIiRcIixcImpRdWVyeVwiLFwiYW5ndWxhclwiLFwiU2x5XCIsXCJhbmd1bGFyU2x5XCIsXCJkZWZhdWx0T3B0aW9uc1wiLFwidmlzaWJpbGl0eVNlcnZpY2VcIixcInNlbmREYXRhQm94ZXNEYXRhVG9IYWRvb3BcIixcImRhdGFMYXllclNlcnZpY2VcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiSGFtbWVyXCIsXCJfXCIsXCJGVExDb25uZWN0b3JcIixcImRvd25sb2FkTWVkYWxsaWFKU1wiLFwiTWVkYWxsaWFGb3JtQ29udGFpbmVyTGlzdGVuZXJcIixcInJlZ2lzdGVyTWVkYWxsaWFcIixcInJlZ2lzdGVyQ2hhdGJvdFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJwb3N0c2NyaWJlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJfZXh0ZXJuYWxcIixcIl9fY2ZCZWFjb25cIixcIl9sb2FkZWRTY3JpcHRzXCIsXCJfX19ncmVjYXB0Y2hhX2NmZ1wiLFwiZ3JlY2FwdGNoYVwiLFwiX19yZWNhcHRjaGFfYXBpXCIsXCJfX2dvb2dsZV9yZWNhcHRjaGFfY2xpZW50XCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImV2ZW50VHlwZVwiLFwiaGpcIixcIl9oalNldHRpbmdzXCIsXCJoalNpdGVTZXR0aW5nc1wiLFwiaGpCb290c3RyYXBcIixcImhqQm9vdHN0cmFwQ2FsbGVkXCIsXCJoakxhenlNb2R1bGVzXCIsXCJndG1Qcm9kdWN0Q2xpY2tcIixcImd0bVByb2R1Y3RJbXByZXNzaW9uc1wiLFwib25Zb3VUdWJlSWZyYW1lQVBJUmVhZHlcIixcImdhR2xvYmFsXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAyNCwxMjgwLDEwMjQsMTE1Miw5MjEsMTE1Miw4MzYsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI0NDMwNzU2NDMuMTY3NDAyODg1NSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3NDAyODg1NDg4OSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMjcwLDAsMjgsMCwxMSwyNjIsMzEyLC0xLDAsLDE5OTMsMzk4NCwzOTg0Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzIwODQzNjU0NFwiXSxcImRcIjpbXSxcImJcIjpbXCIzNTUwNTU1NjE1XCIsXCIxMTQ3ODE2OTA5XCIsXCJfMVwiLFwiMTYyNDM4MDM3OVwiXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjAsMTAsMCwxLDMsNCwwLDAsMCwwLDEsMCwwLDAsNiwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMywwLDAsMCwwLDAsMSwwLDIsMSwwLDI0LDAsMSwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsMTEyXSxbImFibmNoIiwxMTJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=Vny9wY2kOb&pto=4020&ver=50&gac=443075643.1674028855&mei=&ap=&duid=1.1674028854.BfY74QvCgCiqlRB1&suid=1.1674028854.bHeoAuYsT5esRRtZ&tuid=1.1674028854.C3Vi7ZM7M0rFayY2&fbc=->m=WyJob3RqYXItaGVhdG1hcCIsInBhZ2VTcGVlZERhdGEiLCJhYiJd&it=70%2C3748%2C103&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 54.75.69.192:0
File type ASCII text, with very long lines (2991), with no line terminators
Hash ed2f5d88da7fc370a2cd8eb247db6b17
3f30fca691fc3339f690e884cc7edf190add0ad7
254206aafb17adb5fa40cdd4b60d111d5f8361bef860aea1b94a83478211edf8
GET /ct?id=22031&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1674028854924&hl=1&op=0&ag=1317291471&rand=247695262897186897118507601266886506571120116862007099087688899910080876269&fs=1152x836&fst=1152x836&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDQ1NjBdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMCwxMiwxMSwxLDIsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCw0Il0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjksSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJjY0hlbHBlcnNcIixcInRhYlNldEFCXCIsXCJ3ZWJwYWNrSnNvbnBcIixcInByZXJlbmRlclJlYWR5XCIsXCJqc0Nvbm5lY3REYXRhXCIsXCJ1dGY4X2VuY29kZVwiLFwibWQ1XCIsXCJkYXRhTGF5ZXJcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcIiRcIixcImpRdWVyeVwiLFwiYW5ndWxhclwiLFwiU2x5XCIsXCJhbmd1bGFyU2x5XCIsXCJkZWZhdWx0T3B0aW9uc1wiLFwidmlzaWJpbGl0eVNlcnZpY2VcIixcInNlbmREYXRhQm94ZXNEYXRhVG9IYWRvb3BcIixcImRhdGFMYXllclNlcnZpY2VcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiSGFtbWVyXCIsXCJfXCIsXCJGVExDb25uZWN0b3JcIixcImRvd25sb2FkTWVkYWxsaWFKU1wiLFwiTWVkYWxsaWFGb3JtQ29udGFpbmVyTGlzdGVuZXJcIixcInJlZ2lzdGVyTWVkYWxsaWFcIixcInJlZ2lzdGVyQ2hhdGJvdFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJwb3N0c2NyaWJlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJfZXh0ZXJuYWxcIixcIl9fY2ZCZWFjb25cIixcIl9sb2FkZWRTY3JpcHRzXCIsXCJfX19ncmVjYXB0Y2hhX2NmZ1wiLFwiZ3JlY2FwdGNoYVwiLFwiX19yZWNhcHRjaGFfYXBpXCIsXCJfX2dvb2dsZV9yZWNhcHRjaGFfY2xpZW50XCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImV2ZW50VHlwZVwiLFwiaGpcIixcIl9oalNldHRpbmdzXCIsXCJoalNpdGVTZXR0aW5nc1wiLFwiaGpCb290c3RyYXBcIixcImhqQm9vdHN0cmFwQ2FsbGVkXCIsXCJoakxhenlNb2R1bGVzXCIsXCJndG1Qcm9kdWN0Q2xpY2tcIixcImd0bVByb2R1Y3RJbXByZXNzaW9uc1wiLFwib25Zb3VUdWJlSWZyYW1lQVBJUmVhZHlcIixcImdhR2xvYmFsXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAyNCwxMjgwLDEwMjQsMTE1Miw5MjEsMTE1Miw4MzYsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI0NDMwNzU2NDMuMTY3NDAyODg1NSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3NDAyODg1NDg4OSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMjcwLDAsMjgsMCwxMSwyNjIsMzEyLC0xLDAsLDE5OTMsMzk4NCwzOTg0Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzIwODQzNjU0NFwiXSxcImRcIjpbXSxcImJcIjpbXCIzNTUwNTU1NjE1XCIsXCIxMTQ3ODE2OTA5XCIsXCJfMVwiLFwiMTYyNDM4MDM3OVwiXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjAsMTAsMCwxLDMsNCwwLDAsMCwwLDEsMCwwLDAsNiwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMywwLDAsMCwwLDAsMSwwLDIsMSwwLDI0LDAsMSwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsMTEyXSxbImFibmNoIiwxMTJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=Vny9wY2kOb&pto=4020&ver=50&gac=443075643.1674028855&mei=&ap=&duid=1.1674028854.BfY74QvCgCiqlRB1&suid=1.1674028854.bHeoAuYsT5esRRtZ&tuid=1.1674028854.C3Vi7ZM7M0rFayY2&fbc=->m=WyJob3RqYXItaGVhdG1hcCIsInBhZ2VTcGVlZERhdGEiLCJhYiJd&it=70%2C3748%2C103&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Wed, 18 Jan 2023 08:00:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646; Max-Age=29030400; Path=/; Expires=Wed, 20 Dec 2023 08:00:55 GMT; HttpOnly; Secure; SameSite=None
content-length: 965
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=136020391&tm=gtm002&Ver=2&mid=53e7bcab-6a28-4686-9f33-b97ee6863f3e&sid=3bfdcdc0970611ed852d2b5978e8247c&vid=3bfdf410970611ed923a01c61ab94a68&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&p=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&r=<=3032&evt=pageLoad&sv=1&rn=40689
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=136020391&tm=gtm002&Ver=2&mid=53e7bcab-6a28-4686-9f33-b97ee6863f3e&sid=3bfdcdc0970611ed852d2b5978e8247c&vid=3bfdf410970611ed923a01c61ab94a68&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&p=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&r=<=3032&evt=pageLoad&sv=1&rn=40689
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=136020391&tm=gtm002&Ver=2&mid=53e7bcab-6a28-4686-9f33-b97ee6863f3e&sid=3bfdcdc0970611ed852d2b5978e8247c&vid=3bfdf410970611ed923a01c61ab94a68&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&p=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&r=<=3032&evt=pageLoad&sv=1&rn=40689 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1E88221D454F6EAF3FC1308044186FA7; domain=.bing.com; expires=Mon, 12-Feb-2024 08:00:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A36525BD18D4FC789A9E6DD57ABD94C Ref B: OSL30EDGE0412 Ref C: 2023-01-18T08:00:55Z
date: Wed, 18 Jan 2023 08:00:54 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/136020391.js
204.79.197.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/136020391.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 91b9c5b483ad644ba7fffd51b6914cdb
5decbbc225f49b350f23a254ca1ad2d4d80f2ad9
2d6aa7f8f944555adbb0ad2ecb66f5045f665211c4c395b6fb640b599f521571
GET /p/action/136020391.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1447
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=372F1778A6B06D88218205E5A7E76C83; domain=.bing.com; expires=Mon, 12-Feb-2024 08:00:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B351EA411294320975AA7DE7CA54A17 Ref B: OSL30EDGE0412 Ref C: 2023-01-18T08:00:55Z
date: Wed, 18 Jan 2023 08:00:54 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c0d02e4046fb62aef125205988d43d7e
bc26563c48e2165ecdf856b9e16056ca22cffdeb
bb840682edc078ac9869a3a66b674a9e493784057423e928a8dbad3e05988f1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB840682EDC078AC9869A3A66B674A9E493784057423E928A8DBAD3E05988F1F"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Wed, 18 Jan 2023 10:27:38 GMT
Date: Wed, 18 Jan 2023 08:00:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3026
Cache-Control: max-age=143788
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Etag: "63c72a12-1d7"
Expires: Thu, 19 Jan 2023 23:57:23 GMT
Last-Modified: Tue, 17 Jan 2023 23:06:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash f96ac6d23518cd0485e1d41d276d8184
58de3ad32744f1f92b86e9f60c29094c7ba5b115
a1b6546dc485dbbfc652a64b11655450987e9a391e44b05a6eb20b323ede242c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=4719629;type=countesi;cat=empik001;ord=6818919097208;gtm=2wg1a1;auiddc=1182733369.1674028854;u1=undefined;u2=undefined;u3=undefined;u4=null;u5=null;u6=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0;u7=Homepage;u8=false;u9=false;u10=undefined;u11=undefined;u12=undefined;u13=desktop;u14=undefined;u15=0.01;u16=gtm.dom;u17=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=undefined;u24=undefined;u25=undefined;u26=undefined;u27=undefined;~oref=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:00:55 GMT
expires: Wed, 18 Jan 2023 08:00:55 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136deac737e24f8f989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c138d6e2617071a10acf9f29f6748d780da032d6b4efb7e7001d36d8d63c603370c2a9356560a61010bc6b86f4977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c4076515fa0db2c682803adf8182d89fefc78c6b30a76182cadf7a0949b77bbcfc248b5038e523c64ceed86a7b376cccee879cf774a91bac3330751b02671fdcd543db5c6a82bd219f003f6d97781108e8d2c913563c7c57b8a34c389feb6cbb28c447fa276f3e6f77f0068e08132c3ef54f6011b6e840c07c58188cdcda38133c624d09db4813cf96a74098f7e7490979f4027d3e97aef16f19c708070bf721d4f57c238bf0eddceea68ae8805c611eb99dbd771d10b0423bd581313261a3087bc64b754d9c0c77cf4cd34b3d02d9adaa9d250cffea75f2626d8a71e53d8f7510c4cb4fce530f178d8bf1efdea3ca060b262cd41de0684f069861e67a4fd807a2d613145735c0d53f3bed27ed810e95752517ea9c71386cd464887eccdb0ae68c6eee4fb83feabf2554e3afc4386b4516686467707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30e85780e223c1f7a139cdcf9dd3c7a49871b4391bec5a9e48f0a518cbaaf7c88ce757cdcd2103461fc95c72477de20813ed969b44cc25387aa61f9a82ef0d8cd8bcc5568fde125628471a28db2a31e99682a447dc1373215d8e03b8ab957a8fbdfa246d195c376576355b42faa1bab53b58569943a4b2445240e7c870389eb4e52c46f82d1a47cb0cd5f906631ef476e26f485cd1818aa28e78410c615684333fc4970ddfc8c3195002c90d342fd9c88b2&cri=Vny9wY2kOb&ts=298&cb=1674028855222
54.75.69.192200 OK 43 B URL HTTP/2 eor.ediemidnightzombies.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136deac737e24f8f989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c138d6e2617071a10acf9f29f6748d780da032d6b4efb7e7001d36d8d63c603370c2a9356560a61010bc6b86f4977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c4076515fa0db2c682803adf8182d89fefc78c6b30a76182cadf7a0949b77bbcfc248b5038e523c64ceed86a7b376cccee879cf774a91bac3330751b02671fdcd543db5c6a82bd219f003f6d97781108e8d2c913563c7c57b8a34c389feb6cbb28c447fa276f3e6f77f0068e08132c3ef54f6011b6e840c07c58188cdcda38133c624d09db4813cf96a74098f7e7490979f4027d3e97aef16f19c708070bf721d4f57c238bf0eddceea68ae8805c611eb99dbd771d10b0423bd581313261a3087bc64b754d9c0c77cf4cd34b3d02d9adaa9d250cffea75f2626d8a71e53d8f7510c4cb4fce530f178d8bf1efdea3ca060b262cd41de0684f069861e67a4fd807a2d613145735c0d53f3bed27ed810e95752517ea9c71386cd464887eccdb0ae68c6eee4fb83feabf2554e3afc4386b4516686467707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30e85780e223c1f7a139cdcf9dd3c7a49871b4391bec5a9e48f0a518cbaaf7c88ce757cdcd2103461fc95c72477de20813ed969b44cc25387aa61f9a82ef0d8cd8bcc5568fde125628471a28db2a31e99682a447dc1373215d8e03b8ab957a8fbdfa246d195c376576355b42faa1bab53b58569943a4b2445240e7c870389eb4e52c46f82d1a47cb0cd5f906631ef476e26f485cd1818aa28e78410c615684333fc4970ddfc8c3195002c90d342fd9c88b2&cri=Vny9wY2kOb&ts=298&cb=1674028855222
IP 54.75.69.192:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136deac737e24f8f989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c138d6e2617071a10acf9f29f6748d780da032d6b4efb7e7001d36d8d63c603370c2a9356560a61010bc6b86f4977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c4076515fa0db2c682803adf8182d89fefc78c6b30a76182cadf7a0949b77bbcfc248b5038e523c64ceed86a7b376cccee879cf774a91bac3330751b02671fdcd543db5c6a82bd219f003f6d97781108e8d2c913563c7c57b8a34c389feb6cbb28c447fa276f3e6f77f0068e08132c3ef54f6011b6e840c07c58188cdcda38133c624d09db4813cf96a74098f7e7490979f4027d3e97aef16f19c708070bf721d4f57c238bf0eddceea68ae8805c611eb99dbd771d10b0423bd581313261a3087bc64b754d9c0c77cf4cd34b3d02d9adaa9d250cffea75f2626d8a71e53d8f7510c4cb4fce530f178d8bf1efdea3ca060b262cd41de0684f069861e67a4fd807a2d613145735c0d53f3bed27ed810e95752517ea9c71386cd464887eccdb0ae68c6eee4fb83feabf2554e3afc4386b4516686467707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30e85780e223c1f7a139cdcf9dd3c7a49871b4391bec5a9e48f0a518cbaaf7c88ce757cdcd2103461fc95c72477de20813ed969b44cc25387aa61f9a82ef0d8cd8bcc5568fde125628471a28db2a31e99682a447dc1373215d8e03b8ab957a8fbdfa246d195c376576355b42faa1bab53b58569943a4b2445240e7c870389eb4e52c46f82d1a47cb0cd5f906631ef476e26f485cd1818aa28e78410c615684333fc4970ddfc8c3195002c90d342fd9c88b2&cri=Vny9wY2kOb&ts=298&cb=1674028855222 HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 18 Jan 2023 08:00:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=16497&a=96990
178.250.0.147200 OK 42 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=16497&a=96990
IP 178.250.0.147:0
File type ASCII text, with very long lines (43225)
Hash ad39adcf89bf6d3a3faeb447ce7498bc
36dacde10a399006b1298d699473d1b12e08746e
d99b1c8dbf111d8c133c0f0bc0c43aff07d403c940f68454596f9668d6ea51e8
GET /js/ld/ld.js?a=16497&a=96990 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:54 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
swrap.tradedoubler.com/wrap?id=20020
35.186.231.97200 OK 1 B URL HTTP/2 swrap.tradedoubler.com/wrap?id=20020
IP 35.186.231.97:0
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /wrap?id=20020 HTTP/1.1
Host: swrap.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Wed, 18 Jan 2023 08:00:54 GMT
content-length: 1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1042480178/?random=1674028854627&cv=11&fst=1674028854627&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&tiba=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&auid=1182733369.1674028854&data=ecomm_pagetype%3Dother%3Bgoogle_user_id%3D&rfmt=3&fmt=4
142.250.74.66200 OK 995 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1042480178/?random=1674028854627&cv=11&fst=1674028854627&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&tiba=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&auid=1182733369.1674028854&data=ecomm_pagetype%3Dother%3Bgoogle_user_id%3D&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2401), with no line terminators
Hash 620d48f5eaf5555decb537cbc077c4cf
e6248ba713738dbe6f4cf6ef7c931b6b80957154
62c4a1d6058feaa56896ec83b6674d5d0083fa2be712fb38fd076047ef2c4464
GET /pagead/viewthroughconversion/1042480178/?random=1674028854627&cv=11&fst=1674028854627&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&tiba=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&auid=1182733369.1674028854&data=ecomm_pagetype%3Dother%3Bgoogle_user_id%3D&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:00:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 995
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 08:15:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3026
Cache-Control: max-age=143788
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Etag: "63c72a12-1d7"
Expires: Thu, 19 Jan 2023 23:57:23 GMT
Last-Modified: Tue, 17 Jan 2023 23:06:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c0d02e4046fb62aef125205988d43d7e
bc26563c48e2165ecdf856b9e16056ca22cffdeb
bb840682edc078ac9869a3a66b674a9e493784057423e928a8dbad3e05988f1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB840682EDC078AC9869A3A66B674A9E493784057423E928A8DBAD3E05988F1F"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Wed, 18 Jan 2023 10:27:38 GMT
Date: Wed, 18 Jan 2023 08:00:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash f96ac6d23518cd0485e1d41d276d8184
58de3ad32744f1f92b86e9f60c29094c7ba5b115
a1b6546dc485dbbfc652a64b11655450987e9a391e44b05a6eb20b323ede242c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eor.ediemidnightzombies.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1678
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.empik.com
content-type: application/json
date: Wed, 18 Jan 2023 08:00:55 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash e1c7515ba5231aaae042ef63071a8562
676673d88597e11f572ac38844b18562ab57b920
002b5adabb3fb37aa6c0f18adee2f221a770e217fe95a027fcf8b8fe84794a19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1042480178/?random=1674028854627&cv=11&fst=1674028800000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&tiba=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&data=ecomm_pagetype%3Dother%3Bgoogle_user_id%3D&fmt=3&is_vtc=1&random=1786020155&rmt_tld=0&ipr=y
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1042480178/?random=1674028854627&cv=11&fst=1674028800000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&tiba=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&data=ecomm_pagetype%3Dother%3Bgoogle_user_id%3D&fmt=3&is_vtc=1&random=1786020155&rmt_tld=0&ipr=y
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1042480178/?random=1674028854627&cv=11&fst=1674028800000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&tiba=Empik.com%20%7C%203%20000%20000%20produkt%C3%B3w%20i%20pomys%C5%82%C3%B3w%20na%20prezent%20%7C%20Dostawa%20za%200%20z%C5%82%20z%20Empik%20Premium&data=ecomm_pagetype%3Dother%3Bgoogle_user_id%3D&fmt=3&is_vtc=1&random=1786020155&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:00:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=875294015836999&ev=PageView&dl=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&rl=&if=false&ts=1674028855646&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22593873978256382%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22PLN%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22760550274643224%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1674028855645.847308573&it=1674028855380&coo=false&exp=c1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=875294015836999&ev=PageView&dl=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&rl=&if=false&ts=1674028855646&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22593873978256382%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22PLN%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22760550274643224%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1674028855645.847308573&it=1674028855380&coo=false&exp=c1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=875294015836999&ev=PageView&dl=https%3A%2F%2Fwww.empik.com%2F%3Futm_source%3Dfallback%26utm_medium%3Dfallback%26utm_campaign%3Dfallback%26utm_id%3Dfallback%26utm_term%3Dfallback%26utm_content%3D0&rl=&if=false&ts=1674028855646&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22593873978256382%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22PLN%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22760550274643224%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1674028855645.847308573&it=1674028855380&coo=false&exp=c1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Jan 2023 08:00:55 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 18bf6f110d4e88ee265f6da6d21bd123
21b106133c400cd4f7faf212f0d377515fc894bd
dc7c5bcb1d7e58289f8b618ff21ddbbda12536f8635135280ccae84cfe7e4e9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 188
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Last-Modified: Wed, 18 Jan 2023 07:57:47 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 18bf6f110d4e88ee265f6da6d21bd123
21b106133c400cd4f7faf212f0d377515fc894bd
dc7c5bcb1d7e58289f8b618ff21ddbbda12536f8635135280ccae84cfe7e4e9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 188
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Last-Modified: Wed, 18 Jan 2023 07:57:47 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 2ba43181ef28ed2dca6f0614e3524724
debbdc8706a9c572baf0bd9aa6fc68bd6a46f9f4
f95a250c7c0f433146479595728b91c6e8f91c6890e51e35d7803ef8d8c71352
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 726
Cache-Control: max-age=107256
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:55 GMT
Etag: "63c6a459-138"
Expires: Thu, 19 Jan 2023 13:48:31 GMT
Last-Modified: Tue, 17 Jan 2023 13:36:25 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312
gum.criteo.com/syncframe?topUrl=www.empik.com&origin=onetag
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.empik.com&origin=onetag
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?topUrl=www.empik.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:54 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=cdc78f4b-d2b7-4bb1-8a2c-1b2b2447162f; expires=Mon, 12 Feb 2024 08:00:54 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 815354
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 139 kB IP 178.250.2.146:0
Size 139 kB (139271 bytes)
Hash b63bd3c7213c8605f92fe908fb1fdff0
6c59e415b59134673d56e793ae66d85f4a1d556b
9a7a42f0bc44f64be2b47c65771d5542642b13b2a9d3a3b2a520077ee7fae427
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=8fMxZ180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjJNZ0RQN3ZwViUyRkdtZTd0VzYxM21HWEVub1VUYXBDU2J4ZVhqOVdWNldp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=PVPtG180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjJNZ0RQN3ZwViUyRkdtZTd0VzYxM21FeXpjcEpFcUlVRDd5NGF0eFElMkZUbFo; expires=Mon, 12 Feb 2024 08:00:56 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 272516
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1601
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.empik.com
content-type: application/json
date: Wed, 18 Jan 2023 08:00:56 GMT
content-length: 0
X-Firefox-Spdy: h2
nebula-cdn.kampyle.com/we/263992/onsite/embed.js
151.101.193.175200 OK 518 B URL HTTP/2 nebula-cdn.kampyle.com/we/263992/onsite/embed.js
IP 151.101.193.175:0
File type ASCII text, with very long lines (573)
Hash 6f268e958a981529643cb1ce1e9f3fa7
f43467b98916c19507ca335dd0838eac2269ca7d
c5af154f341a77c4d9cb7b0064010b56c161ce166a01a285886cb6e22df785af
GET /we/263992/onsite/embed.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F1nzXDfW79gvsx12PllgbuOzKIe+3vp1qE0bDox3TbwUe3kpmq+0MQlwh3xjf8NiheCpjqXNH50=
x-amz-request-id: 68MHEDG5MMA920TW
last-modified: Wed, 07 Dec 2022 11:49:32 GMT
etag: "84b7999f9f6125e665830a2f485a3a48"
x-amz-version-id: Fw7YH9bDN9wR.HlbYBEuHQG.NTBimdYh
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Wed, 18 Jan 2023 08:00:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 36
x-timer: S1674028856.449513,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 518
X-Firefox-Spdy: h2
nebula-cdn.kampyle.com/eu/we/263992/onsite/generic1670413770906.js
151.101.193.175200 OK 83 kB URL HTTP/2 nebula-cdn.kampyle.com/eu/we/263992/onsite/generic1670413770906.js
IP 151.101.193.175:0
File type Unicode text, UTF-8 text, with very long lines (38862)
Hash 0da871195aa43783994517329a3619c0
6a290b0ab13d5c2467db7fc9ab0302a220482d0a
941612e0d46545edb49243601e1d8116822b9a08d1a3f27a89a7ff5b712ee410
GET /eu/we/263992/onsite/generic1670413770906.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ++TZvrd98bBQ3uT/jt2F3iqLXXzKkSjj7EgU9YXXnvYIV8PLMUGwqfgOROhdPjjL6TiPyI7ICRk=
x-amz-request-id: 5CB7CN6MJNBZR69F
last-modified: Wed, 07 Dec 2022 11:49:32 GMT
etag: "863bb046dfb5a86786c658731d706f9f"
x-amz-version-id: MoVkKLyPaxyPDGXuKp6rjGvUN.v2JnFl
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Wed, 18 Jan 2023 08:00:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1674028856.475947,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 83320
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4b715f47f67aeba2556eef169ce36374
8fd6c7c12be9de85ae21ca42d837b68bf7145ae6
18d737e74c36fd0bf470a7bfbc7eb6ce853f278d56c25858b8e8b00567fd6dd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4133
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:56 GMT
Last-Modified: Wed, 18 Jan 2023 06:52:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
creativecdn.com/tags?id=pr_z61klopz7pPnI0fx8auc_home
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/tags?id=pr_z61klopz7pPnI0fx8auc_home
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_z61klopz7pPnI0fx8auc_home HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=0QkebxOHyoX3J4o9CFbt;Path=/;Domain=.creativecdn.com;Expires=Thu, 18-Jan-2024 08:00:56 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1674028856;Path=/;Domain=.creativecdn.com;Expires=Thu, 18-Jan-2024 08:00:56 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?id=pr_z61klopz7pPnI0fx8auc_home&tc=1
content-length: 0
X-Firefox-Spdy: h2
nebula-cdn.kampyle.com/we/263992/forms/16233/formData1599810714680_en.json
151.101.193.175200 OK 2.2 kB URL HTTP/2 nebula-cdn.kampyle.com/we/263992/forms/16233/formData1599810714680_en.json
IP 151.101.193.175:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7865), with no line terminators
Hash f7d0974c79c1fdf60de56177c1a6bd9c
fcb4068e86fca95972cbea82f766e07b03447005
b153758dd283bd96903b75f668d29671fabe54a8b28e00d032e99d83781986fe
GET /we/263992/forms/16233/formData1599810714680_en.json HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Ok9/uh7ap0spO1r/JoyEECGDyj3ddCmlmNxLyxBevEelizUiPwfC6ElbvdrfF+owrqFug590FF0=
x-amz-request-id: TNGDX13BC4AA1Y11
last-modified: Fri, 22 Jan 2021 10:08:31 GMT
etag: "54161109939499188efa13376d0c97cf"
x-amz-version-id: nMxu.k7aJpoTzVWvMklYAKf.dIDt20_S
content-type: application/json
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Wed, 18 Jan 2023 08:00:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1674028857.596970,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 2158
X-Firefox-Spdy: h2
nebula-cdn.kampyle.com/we/263992/forms/16576/formData1599724644094_en.json
151.101.193.175200 OK 2.0 kB URL HTTP/2 nebula-cdn.kampyle.com/we/263992/forms/16576/formData1599724644094_en.json
IP 151.101.193.175:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5897), with no line terminators
Hash d64de6bf0b9fb3ff9435d0be650d9c51
00b8bc281aa97c19de6fea138719ec84f95f84cb
98e38a3834c9199495288a505084bc60094e4e4ee782f7874eea68a1d7fde1f5
GET /we/263992/forms/16576/formData1599724644094_en.json HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: TNBvKTMFjYBkCFtYtBFpBKm8I0jlC6lrSSYk6Vr1GP7hXBzKwCMCKANw6wFKxq5nPs6+saftfQI=
x-amz-request-id: TNG4QK20HZ8ZN43P
last-modified: Fri, 22 Jan 2021 10:08:31 GMT
etag: "45c9a17059e7898e9e7134ee257b570d"
x-amz-version-id: g3_iMBeNDzO3_C9VT9fAs11vAs.ZmFvQ
content-type: application/json
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Wed, 18 Jan 2023 08:00:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1674028857.600743,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1972
X-Firefox-Spdy: h2
creativecdn.com/tags?id=pr_z61klopz7pPnI0fx8auc_home&tc=1
185.184.8.90204 No Content 0 B URL HTTP/2 creativecdn.com/tags?id=pr_z61klopz7pPnI0fx8auc_home&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_z61klopz7pPnI0fx8auc_home&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.empik.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/136020391
13.107.238.67200 OK 2.0 kB URL HTTP/2 www.clarity.ms/tag/uet/136020391
IP 13.107.238.67:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 73f31ceb676f4c9dc1d3d571e244f4b5
a0d08cef3b406828cee4b8d7a5d3755aa495ff0a
087ccb3e5a642686258d519198eea50dbd637a19d71aa764defbcfc330f3e767
GET /tag/uet/136020391 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=a8d9489a27c14cddbaa19e6b720073dd.20230118.20240118; expires=Thu, 18 Jan 2024 08:00:55 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0N6fHYwAAAAB8aGH05fVCQJ0JOqP49OhXQ1BIMzBFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 18 Jan 2023 08:00:55 GMT
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
23.36.79.32200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 09e9bdc02bd94387901641c0b3a1f8f0
7bf30498ae27e11f7fc60b438b090f15b67ca113
d8f79f755ae4e42d98623589e5e6420342ce199553a3b7b7713caaaec65117e9
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: _ttp=2KUUrrIX2RueXtGVxg8kAKrX013
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023011217582238FCAA3D419588756972
x-tt-trace-host: 01e57b2566233939c0b7a614d728f3c137bda4b6e8ffed077a25e96861feda11fa551f058721a274fc4605886b55ca626730a56b385a942b4129028dfc561d0b618d751524aad0a4ae27ef533e55d2e8e40a3ad2aaa7ba995375ace641e8e6ae3a
content-encoding: gzip
date: Wed, 18 Jan 2023 08:00:56 GMT
content-length: 68605
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 42e14246
X-Firefox-Spdy: h2
ocsps.ssl.com/
100.24.223.135200 OK 1.8 kB IP 100.24.223.135:0
Hash 3ae265d32be3f0cef772656b267ec148
c591577449c5f3de70a1bc80084118a7c4af42fd
683383d5e78755a1aa1283822b87695063eb416d04b821de2ef4afd71c16ba43
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 08:00:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Tue, 24 Jan 2023 16:48:26 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "c591577449c5f3de70a1bc80084118a7c4af42fd"
Last-Modified: Tue, 17 Jan 2023 16:48:27 GMT
X-Proxy-Cache: HIT
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: _ttp=2KUUrrIX2RueXtGVxg8kAKrX013
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Wed, 18 Jan 2023 08:00:56 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 42e14301
X-Firefox-Spdy: h2
ocsps.ssl.com/
100.24.223.135200 OK 1.8 kB IP 100.24.223.135:0
Hash a4135c12ba34b75a6e54b4486ece9d17
494f41049e34adab0b7e7e6607f16518cf1bfb3f
f59fe52993d22c2cf4767725109dcf9699c97bafe0853012a73aa488e3413ded
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 08:00:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Tue, 24 Jan 2023 13:45:22 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "494f41049e34adab0b7e7e6607f16518cf1bfb3f"
Last-Modified: Tue, 17 Jan 2023 13:45:23 GMT
X-Proxy-Cache: HIT
ocsps.ssl.com/
100.24.223.135200 OK 1.8 kB IP 100.24.223.135:0
Hash a4135c12ba34b75a6e54b4486ece9d17
494f41049e34adab0b7e7e6607f16518cf1bfb3f
f59fe52993d22c2cf4767725109dcf9699c97bafe0853012a73aa488e3413ded
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 08:00:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Tue, 24 Jan 2023 13:45:22 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "494f41049e34adab0b7e7e6607f16518cf1bfb3f"
Last-Modified: Tue, 17 Jan 2023 13:45:23 GMT
X-Proxy-Cache: HIT
live-chat.chatbotize.com/chatbotize-entrypoint.min.js
172.67.75.189200 OK 2.4 kB URL HTTP/2 live-chat.chatbotize.com/chatbotize-entrypoint.min.js
IP 172.67.75.189:0
File type ASCII text, with very long lines (7037), with no line terminators
Hash f353f6c3249b62db0c66607ad546a5d0
517257000224be57a7363e3dc3b4084656a527e8
33a4766792d9501f7bba78d6f53d7ad8de874023b16ec039e323b03e822776bd
GET /chatbotize-entrypoint.min.js HTTP/1.1
Host: live-chat.chatbotize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:56 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 11:46:11 GMT
vary: Accept-Encoding
expires: Wed, 18 Jan 2023 08:10:27 GMT
cache-control: max-age=900, public
cf-cache-status: HIT
age: 329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PABhry%2Ba7Y0ZrGj5OkzC922g%2B2T0rGbYyFy77mFarcAi0YgpjySm1XKnT5bhq3LYq%2FiTXVN5TfBkg4V82xENV2GyeuIrs7A3pacdB1EUMbJmGJ%2FZobtJa%2B%2BqrOO7s1ahrxhBL5GhksE2vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b5ccc2bf08b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 873
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: _ttp=2KUUrrIX2RueXtGVxg8kAKrX013
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023011808005684499BFAC53F13BF67E2
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebf19fbc71ad19cc2e486e184d061108f6e2df1bfa50abafbab3d4735e0025ac28a4b41ae2119b97a733b7ec17e0932aecad52d2d0267d866d0860fc9f26a18c2b10a192efc945d470c846625e40500f54
x-origin-response-time: 19,23.218.223.21
x-akamai-request-id: 3f814a2b.42e1430a
expires: Wed, 18 Jan 2023 08:00:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 18 Jan 2023 08:00:57 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-218-223-21.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=118, origin; dur=19, inner; dur=16
x-parent-response-time: 133,23.36.79.28
X-Firefox-Spdy: h2
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
35.241.45.82200 OK 1.6 kB URL HTTP/2 udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP 35.241.45.82:0
Hash 527cbea672fc1efa47efa6602b851391
9f8a58b185868eff46c62d7115c4ae9e22dc3a6e
54049ca123b7418cba853218d5ffd020ef97c9ba8b2d45472283fb8b511b1258
POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2310
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.empik.com
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-green-05d9
x-application-context: application:9090
content-type: text/plain;charset=ISO-8859-1
content-length: 59
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
35.241.45.82200 OK 59 B URL HTTP/2 udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP 35.241.45.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ab969c512ad71613832d03710eadde2
f64271cfa7e4b386fed80e18a958a90ffd1e3893
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2559
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.empik.com
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-green-wk7t
x-application-context: application:9090
content-type: text/plain;charset=ISO-8859-1
content-length: 59
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
35.241.45.82200 OK 59 B URL HTTP/2 udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP 35.241.45.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ab969c512ad71613832d03710eadde2
f64271cfa7e4b386fed80e18a958a90ffd1e3893
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2559
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.empik.com
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-green-c04m
x-application-context: application:9090
content-type: text/plain;charset=ISO-8859-1
content-length: 59
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
live-chat.chatbotize.com/2.chatbotize-entrypoint.min.js
172.67.75.189200 OK 18 kB URL HTTP/2 live-chat.chatbotize.com/2.chatbotize-entrypoint.min.js
IP 172.67.75.189:0
File type ASCII text, with very long lines (61130), with no line terminators
Hash d6f0f9886615c6e56ad4d4383e9bbca1
1df702ef9aa84cc7c6fbc2ce2c791e242dabe75e
9240bbe70b4726950a492e389e0a548664d6e79fde262d4d104d3388e1c129ea
GET /2.chatbotize-entrypoint.min.js HTTP/1.1
Host: live-chat.chatbotize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 11:46:11 GMT
vary: Accept-Encoding
expires: Wed, 18 Jan 2023 08:14:23 GMT
cache-control: max-age=900, public
cf-cache-status: HIT
age: 94
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPIh9HBYFmA6PNKF5bpzosZDzMmAubvHjA8441E4mzzM35AjERQOF1j1gNu%2Bhtx4WYeip92xhnS60OVBYGiexjfghQ5ykl8Qp3u8Ls8G%2BH2nR06wuBf5%2FBT6kV8P56d1b412LUWTB7zAOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b5ccc4393eb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
files.chatbotize.com/empik/icon_open.png
172.67.75.189200 OK 2.0 kB URL HTTP/2 files.chatbotize.com/empik/icon_open.png
IP 172.67.75.189:0
File type PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 20ada97c558ada540f945c123f335e0b
bdde524f6b6e0f6256f8bf46c6b9e923449e8b0d
fbfe522b69ca7040a109b51ea4e94f4890663bc899bd7367b21bfdd6988e7bbe
GET /empik/icon_open.png HTTP/1.1
Host: files.chatbotize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/png
content-length: 1999
last-modified: Fri, 17 Dec 2021 07:26:43 GMT
etag: "61bc3bb3-7cf"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 5199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrtcNJX21j2%2BL8iHjb%2BKGsGsKstmHhxGQNxRb6lmVu9GfuvI9zHyqhQbdNhSKsgmnefjk%2Bl7b9XTWTZA%2F0GllWito09SORaVF%2B7BK3fSJg4wrxUVehg%2FDRqC5RF2UFs2l6GQWByI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b5ccc4ea2fb4f1-OSL
X-Firefox-Spdy: h2
herochat-plugin.chatbotize.com/instances/55ba5f792e694813b99f99671946396a/multilingual/livechat
172.67.75.189200 OK 45 kB URL HTTP/2 herochat-plugin.chatbotize.com/instances/55ba5f792e694813b99f99671946396a/multilingual/livechat
IP 172.67.75.189:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3539), with no line terminators
Hash b455a60c28f68d27e35045e3612646f0
5cc3340a217bf4eb8b5116948fbd4074f562f69b
5e89265d6831d6f33edc51a0b67e22ddd23063314daff540c3d9e1fdb24284c6
GET /instances/55ba5f792e694813b99f99671946396a/multilingual/livechat HTTP/1.1
Host: herochat-plugin.chatbotize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:56 GMT
content-type: application/json
access-control-allow-origin: https://www.empik.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu6Dv%2BvZisXb4MhdyEgVX78V6ydP%2FnfE5AYeFpRvOORuvJn2Y77iiHUF4LG4e5PISFnMNNpFMargHOB2%2Fy1CzZnCAMkNqmidQIvJSdHbN1XJotaCdLYVgYoJWmlWYHpgqiTqW6PGlC7%2BlcV5R6tJdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b5ccc3ad96fac8-OSL
content-encoding: br
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1765
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.empik.com
content-type: application/json
date: Wed, 18 Jan 2023 08:00:57 GMT
content-length: 0
X-Firefox-Spdy: h2
tr.chatbotize.com/webhook/visited-url
172.67.75.189200 OK 0 B URL HTTP/2 tr.chatbotize.com/webhook/visited-url
IP 172.67.75.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /webhook/visited-url HTTP/1.1
Host: tr.chatbotize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.empik.com/
Origin: https://www.empik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
access-control-allow-origin: *
access-control-allow-methods: PATCH, HEAD, PUT, GET, POST, DELETE
access-control-allow-headers: content-type
vary: Access-Control-Request-Method, Access-Control-Request-Headers
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC%2BwHo%2FpTs66RpRfpPmd1sOoJqofRABi6LTl9CS6zuiZQZOBCIWE09fNW4S8KjB2W8X3cpU8rQX2scLAv4HBX3k5Zd8PPNn6mHNWf3oYDQuWWjLz307RugTwWspZIfnmmiYq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b5ccc59f7efac8-OSL
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1646
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.empik.com
content-type: application/json
date: Wed, 18 Jan 2023 08:00:57 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b5e62650519dd89cec0c0950b563c96d
95062135838a0d93ea573bd8f08171b856fdabd0
507f88315fee614f0890cbcbc15479d895de46d3ac115acee3861a7346b1b6a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "507F88315FEE614F0890CBCBC15479D895DE46D3AC115ACEE3861A7346B1B6A2"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17223
Expires: Wed, 18 Jan 2023 12:48:00 GMT
Date: Wed, 18 Jan 2023 08:00:57 GMT
Connection: keep-alive
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1627
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.empik.com
access-control-allow-credentials: true
date: Wed, 18 Jan 2023 08:00:56 GMT
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-vPe68lsLYZHfNBcL1TxeS4yrUXVgbE0VSIj74Q
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-vPe68lsLYZHfNBcL1TxeS4yrUXVgbE0VSIj74Q
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-vPe68lsLYZHfNBcL1TxeS4yrUXVgbE0VSIj74Q HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&RedC=c.clarity.ms&MXFR=23805DF70A1A692230F34F6A0E1A67CF
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&RedC=c.clarity.ms&MXFR=23805DF70A1A692230F34F6A0E1A67CF
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&RedC=c.clarity.ms&MXFR=23805DF70A1A692230F34F6A0E1A67CF HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.empik.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&MUID=0AD3A08404B7654F3FD4B21905E064FB
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0AD3A08404B7654F3FD4B21905E064FB; domain=c.bing.com; expires=Mon, 12-Feb-2024 08:00:57 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EBE36F8582F47CDB256359FCD5B05A5 Ref B: OSL30EDGE0412 Ref C: 2023-01-18T08:00:57Z
date: Wed, 18 Jan 2023 08:00:56 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b5e62650519dd89cec0c0950b563c96d
95062135838a0d93ea573bd8f08171b856fdabd0
507f88315fee614f0890cbcbc15479d895de46d3ac115acee3861a7346b1b6a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "507F88315FEE614F0890CBCBC15479D895DE46D3AC115ACEE3861A7346B1B6A2"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17223
Expires: Wed, 18 Jan 2023 12:48:00 GMT
Date: Wed, 18 Jan 2023 08:00:57 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 803357cbe4519fb86480e2350c5a339c
6fe4ef93b7c41826a71135ea926c1575b238f2a7
6d3bfc5dddd44edb5bbf29286ded57414fd7a0fbddeb27063e911f15d208c938
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 08:00:57 GMT
Last-Modified: Wed, 18 Jan 2023 06:12:32 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xWSnc1hvFvc8sGcey3yDfxEsEgeYA8AovnQzlvRD8D9-Sx-ATAeJSQ==
Age: 6506
c.clarity.ms/c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&MUID=0AD3A08404B7654F3FD4B21905E064FB
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&MUID=0AD3A08404B7654F3FD4B21905E064FB
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=1518646B8B5B46DFAAA15F19E162E3D5&MUID=0AD3A08404B7654F3FD4B21905E064FB HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.empik.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 18-Jan-2023 08:10:57 GMT; path=/; SameSite=None; Secure;
date: Wed, 18 Jan 2023 08:00:56 GMT
content-length: 42
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:56 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 913801
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-KYaBCVsLYZHfNBcL1TxeS4yrUXV9Tk4Eh6naJA
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-KYaBCVsLYZHfNBcL1TxeS4yrUXV9Tk4Eh6naJA
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-KYaBCVsLYZHfNBcL1TxeS4yrUXV9Tk4Eh6naJA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Wed, 18 Jan 2023 08:00:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 18 Jan 2023 08:00:57 GMT
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-SNovvlsLYZHfNBcL1TxeS4yrUXX-i8q4buqEhQ
23.38.200.22200 OK 185 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-SNovvlsLYZHfNBcL1TxeS4yrUXX-i8q4buqEhQ
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 2928dbfed4988ff900a5b71bc377b1dd
c0121c4706f66d9da0b6f8641555aa517e8c11c7
91dd324553ada6ebadf22405bbf3dff8c04ea24f5eb880b7a6f83110a1727a68
GET /cksync.php?cs=3&type=crt&ovsid=k-SNovvlsLYZHfNBcL1TxeS4yrUXX-i8q4buqEhQ HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 185
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Wed, 18 Jan 2023 08:00:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 18 Jan 2023 08:00:57 GMT
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg
172.64.154.237302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg
IP 172.64.154.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:57 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg&C=1
cf-ray: 78b5ccc8e9dab4fd-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8enOTyOmnOpYw7SBXXSWAAA; Path=/; Domain=casalemedia.com; Expires=Thu, 18 Jan 2024 08:00:57 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1870; Path=/; Domain=casalemedia.com; Expires=Tue, 18 Apr 2023 08:00:57 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1870; Path=/; Domain=casalemedia.com; Expires=Tue, 18 Apr 2023 08:00:57 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkeJQMXjsQ5r97l9qFvLeUUV1dItv8%2BT1Wl%2FOMsDiM2ccxNZMzSnebYbLYQGUVzATKpyUDQfYJ8hVv0PzGQRnzwVIaCknyJ1gdWHXvIiS53cUQIRE7P02JonwWNSatdeCExL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0f19d1a664ef8542293bc85e78a0c56
01eeb1b3648a6a86ea05574113533d80cf95ec65
8721c4080bd091a7d2fcd5ec6cd166b26c41efa83c5791ee2cd5d540ca285af9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4763
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:57 GMT
Last-Modified: Wed, 18 Jan 2023 06:41:35 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 010bf88d77d801d3288a04f44f056648
fc9e7edde6dd9c0d430cb9d7647427dae871cb21
17aa4487f9bb4de5cfe1cf722d1a474b4f4a08e5d25abbf8c1b440fecd87abb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 663
Cache-Control: max-age=148619
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:57 GMT
Etag: "63c7462d-1d7"
Expires: Fri, 20 Jan 2023 01:17:56 GMT
Last-Modified: Wed, 18 Jan 2023 01:06:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ
142.250.74.130302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2d37129b8a4ccfa7ee0b525caf489e19
1c099b89a98659f08feb7d6feec897198e4f8ad2
b758e07c886bc4abd1e23045bcc62191c473e0c8bdf537f73ca5a697ac587bce
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm=&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ&google_tc=
date: Wed, 18 Jan 2023 08:00:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 08:15:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-OqR4IVsLYZHfNBcL1TxeS4yrUXWv1Y2efnzz4g
37.157.3.20200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-OqR4IVsLYZHfNBcL1TxeS4yrUXWv1Y2efnzz4g
IP 37.157.3.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-OqR4IVsLYZHfNBcL1TxeS4yrUXWv1Y2efnzz4g HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
etag: "637799aa-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-TGHqR1sLYZHfNBcL1TxeS4yrUXU38UO0r5kBuA
23.43.133.70204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-TGHqR1sLYZHfNBcL1TxeS4yrUXU38UO0r5kBuA
IP 23.43.133.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-TGHqR1sLYZHfNBcL1TxeS4yrUXU38UO0r5kBuA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Tue, 17 Jan 2023 08:00:57 GMT
Date: Wed, 18 Jan 2023 08:00:57 GMT
Connection: keep-alive
Set-Cookie: id=cc0f33d6-1bca-4139-9659-dfc8f2294295; Path=/; Domain=prod.svc.y6b.de; Expires=Thu, 18-Jan-2024 08:00:57 GMT; Max-Age=31536000; Secure; SameSite=None
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uj9ogFsLYZHfNBcL1TxeS4yrUXWJXkDsF4OJOA&expires=30
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uj9ogFsLYZHfNBcL1TxeS4yrUXWJXkDsF4OJOA&expires=30
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-uj9ogFsLYZHfNBcL1TxeS4yrUXWJXkDsF4OJOA&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm=&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ&google_tc=
142.250.74.130302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm=&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f55605d1c5fa7c53f7c8f7ab01d65fdc
6f8b88fa2806e5d70bc23d69e6f90f30b88c3e61
2ab9dd3707318f8ede47bcf2658bfd4bdef207d33cb71eb6d2ff93340ab5af0e
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_cm=&google_hm=ay1Rd3NIdDFzTFlaSGZOQmNMMVR4ZVM0eXJVWFZWM0c0UDIxQ3NGQQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_error=3
date: Wed, 18 Jan 2023 08:00:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 18 Jan 2023 08:00:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 9875f46a-7a46-4657-b1de-dc2360d701b9
Set-Cookie: uuid2=1189784527002926142; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 18-Apr-2023 08:00:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash bc03d059d02da11121a3d2a727ff5a3c
ed478ff3ca011d30241bf4a82f78c6dae9c1ba67
f9b9eddaa2143aeadec9cf1804cffdf80275eb11e44ec643682b843bd731182c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106852
Date: Wed, 18 Jan 2023 08:00:57 GMT
Etag: "63c69c0a-1d7"
Expires: Thu, 19 Jan 2023 13:41:49 GMT
Last-Modified: Tue, 17 Jan 2023 13:00:58 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vBusMj2PoQoTaAZoY978nGfSfcR23fdt2aeDJ_fIqi3Tl1_UmL6WeA==
Age: 2451
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg&C=1
172.64.154.237200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg&C=1
IP 172.64.154.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-fTeKq1sLYZHfNBcL1TxeS4yrUXV5GKp88TLZxg&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/gif
content-length: 43
cf-ray: 78b5ccc96a80b4fd-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDnak1r%2BaDQaydU8IkF9Cqt5b2nw79gw8AJgME6n%2FwktnH8G8CLAjtq1%2F%2F2qch1bFUlcUTivqU%2FiIsABpprFXpxtN769w7ZahFV9dz%2BSrxdHMsW3ekvqFGsX4vntRo3n4NGJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=2711&xuid=k-UN8-M1sLYZHfNBcL1TxeS4yrUXW3n0qGx2seHA&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-UN8-M1sLYZHfNBcL1TxeS4yrUXW3n0qGx2seHA&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-UN8-M1sLYZHfNBcL1TxeS4yrUXW3n0qGx2seHA&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 4722d4b04917fb3b49164ea954e4a89d
fd939e84939e863d7a892d443805a4bda5e54853
adf54d09c8144664b08523807cdb043a058761be02accbdd65ec19a596756458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164435
Date: Wed, 18 Jan 2023 08:00:57 GMT
Etag: "63c77cfc-1d7"
Expires: Fri, 20 Jan 2023 05:41:32 GMT
Last-Modified: Wed, 18 Jan 2023 05:00:44 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YzAOLHgp6tjBR83j4PGtB54ZdCuNjQG7U2gZngeZq9smkn0XljhqFQ==
Age: 2448
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-bC0JBlsLYZHfNBcL1TxeS4yrUXUV2U7GE2v6aSvR6GlOTJiu
35.157.126.255200 OK 20 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-bC0JBlsLYZHfNBcL1TxeS4yrUXUV2U7GE2v6aSvR6GlOTJiu
IP 35.157.126.255:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /usersync/push?partner=criteo&partnerId=k-bC0JBlsLYZHfNBcL1TxeS4yrUXUV2U7GE2v6aSvR6GlOTJiu HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%223d815f00-9706-11ed-9322-23ed273434b4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 01 Feb 2023 08:00:57 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%223d815f00-9706-11ed-9322-23ed273434b4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 01 Feb 2023 08:00:57 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%223d815f00-9706-11ed-9322-23ed273434b4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 01 Feb 2023 08:00:57 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%223d815f00-9706-11ed-9322-23ed273434b4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 01 Feb 2023 08:00:57 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-bC0JBlsLYZHfNBcL1TxeS4yrUXUV2U7GE2v6aSvR6GlOTJiu%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Wed, 01 Feb 2023 08:00:57 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e4d88c1d3dad44890818aea066a7e09f
d0f045067e67d50ac4af7f3dbf445dff6261ae32
7292b379e2f044207f316c292f07697a795b69c614349ce48993434a6d1a5ba2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7292B379E2F044207F316C292F07697A795B69C614349CE48993434A6D1A5BA2"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17084
Expires: Wed, 18 Jan 2023 12:45:41 GMT
Date: Wed, 18 Jan 2023 08:00:57 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 92e45e0fb4b9a1d6e1e879d93dd20c60
f4b992e2329dbf0656fa19596d3b87fe1ad03018
55b231bc5aba92c90c22ea735581ddcba3e6ed1ae13349f4ef251c3494c22231
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151725
Date: Wed, 18 Jan 2023 08:00:57 GMT
Etag: "63c73f35-1d7"
Expires: Fri, 20 Jan 2023 02:09:42 GMT
Last-Modified: Wed, 18 Jan 2023 00:37:09 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t3ozyo_OFWTdsWf7IHrZ7sP4LG_2u96CsTkbUgJYxmYBm-5NLr1nAw==
Age: 5553
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ALOhb1sLYZHfNBcL1TxeS4yrUXX0QXpN6lQGhA
52.57.206.183204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ALOhb1sLYZHfNBcL1TxeS4yrUXX0QXpN6lQGhA
IP 52.57.206.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ALOhb1sLYZHfNBcL1TxeS4yrUXX0QXpN6lQGhA HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 18 Jan 2023 08:00:57 GMT
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-NlTWBlsLYZHfNBcL1TxeS4yrUXXdObuKMOjxPg
141.95.98.64200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-NlTWBlsLYZHfNBcL1TxeS4yrUXXdObuKMOjxPg
IP 141.95.98.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-NlTWBlsLYZHfNBcL1TxeS4yrUXXdObuKMOjxPg HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Wed, 18-Jan-2023 08:05:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Wed, 18-Jan-2023 08:05:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Wed, 18-Jan-2023 08:05:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Wed, 18-Jan-2023 08:05:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Wed, 18-Jan-2023 08:05:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Wed, 18-Jan-2023 08:05:57 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Wed, 18 Jan 2023 08:00:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5b260ae920b0b400fbb37eec1d438563
129ba1800acd56c3b48c01a69227669563f10925
ef1862da52c8a13cae46dba868d0a9cec8458b22f9aec9176db46fce43a43f05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5029
Cache-Control: max-age=117318
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:57 GMT
Etag: "63c6bada-1d7"
Expires: Thu, 19 Jan 2023 16:36:15 GMT
Last-Modified: Tue, 17 Jan 2023 15:12:26 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c9d33359f8adede9f0d60eabc6518848
ef33a045714eee400d18d4e53a1c09d35da2aad8
6083d2b7313321be344a0e4905a3722a04f31ba5db5b9466423c01e0c99b296d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:00:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 03:11:54 GMT
Expires: Wed, 25 Jan 2023 03:11:53 GMT
Etag: "ef33a045714eee400d18d4e53a1c09d35da2aad8"
Cache-Control: max-age=586855,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b5ccca29900b51-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 293f45d73b83d93c7fa3c36e1202ba1b
d98618928612ebb9bc26240637c3593c91481f66
483fb179fa74faee694975da4f4251711403c6f9b53fac3672f13798023222c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:57 GMT
Last-Modified: Wed, 18 Jan 2023 06:11:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg
18.184.98.240302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg
IP 18.184.98.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg
set-cookie: tuuid=ed6eb59d-f56b-498e-ac80-c1cf380b08c9; Expires=Tue, 18 Apr 2023 08:00:57 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674028857; Expires=Tue, 18 Apr 2023 08:00:57 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9cefe2174f16a9b0b45ff92b7f33460d
df3c3488d94c5310d6691dd62be1fdc3e320f613
aab2799a8fd2e028ce4ca9a26491e8f7f59275889ab581ec90571e74ae9bd7c1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 08:00:57 GMT
Last-Modified: Wed, 18 Jan 2023 06:23:02 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rALf5o-2zXrR1t0wR9MW2MzT95TX7JJkUvbRJPAFlrEbUfXf3YxI6Q==
Age: 5875
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:57 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDmnx2MCELtCMFdH1v9GIEQq3BdRF3UFEgEBAQH4yGPRYwAAAAAA_eMAAA&S=AQAAAiq-_OE2_sloHWTmB85qBjs; Expires=Thu, 18 Jan 2024 14:00:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8796e6a2b9ae3b266a776ede62580e69
c5740324bb0c3faee35f93e1a81bcf7dd4271a89
1dfee7ac16c08adcd6320bd503d9031d6b85b74d73cd81c19b299dfbba82037b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:00:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 13:56:51 GMT
Expires: Tue, 24 Jan 2023 13:56:50 GMT
Etag: "c5740324bb0c3faee35f93e1a81bcf7dd4271a89"
Cache-Control: max-age=539152,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b5ccc94eb6b4eb-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46a56cce68bfd977f6e7bfc4f3835b33
d468ba73156815a49283c91895f99c644ef1bbeb
2719eaa8df02b2bcaa8fcbb02a779357c33b986fa70f786517cca8bf330672aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4839
Cache-Control: max-age=170793
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:58 GMT
Etag: "63c78c7c-1d7"
Expires: Fri, 20 Jan 2023 07:27:31 GMT
Last-Modified: Wed, 18 Jan 2023 06:06:52 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg
18.184.98.240200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg
IP 18.184.98.240:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-ryyBe1sLYZHfNBcL1TxeS4yrUXUc_Dq1ih8prg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:58 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yT3N-1sLYZHfNBcL1TxeS4yrUXV29G14InMMwQ
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yT3N-1sLYZHfNBcL1TxeS4yrUXV29G14InMMwQ
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yT3N-1sLYZHfNBcL1TxeS4yrUXV29G14InMMwQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=cf10e5f38079331f38a2e66fd7c8f0f1; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 08:00:57 GMT
content-length: 49
x-envoy-upstream-service-time: 22
server: ayl-lb-fra02
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-xVRD6lsLYZHfNBcL1TxeS4yrUXUiEpv_Re6Ugg&pn_id=criteo&ext=1
54.194.137.201200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-xVRD6lsLYZHfNBcL1TxeS4yrUXUiEpv_Re6Ugg&pn_id=criteo&ext=1
IP 54.194.137.201:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-xVRD6lsLYZHfNBcL1TxeS4yrUXUiEpv_Re6Ugg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:58 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g79971f6492f35c442ac%7C1674028858047%7C0%7C; Domain=.yieldmo.com; Expires=Thu, 18-Jan-2024 08:00:58 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-xVRD6lsLYZHfNBcL1TxeS4yrUXUiEpv_Re6Ugg; Domain=ads.yieldmo.com; Expires=Thu, 18-Jan-2024 08:00:58 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 08:00:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg&KRTB&23144-uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg&KRTB&23286-uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg&KRTB&23287-uid:k-y6jqDVsLYZHfNBcL1TxeS4yrUXX-lkcDfCtEeg; domain=pubmatic.com; secure; expires=Fri, 17-Feb-2023 08:00:58 GMT; path=/
PugT=1674028858; domain=pubmatic.com; secure; expires=Fri, 17-Feb-2023 08:00:58 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-Vu2zrVsLYZHfNBcL1TxeS4yrUXXyn2vltP5gTw&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 18 Jan 2023 08:00:58 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDqnx2MCEGRTbo_AquXjcyRNqu0XXWMFEgEBAQH4yGPRYwAAAAAA_eMAAA&S=AQAAAo_npBFcu6_wH5G5yPI-Alo; Expires=Thu, 18 Jan 2024 14:00:58 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30
52.58.161.171302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30
IP 52.58.161.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:58 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=a3780798-c7c9-4c59-ae67-41cbe8eec25b; path=/; expires=Thu, 18-Jan-2024 08:00:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674028858; path=/; expires=Thu, 18-Jan-2024 08:00:58 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674028858; path=/; expires=Thu, 18-Jan-2024 08:00:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674028858; path=/; expires=Thu, 18-Jan-2024 08:00:58 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 830f1190be00b973f6ef09e3d9bf6507
7dc9d36c17ed01e497dde088dfec47bcd4fe35f6
98e71bdee99fd097eb2a5717d61eef5c481c543b4f881c1aaac2bdcc945e7490
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: max-age=135484
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:58 GMT
Etag: "63c70f63-1d7"
Expires: Thu, 19 Jan 2023 21:39:02 GMT
Last-Modified: Tue, 17 Jan 2023 21:13:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/ibs:dpid=28645&dpuuid=
54.217.237.24302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 54.217.237.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=54351628798121921840972821008837159790; Max-Age=15552000; Expires=Mon, 17 Jul 2023 08:00:58 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qIpp2NSARQk=
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30
52.58.161.171200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30
IP 52.58.161.171:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-uytvy1sLYZHfNBcL1TxeS4yrUXVEoTdHw0Pbcw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:58 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 7d90a0017868f6b60b04c21c4665455d
08028479b1688b82aece625906e88b4a492cd49c
e29d7d417d472eac03bc0b4f7ca4c235f02e3c18192e78635e238a99af8729b9
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 18 Jan 2023 08:00:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 17 Jan 2023 20:59:33 GMT
Expires: Wed, 18 Jan 2023 20:59:33 GMT
ETag: "08028479b1688b82aece625906e88b4a492cd49c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
54.217.237.24200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 54.217.237.24:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0f822ad5b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: e/Lp3pfERts=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 302f5db0ed0ce7761ff2e3ea0f922677
6e5267942894fd355bbd0957c675883fa2d4be79
3dd627d8739d410c5f0446c7e3a1f488b64712b9375a6a48de6feb99d113e1d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122070
Date: Wed, 18 Jan 2023 08:00:58 GMT
Etag: "63c6d726-1d7"
Expires: Thu, 19 Jan 2023 17:55:28 GMT
Last-Modified: Tue, 17 Jan 2023 17:13:10 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MjYUwRC2fE42Co8Fxsx-Mdul-uCuupcijcrdMqOzTJRhOqGV18GhgQ==
Age: 2538
e1.emxdgt.com/put?d=d53&uid=k-qy8ztlsLYZHfNBcL1TxeS4yrUXV4GNM-VO6hQeWCejZ3_acY
3.71.169.66204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-qy8ztlsLYZHfNBcL1TxeS4yrUXV4GNM-VO6hQeWCejZ3_acY
IP 3.71.169.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-qy8ztlsLYZHfNBcL1TxeS4yrUXV4GNM-VO6hQeWCejZ3_acY HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Wed, 18 Jan 2023 08:00:57 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-nvtND1sLYZHfNBcL1TxeS4yrUXWo84XQalfEWQ
64.202.112.159200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-nvtND1sLYZHfNBcL1TxeS4yrUXWo84XQalfEWQ
IP 64.202.112.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-nvtND1sLYZHfNBcL1TxeS4yrUXWo84XQalfEWQ HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:00:58 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 1a60a36d4400a2e15cb480a2d939868a
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:57 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 625938
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eabb1ca4cca7ec12484e1081951b9938
727e7b1e193cf419f870ba386b256a64657684ea
be872a7d2c051e0a24f2ac039f75b49f542f77e48db0f7cdf8abc22956073d3c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1703
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:58 GMT
Last-Modified: Wed, 18 Jan 2023 07:32:35 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
eor.ediemidnightzombies.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1641
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Cookie: cg_uuid=1e3c41de5675dfb11779904fed5d0646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.empik.com
content-type: application/json
date: Wed, 18 Jan 2023 08:00:58 GMT
content-length: 0
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
34.247.119.70204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 34.247.119.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 18 Jan 2023 08:00:58 GMT
set-cookie: _kuid_=PU11ETnT; Expires=Mon, 17-Jul-23 08:00:58 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n008-dub-prod.krxd.net
x-request-time: D=36 t=1674028858
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 18 Jan 2023 08:00:58 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 595123
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash de9b5748b924db99305310af9ff963d9
96381b4ec953df4445bcfae3f37ef2ea6605696e
324aef11b73f1813ebcfdf005f2c573259d85fe7048dbc103c898c27168cf2a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6289
Cache-Control: max-age=121110
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:00:58 GMT
Etag: "63c6c4bf-13a"
Expires: Thu, 19 Jan 2023 17:39:28 GMT
Last-Modified: Tue, 17 Jan 2023 15:54:39 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-WpZfwVsLYZHfNBcL1TxeS4yrUXX8t_5lulbx7w
185.86.139.106200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-WpZfwVsLYZHfNBcL1TxeS4yrUXX8t_5lulbx7w
IP 185.86.139.106:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-WpZfwVsLYZHfNBcL1TxeS4yrUXX8t_5lulbx7w HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 18 Jan 2023 08:00:57 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3332661585770872877; expires=Sun, 18 Feb 2024 08:00:58 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 18 Feb 2024 08:00:58 GMT; domain=smartadserver.com; path=/
csync=79:k-WpZfwVsLYZHfNBcL1TxeS4yrUXX8t_5lulbx7w; expires=Thu, 18 Jan 2024 08:00:58 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 5ca32f517b1b69826fbd4094d2ae4d71
8b3ade4cafde211e6df624ca8d8c2563dec0dd4c
8af270a5d583d017bd355d5173cab2287cd2a0ebfa78d5bd70b231d78db2289d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8AF270A5D583D017BD355D5173CAB2287CD2A0EBFA78D5BD70B231D78DB2289D"
Last-Modified: Tue, 17 Jan 2023 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1025
Expires: Wed, 18 Jan 2023 08:18:03 GMT
Date: Wed, 18 Jan 2023 08:00:58 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.141.241.190200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.141.241.190:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:58 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 3e56d770-9706-11ed-ad4c-0000ac170312
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-441574.js?sv=7
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-441574.js?sv=7
IP 143.204.55.54:0
GET /c/hotjar-441574.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 08:00:45 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/2899f90d2a3524810dc9dcfffec49517
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1KCrTLf7C9Kj0Mh41lacx30BsFWKLXNmRvRnls1nAVT3Ur7Dk2I6-Q==
age: 9
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.empik.com
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b5cca668cb0b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.231200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.231:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 135664
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=%5B16497%2C96990%5D&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=EFLy-l9RaU42aU0lMkJ2UktBa3IxZEViSCUyRm9VR1E1OW8xSjFkZFRkR3VqMzRtZXdlQ2VUZmNDcXNWemo3WmlqaENUJTJGc3QzeE9jRjY0TGF0dEtJU0djdE95bFZoNWJpeTBCTE9BSkZyaGp6WFJSSE01Y21aRTQ1UmlUYUxObnJQTEhPaDJ3VXpHQVhnajhoaU55YlN0TyUyRlVtUmVxZyUzRCUzRA&tld=empik.com&dy=1&fu=https%253A%252F%252Fwww.empik.com%252F%253Futm_source%253Dfallback%2526utm_medium%253Dfallback%2526utm_campaign%253Dfallback%2526utm_id%253Dfallback%2526utm_term%253Dfallback%2526utm_content%253D0&dtycbr=53046
178.250.0.163200 OK 0 B URL HTTP/2 sslwidget.criteo.com/event?a=%5B16497%2C96990%5D&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=EFLy-l9RaU42aU0lMkJ2UktBa3IxZEViSCUyRm9VR1E1OW8xSjFkZFRkR3VqMzRtZXdlQ2VUZmNDcXNWemo3WmlqaENUJTJGc3QzeE9jRjY0TGF0dEtJU0djdE95bFZoNWJpeTBCTE9BSkZyaGp6WFJSSE01Y21aRTQ1UmlUYUxObnJQTEhPaDJ3VXpHQVhnajhoaU55YlN0TyUyRlVtUmVxZyUzRCUzRA&tld=empik.com&dy=1&fu=https%253A%252F%252Fwww.empik.com%252F%253Futm_source%253Dfallback%2526utm_medium%253Dfallback%2526utm_campaign%253Dfallback%2526utm_id%253Dfallback%2526utm_term%253Dfallback%2526utm_content%253D0&dtycbr=53046
IP 178.250.0.163:0
GET /event?a=%5B16497%2C96990%5D&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=EFLy-l9RaU42aU0lMkJ2UktBa3IxZEViSCUyRm9VR1E1OW8xSjFkZFRkR3VqMzRtZXdlQ2VUZmNDcXNWemo3WmlqaENUJTJGc3QzeE9jRjY0TGF0dEtJU0djdE95bFZoNWJpeTBCTE9BSkZyaGp6WFJSSE01Y21aRTQ1UmlUYUxObnJQTEhPaDJ3VXpHQVhnajhoaU55YlN0TyUyRlVtUmVxZyUzRCUzRA&tld=empik.com&dy=1&fu=https%253A%252F%252Fwww.empik.com%252F%253Futm_source%253Dfallback%2526utm_medium%253Dfallback%2526utm_campaign%253Dfallback%2526utm_id%253Dfallback%2526utm_term%253Dfallback%2526utm_content%253D0&dtycbr=53046 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:56 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 21742084
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.2.151:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 402382
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.191200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.191:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 155599
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
13.107.238.67200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP 13.107.238.67:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d928dd7500799e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0UkzHYwAAAAB8DKre+HtXRqq/R0kdV7izRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0OKfHYwAAAADDVhzHZb/tRacadODlvoJpQ1BIMzBFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 18 Jan 2023 08:00:55 GMT
X-Firefox-Spdy: h2
live-chat.chatbotize.com/0.chatbotize-entrypoint.min.js
172.67.75.189200 OK 0 B URL HTTP/2 live-chat.chatbotize.com/0.chatbotize-entrypoint.min.js
IP 172.67.75.189:0
GET /0.chatbotize-entrypoint.min.js HTTP/1.1
Host: live-chat.chatbotize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.empik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 11:33:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rKXSAfKGYzXfjOa%2F1WzupMOw%2BEvKVt26R8a%2FIu095EPlOhFNlktZSENZ3F72h9FqJG254i5KfwL0WPscKrCp054M4wSta1qnnfUX2wm6jYlETvLZfY40A%2B07lnKtHLfTmdYFtdMGfeY8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b5ccc4da29b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-IYnoLlsLYZHfNBcL1TxeS4yrUXVwZOHsTwrpYg
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-IYnoLlsLYZHfNBcL1TxeS4yrUXVwZOHsTwrpYg
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-IYnoLlsLYZHfNBcL1TxeS4yrUXVwZOHsTwrpYg HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 08:00:57 GMT
x-fastly-to-nlb-rtt: 22207
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_error=3
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_error=3
IP 178.250.2.151:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QwsHt1sLYZHfNBcL1TxeS4yrUXVV3G4P21CsFA&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 213623
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-x1CwHlsLYZHfNBcL1TxeS4yrUXUqjQBIPae26g
54.173.17.229200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-x1CwHlsLYZHfNBcL1TxeS4yrUXUqjQBIPae26g
IP 54.173.17.229:0
GET /sync?UICR=k-x1CwHlsLYZHfNBcL1TxeS4yrUXUqjQBIPae26g HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 08:00:58 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2