r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16052
Expires: Sat, 25 Mar 2023 00:07:36 GMT
Date: Fri, 24 Mar 2023 19:40:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9309
Expires: Fri, 24 Mar 2023 22:15:13 GMT
Date: Fri, 24 Mar 2023 19:40:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 19:27:39 GMT
content-type: application/json
age: 746
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8813
Expires: Fri, 24 Mar 2023 22:06:58 GMT
Date: Fri, 24 Mar 2023 19:40:05 GMT
Connection: keep-alive
trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
94.158.244.13301 Moved Permanently 178 B URL HTTP/1.1 trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
IP 94.158.244.13:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 24 Mar 2023 19:40:04 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sTk1GpAGtUKRQ00tQoZysdM4BE30vBjezFdn99F6OYv0yaFvurUBlrumHNZGpueaUifqauZF0Zs=
x-amz-request-id: C7BGDJFT9BP633Z8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 18:54:37 GMT
age: 2728
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 19:40:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash e16304d2b4e90a61fce495be481351f1
bc8cec2b9d2ac0398e1a7b0f7139377328cee0f3
15628c4394a91ebb14d713f0b657d739f393f8e948f22ea9f5201488d6dd87d1
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:40:05 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 15:01:51 GMT
Expires: Fri, 31 Mar 2023 15:01:50 GMT
Etag: "bc8cec2b9d2ac0398e1a7b0f7139377328cee0f3"
Cache-Control: max-age=587504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad162461a11b4f1-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 19:17:23 GMT
age: 1362
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10200
Expires: Fri, 24 Mar 2023 22:30:05 GMT
Date: Fri, 24 Mar 2023 19:40:05 GMT
Connection: keep-alive
push.services.mozilla.com/
52.34.13.204101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.13.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OnouUyPyMFRbLxC92uPwQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B911ET5CJ+NhcuL2bszCUPdPqME=
trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
94.158.244.13200 OK 4.5 kB URL HTTP/1.1 trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
IP 94.158.244.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b7d0ded6dbc1119ef1af0b7d19b0b4d
14eb8c9d90b8cb071e9a14d05804d46eb4b37fd1
dc36fff4ebd79737eca99b610d5dae9dc9f411a51c1531c0381892e2e9d11f96
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; expires=Fri, 28-Apr-2023 19:40:05 GMT; Max-Age=3024000; path=/; HttpOnly
juid=ab760bfc0d4242d89e6eca3f406ea797; path=/
device_view=full; expires=Mon, 24-Apr-2023 19:40:06 GMT; Max-Age=2678400; path=/; httponly
Cache-Control: max-age=0, must-revalidate, private
pragma: no-cache
Expires: Fri, 24 Mar 2023 19:40:06 GMT
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608321b2d7d9f849b46e7fb22419d291
6d6d7ea8959a3ac466cbb69b5e08547ad1bc6207
da8bf75801fbc541fccc8c44d03b9ceba2f92bddeafe0c54f260072eabb28d81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lck2n8UAAAAANrz2R33yKA4KKGYjKDiDMuZRIL_
216.58.207.228200 OK 587 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lck2n8UAAAAANrz2R33yKA4KKGYjKDiDMuZRIL_
IP 216.58.207.228:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 06813ad6234954fc07a776ed02ccd884
6720ad54efae6bdd62b81a6c881e9b0f5da9175e
e92b031b2b63f957e2ea9ccd71fa7d0bfb43a831549195e491015234b5fec3d5
GET /recaptcha/api.js?render=6Lck2n8UAAAAANrz2R33yKA4KKGYjKDiDMuZRIL_ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 24 Mar 2023 19:40:06 GMT
date: Fri, 24 Mar 2023 19:40:06 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 587
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ac8d4dabc0044d3f9300e6f09b86bc68
331a761e7d051c94831a30254ca3ce25b2e7dd2d
05ef2753d9e9b8cd1f09c88eb1cc42ee88ffd4db561c9a05e069373c24112d60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trivia.buzz/landings/phone-subscription/css/style.min.css?1679663864?v1
94.158.244.13200 OK 31 kB URL HTTP/1.1 trivia.buzz/landings/phone-subscription/css/style.min.css?1679663864?v1
IP 94.158.244.13:0
File type Unicode text, UTF-8 text, with very long lines (30588)
Hash bdd36005d15ffa71d7083d7f2e37e1f7
29db89f3dff630b795e0628817fe365439f01576
1843f4a5edca94fe0ca48346190b95aea912ae217a9704dc08025d59c4c6a9e6
GET /landings/phone-subscription/css/style.min.css?1679663864?v1 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:06 GMT
Content-Type: text/css
Content-Length: 30608
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-7790"
Expires: Sun, 23 Apr 2023 19:40:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/vendor/just-validate/dist/css/justValidateTooltip.min.css?1679663864
94.158.244.13200 OK 482 B URL HTTP/1.1 trivia.buzz/vendor/just-validate/dist/css/justValidateTooltip.min.css?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (482), with no line terminators
Hash 01390357ae541e2f2143ed1b20828422
e9f122484653f99b634827e0b2134d9b159874f9
30b4fdd3106974e4470262da0388ade180e3d7f2f53e2e71e9f66c7c871907be
GET /vendor/just-validate/dist/css/justValidateTooltip.min.css?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: text/css
Content-Length: 482
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-1e2"
Expires: Sun, 23 Apr 2023 19:40:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/js/build/http-request.min.js?1679663864
94.158.244.13200 OK 752 B URL HTTP/1.1 trivia.buzz/js/build/http-request.min.js?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (752), with no line terminators
Hash 495814f03bec7af1b0bda03c8b62cc80
fd0440bd74e0b16105308d45f5b4cc0917027d48
1167e88260cf2227ef7f475f0c3889810bcd60a04342c0e893ad4404f53a11fb
GET /js/build/http-request.min.js?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: application/javascript
Content-Length: 752
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-2f0"
Expires: Sun, 23 Apr 2023 19:40:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/css/spin-and-win.min.css?1679663864
94.158.244.13200 OK 6.2 kB URL HTTP/1.1 trivia.buzz/css/spin-and-win.min.css?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (6150), with no line terminators
Hash 600bd6c6c8f3a39a1ca821a0e3b1d196
1dd6ff1513e1bca73a3f66a2336e93c93f6ac9b0
9cb63e76fe594fe504d40254226a55d8231a71cd7cc4cddd8720a88ab6e3fdc1
GET /css/spin-and-win.min.css?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: text/css
Content-Length: 6150
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-1806"
Expires: Sun, 23 Apr 2023 19:40:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/js/build/spin-and-win.min.js?1679663864
94.158.244.13200 OK 2.9 kB URL HTTP/1.1 trivia.buzz/js/build/spin-and-win.min.js?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (2935), with no line terminators
Hash ea3e35279858ea2108c5aeedaa1454fc
3b31a9261eee363f2dd1d65d6e90e7abc79b257d
0efbd31fee9698d855ac3069f955a444aebb245133e51cf6ae9c79797da27d50
GET /js/build/spin-and-win.min.js?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: application/javascript
Content-Length: 2935
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-b77"
Expires: Sun, 23 Apr 2023 19:40:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/css/more-for-today.min.css?1679663864
94.158.244.13200 OK 14 kB URL HTTP/1.1 trivia.buzz/css/more-for-today.min.css?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (14449), with no line terminators
Hash ab642077c30ac566a5f22436031a691a
62d32a3e8f72de67c325f7ccba4a95beb6e340a7
91f5180fc30afd84cd7865b02cc96ce2b7e997e5e4856493888494591d9447ee
GET /css/more-for-today.min.css?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: text/css
Content-Length: 14449
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-3871"
Expires: Sun, 23 Apr 2023 19:40:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ca3a2cc88f5c8a7669812ec7af0e14bf
fbb85820ada745d1e030c13874f96b14f8544884
d61b12522a039a526703bd7f747ae3614b660f1bc001044585c3c72907568d83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trivia.buzz/vendor/just-validate/dist/js/just-validate.min.js?1679663864
94.158.244.13200 OK 13 kB URL HTTP/1.1 trivia.buzz/vendor/just-validate/dist/js/just-validate.min.js?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (13331), with no line terminators
Hash 70177692a3aa4e85d0665a4910e94732
fe9657cccf6ebb5eb88a28f6ad1cdd183c775fbf
c4a223ab79d2303e28575356ce4c63425a8167400bb79b1f85dc0f61e236921d
GET /vendor/just-validate/dist/js/just-validate.min.js?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: application/javascript
Content-Length: 13331
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-3413"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7746
Expires: Fri, 24 Mar 2023 21:49:13 GMT
Date: Fri, 24 Mar 2023 19:40:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7746
Expires: Fri, 24 Mar 2023 21:49:13 GMT
Date: Fri, 24 Mar 2023 19:40:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7746
Expires: Fri, 24 Mar 2023 21:49:13 GMT
Date: Fri, 24 Mar 2023 19:40:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7746
Expires: Fri, 24 Mar 2023 21:49:13 GMT
Date: Fri, 24 Mar 2023 19:40:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MOdi4IjE6ooc_bhXhjI2pikpJfBxxg7kS8qHmvDRZD169vLef4FKYw==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 79056
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48579581-7121-436c-a612-bb4c179f2542.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48579581-7121-436c-a612-bb4c179f2542.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f46d765cbcbbcd9707a21eec12d80002
d9bab36f53de76263a67bc34364e33bed28d35cd
772e85ac55db0fc3ca75329e0197c7caeff466e90b5cf85df7ccb44a85a253f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48579581-7121-436c-a612-bb4c179f2542.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4438
x-amzn-requestid: ce3cbb97-2a19-4499-8ab7-18cf5f99b5ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK85SG3_oAMFQcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa83b-2750db5d028ac4ac54a865f8;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i8RKZ45tq0_xv4QXuqOWJlj849eqWB8rFFAopdO-jmtsu8hmtV6uJA==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 07:21:31 GMT
age: 44316
etag: "d9bab36f53de76263a67bc34364e33bed28d35cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:16:43 GMT
age: 77004
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d6ed667dad0c17b3f1697f6ad5f1dd2
9eff2b1900bc9788dfbff11fce69cc7c944b1fc1
ec0f7b928c7efd46d2679477acd9f3bf0b335f31b9739c4e925b23bd5cd16a05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8385
x-amzn-requestid: 7b1e47a8-7adb-48d9-9b0e-036305a77957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbmGJsoAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-2e4e7a3b14bfce4210def298;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 61beGZuZOIgOsG91c3VjhfcAEk4jwLQ1wyZ8OufNOLMkPwRSCcHo7Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 04:34:28 GMT
age: 54339
etag: "9eff2b1900bc9788dfbff11fce69cc7c944b1fc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 06:10:34 GMT
age: 48573
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04db6085e8ec938c1385fb33b32ae036
0f173b8971723ec380a9610b3dda8f64890f6f37
873d5942c34057339f7a9c53a9d4cdc3a0b82f01223f851898da0ebbe0a628bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7482
x-amzn-requestid: 843e4bba-1550-44c4-be10-dd333148f83d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHxFuuIAMFvmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-03f5d2675850409e70748490;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i3f56KYdhzWqiBtE9-vSMBC17mWa0qZfxQb3AmHcNvApYKse8O3DdQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:25:14 GMT
age: 76493
etag: "0f173b8971723ec380a9610b3dda8f64890f6f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TXC7X4W
142.250.74.72200 OK 106 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TXC7X4W
IP 142.250.74.72:0
File type ASCII text, with very long lines (62585)
Size 106 kB (106306 bytes)
Hash b6f5fd21783b3790d7f93496dc38e481
9950accc0bb43fed06852fca141fddbc62687bb8
fc28b325bf2eab5351a0116e64dfc38c211c0d3503875a1cbec7cc9ddbdad087
GET /gtm.js?id=GTM-TXC7X4W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 24 Mar 2023 19:40:07 GMT
expires: Fri, 24 Mar 2023 19:40:07 GMT
cache-control: private, max-age=900
last-modified: Fri, 24 Mar 2023 19:18:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trivia.buzz/js/build/cloudinary.min.js?1679663864
94.158.244.13200 OK 834 B URL HTTP/1.1 trivia.buzz/js/build/cloudinary.min.js?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (834), with no line terminators
Hash b3a0909792127f73b23c953729cf6ff7
3ceac634db73135ea7c7c52bb8c905bcac8f88e9
ef015ced9babaf6ec18f8fa9c70a5b8b02719d5d998507ca53de16ba70f731d0
GET /js/build/cloudinary.min.js?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: application/javascript
Content-Length: 834
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-342"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/landings/phone-subscription/js/build/unsubscribe.min.js?1679663864
94.158.244.13200 OK 845 B URL HTTP/1.1 trivia.buzz/landings/phone-subscription/js/build/unsubscribe.min.js?1679663864
IP 94.158.244.13:0
File type ASCII text, with very long lines (845), with no line terminators
Hash aa99f52a840edafad41c5a79fcf0a4b2
2a71487d6c1e31193ab8f2d791e0637010080a15
dab08856890b4a64a45cad0e3c5d53f2d9f4da96d29793265b7e422cdf307a7b
GET /landings/phone-subscription/js/build/unsubscribe.min.js?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: application/javascript
Content-Length: 845
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-34d"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (31112), with no line terminators
Hash ced43b482bc1e51ed1bccdc98f089862
3459a7c7ff82b6240b5fc31787365ce633680a50
978404ad8ad5ff756892de874487f8de79bb68bbb9b7c4b137d9f91f6977f8b4
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13327
server: CloudFront
date: Fri, 24 Mar 2023 19:40:07 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sat, 25 Mar 2023 18:01:47 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WrxowWleOVekaPg1XISVaZDXCYqYfgGIHq69D3ardyEho3eA7Ms1hg==
X-Firefox-Spdy: h2
trivia.buzz/landings/phone-subscription/img/logo.png
94.158.244.13200 OK 9.3 kB URL HTTP/1.1 trivia.buzz/landings/phone-subscription/img/logo.png
IP 94.158.244.13:0
File type PNG image data, 320 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 778cb5b9ce1f6fa040b834b176b6934d
d9232eecfb128779bfa2223bb4d701645bad1072
b4d30b018c8c21cd7d8a5fa3df88a945e47720add3cee8c24f6e9051c0e87e75
GET /landings/phone-subscription/img/logo.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landings/phone-subscription/css/style.min.css?1679663864?v1
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/png
Content-Length: 9300
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-2454"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/img/spin-and-win/wheel-orange.svg
94.158.244.13200 OK 7.2 kB URL HTTP/1.1 trivia.buzz/img/spin-and-win/wheel-orange.svg
IP 94.158.244.13:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3008)
Hash c3850186d1e31eb9a7f28c0de568a004
e791a3d5bcaa2b68986263280485678a9785ecb8
aa7b59c535ff06eb833d27a8855cbf009d2b0de2e71566dc68562815fb9cb147
GET /img/spin-and-win/wheel-orange.svg HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/css/spin-and-win.min.css?1679663864
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/svg+xml
Content-Length: 7188
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-1c14"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
res.cloudinary.com/iagetech/image/upload/w_960,q_50/v1574161834/justcontent.services/img/articles/preview/5.jpeg
151.101.65.137200 OK 39 kB URL HTTP/2 res.cloudinary.com/iagetech/image/upload/w_960,q_50/v1574161834/justcontent.services/img/articles/preview/5.jpeg
IP 151.101.65.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 960x480, components 3\012- data
Hash 3a492cddbb3bf8e8ffe2abee0337d294
071e42f6c2f7fb00f5d67aed8313a9f76c238d3a
f9e43ec98efaae0083da9f8a46f5f945fe9225443917f5c6432c527a6a745192
GET /iagetech/image/upload/w_960,q_50/v1574161834/justcontent.services/img/articles/preview/5.jpeg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: "3a492cddbb3bf8e8ffe2abee0337d294"
last-modified: Wed, 11 Mar 2020 16:20:05 GMT
date: Fri, 24 Mar 2023 19:40:07 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=146;cpu=0;start=2023-03-24T19:40:07.542Z;desc=miss,rtt;dur=9,cloudinary;dur=51;start=2023-03-24T19:40:07.590Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 38820
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b3a5e0aeb6f10a2a87938ccdee88f1c5
0a17f3af97f1a8e3e292b695af3534d9632f5c86
8ab8a3b96a7490b7dea966209e42532356b5be0d785d46b90e7fb038017f8221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6440
Cache-Control: max-age=129385
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:07 GMT
Etag: "641d39d8-1d7"
Expires: Sun, 26 Mar 2023 07:36:32 GMT
Last-Modified: Fri, 24 Mar 2023 05:49:12 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b3a5e0aeb6f10a2a87938ccdee88f1c5
0a17f3af97f1a8e3e292b695af3534d9632f5c86
8ab8a3b96a7490b7dea966209e42532356b5be0d785d46b90e7fb038017f8221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4196
Cache-Control: max-age=127141
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:07 GMT
Etag: "641d39d8-1d7"
Expires: Sun, 26 Mar 2023 06:59:08 GMT
Last-Modified: Fri, 24 Mar 2023 05:49:12 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b3a5e0aeb6f10a2a87938ccdee88f1c5
0a17f3af97f1a8e3e292b695af3534d9632f5c86
8ab8a3b96a7490b7dea966209e42532356b5be0d785d46b90e7fb038017f8221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6594
Cache-Control: max-age=129539
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:07 GMT
Etag: "641d39d8-1d7"
Expires: Sun, 26 Mar 2023 07:39:06 GMT
Last-Modified: Fri, 24 Mar 2023 05:49:12 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
trivia.buzz/img/spin-and-win/vars-shadow.png
94.158.244.13200 OK 4.4 kB URL HTTP/1.1 trivia.buzz/img/spin-and-win/vars-shadow.png
IP 94.158.244.13:0
File type PNG image data, 382 x 368, 8-bit colormap, non-interlaced\012- data
Hash 743eeb7cd30da1a5e4e812042e664c72
84cf044608c5f47d3d40f0e2c513c0ced699788c
605a27fb71a44a98ed909dc1a901c8765104528c74bf7ea9f7c9e1823b39d39c
GET /img/spin-and-win/vars-shadow.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/css/spin-and-win.min.css?1679663864
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/png
Content-Length: 4365
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-110d"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
tr.snapchat.com/cm/i?pid=46c4b8d0-2a44-4cd8-8864-0ae595bad096&u_scsid=e470441c-3265-4d4a-921e-97aa3c1ef68d&u_sclid=fadb9039-1158-40a7-8ecc-a1c955cac184
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=46c4b8d0-2a44-4cd8-8864-0ae595bad096&u_scsid=e470441c-3265-4d4a-921e-97aa3c1ef68d&u_sclid=fadb9039-1158-40a7-8ecc-a1c955cac184
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=46c4b8d0-2a44-4cd8-8864-0ae595bad096&u_scsid=e470441c-3265-4d4a-921e-97aa3c1ef68d&u_sclid=fadb9039-1158-40a7-8ecc-a1c955cac184 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:07 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=46c4b8d0-2a44-4cd8-8864-0ae595bad096&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&bt=1d53c387&if=false&m_dcl=2766&m_fcps=2581&m_pi=2579&m_pl=0&m_pv=v2&m_rd=2962&m_sl=2959&rf=&trackId=476985db-155f-4922-8994-6f299ca4c761&ts=1679686818922&u_c1=ac75e4e3-dd64-4751-812f-3522c50528e3&u_sclid=fadb9039-1158-40a7-8ecc-a1c955cac184&u_scsid=e470441c-3265-4d4a-921e-97aa3c1ef68d&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=46c4b8d0-2a44-4cd8-8864-0ae595bad096&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&bt=1d53c387&if=false&m_dcl=2766&m_fcps=2581&m_pi=2579&m_pl=0&m_pv=v2&m_rd=2962&m_sl=2959&rf=&trackId=476985db-155f-4922-8994-6f299ca4c761&ts=1679686818922&u_c1=ac75e4e3-dd64-4751-812f-3522c50528e3&u_sclid=fadb9039-1158-40a7-8ecc-a1c955cac184&u_scsid=e470441c-3265-4d4a-921e-97aa3c1ef68d&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=46c4b8d0-2a44-4cd8-8864-0ae595bad096&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&bt=1d53c387&if=false&m_dcl=2766&m_fcps=2581&m_pi=2579&m_pl=0&m_pv=v2&m_rd=2962&m_sl=2959&rf=&trackId=476985db-155f-4922-8994-6f299ca4c761&ts=1679686818922&u_c1=ac75e4e3-dd64-4751-812f-3522c50528e3&u_sclid=fadb9039-1158-40a7-8ecc-a1c955cac184&u_scsid=e470441c-3265-4d4a-921e-97aa3c1ef68d&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:07 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIcE7EcwT1Co63PXyRel2yg0Jeyl5GQSAOMHo2VDWby9xcZ+kHB2V0pjIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 2
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
res.cloudinary.com/iagetech/image/upload/w_960,q_50/v1574240470/justcontent.services/img/articles/preview/222.jpeg
151.101.65.137200 OK 60 kB URL HTTP/2 res.cloudinary.com/iagetech/image/upload/w_960,q_50/v1574240470/justcontent.services/img/articles/preview/222.jpeg
IP 151.101.65.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 960x480, components 3\012- data
Hash 6d635157bcaafc2cf4064fd805408015
dfd6e57caf0a9018ee930f7c1b0159bbcf9d5edb
2b29bcc0a19e3577136ddb9839a443d6213e75d8b30504556ce54c5ac28297d2
GET /iagetech/image/upload/w_960,q_50/v1574240470/justcontent.services/img/articles/preview/222.jpeg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: "6d635157bcaafc2cf4064fd805408015"
last-modified: Thu, 13 Feb 2020 11:27:29 GMT
date: Fri, 24 Mar 2023 19:40:07 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=173;cpu=1;start=2023-03-24T19:40:07.540Z;desc=miss,rtt;dur=9,cloudinary;dur=78;start=2023-03-24T19:40:07.588Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 59646
X-Firefox-Spdy: h2
res.cloudinary.com/iagetech/image/upload/w_960,q_50/v1574240461/justcontent.services/img/articles/preview/239.jpeg
151.101.65.137200 OK 35 kB URL HTTP/2 res.cloudinary.com/iagetech/image/upload/w_960,q_50/v1574240461/justcontent.services/img/articles/preview/239.jpeg
IP 151.101.65.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 960x480, components 3\012- data
Hash 8b0260b007d541c9bc031198b5d31076
3e456af0601f6c5f7fc20392943f1c654812363b
2e4ee1fa52bf60a3045512c14536f184b2dd8f4916f38093b35a84f60d070e73
GET /iagetech/image/upload/w_960,q_50/v1574240461/justcontent.services/img/articles/preview/239.jpeg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: "8b0260b007d541c9bc031198b5d31076"
last-modified: Mon, 25 May 2020 15:42:25 GMT
date: Fri, 24 Mar 2023 19:40:07 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=254;cpu=0;start=2023-03-24T19:40:07.554Z;desc=miss,rtt;dur=9,cloudinary;dur=159;start=2023-03-24T19:40:07.602Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 35157
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash bfa3f9503598ffe52e5c58b43aeaf2c7
4bd9a84bba7675b7bf93860494b1a9cdeca277dd
f080bc581a490259fad83dd77633b34619370bf068ebfca2c5c35106aa9874fb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 24 Mar 2023 18:44:18 GMT
Expires: Sat, 25 Mar 2023 18:44:18 GMT
ETag: "4bd9a84bba7675b7bf93860494b1a9cdeca277dd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b3a5e0aeb6f10a2a87938ccdee88f1c5
0a17f3af97f1a8e3e292b695af3534d9632f5c86
8ab8a3b96a7490b7dea966209e42532356b5be0d785d46b90e7fb038017f8221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6440
Cache-Control: max-age=129385
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:07 GMT
Etag: "641d39d8-1d7"
Expires: Sun, 26 Mar 2023 07:36:32 GMT
Last-Modified: Fri, 24 Mar 2023 05:49:12 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
trivia.buzz/img/spin-and-win/btn.svg
94.158.244.13200 OK 4.9 kB URL HTTP/1.1 trivia.buzz/img/spin-and-win/btn.svg
IP 94.158.244.13:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (632)
Hash 5b5175f09f0684775c7eff2869e799a9
ef17a85b4783686e639b7924e38d1010ae3bbe07
6da3b2046b99198acd00228bb82f23eb6762ef2c18eaa159f5c0b147f3bace5b
GET /img/spin-and-win/btn.svg HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/css/spin-and-win.min.css?1679663864
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/svg+xml
Content-Length: 4863
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-12ff"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/img/spin-and-win/vars.svg
94.158.244.13200 OK 17 kB URL HTTP/1.1 trivia.buzz/img/spin-and-win/vars.svg
IP 94.158.244.13:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3123)
Hash 6b3ddd773af866b64e4d3402e52eaac1
fda547bb78f01293a3c0d12957b57c85d895367f
df5dd1bb6e0b38e8ccd0d9cda0ad1ca8bcb7eb4d7ef42cc0ae8edbabe9deec4f
GET /img/spin-and-win/vars.svg HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/css/spin-and-win.min.css?1679663864
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/svg+xml
Content-Length: 16789
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-4195"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
us-an.gr-cdn.com/v2.1.30.0.umd.js
205.185.216.42200 OK 8.4 kB URL HTTP/2 us-an.gr-cdn.com/v2.1.30.0.umd.js
IP 205.185.216.42:0
File type C source, Unicode text, UTF-8 text, with very long lines (26129)
Hash 35cafa77879eaf28e5650f7647a18162
e63cc6c1f3587f62fc888340790cd5d3d36c26df
d5bcb4518ab9a44f6370de4a33bb18e804d55408896d2af1eee01163aca9539f
GET /v2.1.30.0.umd.js HTTP/1.1
Host: us-an.gr-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:07 GMT
cache-control: max-age=31247282
content-encoding: gzip
content-length: 8444
content-type: application/javascript
last-modified: Tue, 21 Mar 2023 11:14:13 GMT
accept-ranges: bytes
x-amz-id-2: o2g9PffWwnmUGckhK0vB4bCW2SoAKPwIoVIp7AUs+T0AcdAOpg24SDm1h8XoylL1mopXQRkOPAk=
x-amz-request-id: JEZ94EZ8SMQNB7NH
etag: "3eafe7e5e5a0980a6bff073b58a55ed9"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
x-hw: 1679686807.dop202.sk1.t,1679686807.cds015.sk1.hn,1679686807.cds010.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
us-an.gr-cdn.com/we.1.30.0.umd.js
205.185.216.42200 OK 13 kB URL HTTP/2 us-an.gr-cdn.com/we.1.30.0.umd.js
IP 205.185.216.42:0
File type C source, Unicode text, UTF-8 text, with very long lines (46177)
Hash f374d9e209eeabc5fb5e236865278f97
c7e0aa26a1ebab88335ae0b924da6924532af705
4e52dd1ba02d1663f5ec0c62a79a211c8e4712417a57a034fd05b1e1ecec924b
GET /we.1.30.0.umd.js HTTP/1.1
Host: us-an.gr-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:07 GMT
cache-control: max-age=31247292
content-encoding: gzip
content-length: 13318
content-type: application/javascript
last-modified: Tue, 21 Mar 2023 11:14:13 GMT
accept-ranges: bytes
x-amz-id-2: 9D97esT1VesQGrEOVGHVEjSpQ+Ryhh9h9a6E36dlpKCAmJz48sFtVMQ3C6dJzIhb3/faAGMrnSw=
x-amz-request-id: KTTNAGH41NZW9EPM
etag: "cecac42286f3cb7bffa627083c1dd214"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
x-hw: 1679686807.dop202.sk1.t,1679686807.cds015.sk1.hn,1679686807.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
trivia.buzz/img/cl-picture-pattern.svg?1679663864
94.158.244.13200 OK 584 B URL HTTP/1.1 trivia.buzz/img/cl-picture-pattern.svg?1679663864
IP 94.158.244.13:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (584), with no line terminators
Hash 00e917c824f27c34b336846ebbb819ff
84a3472d6bc03c10bb5b0c70efd3779c5f57edf6
171d1542026da3517067625c1dbe80018f8f5f7151021e32def809cdae1cfbca
GET /img/cl-picture-pattern.svg?1679663864 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/svg+xml
Content-Length: 584
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-248"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/img/spin-and-win/char-brain.png
94.158.244.13200 OK 16 kB URL HTTP/1.1 trivia.buzz/img/spin-and-win/char-brain.png
IP 94.158.244.13:0
File type PNG image data, 345 x 252, 8-bit colormap, non-interlaced\012- data
Hash d3414922e939b654424038cbb12bceee
a90ce24dcc99530fdd3c0c40ec58de65f95e0b69
8c5ef073c85752487b7c5244334ebea6afeebf036b36957c3f66a7e5e1f059ee
GET /img/spin-and-win/char-brain.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/css/spin-and-win.min.css?1679663864
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:07 GMT
Content-Type: image/png
Content-Length: 16156
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-3f1c"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/service-worker.js
94.158.244.13200 OK 265 B URL HTTP/1.1 trivia.buzz/service-worker.js
IP 94.158.244.13:0
Hash d8a3c8e2699fbfd4eb69fea2d31e8fb9
6fd2a07f5cc7d7191ea3560eb63483dc49b94702
878ea2958755226f54ec92ab4a76ff44622a4dcc6ab668dee087d35311cf66c7
GET /service-worker.js HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full; _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: application/javascript
Content-Length: 265
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-109"
Expires: Sun, 23 Apr 2023 19:40:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&uid=%7B%22uuid%22%3A%22d9522cdf-932f-4eda-88e4-a93d0b58edcb%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22trivia.buzz%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%22c9b64488-0d41-4b11-ac8d-38c0b856e9ab%22%5D%7D&h=19&m=40&s=19&res=1280x1024>_ms=705
178.16.117.14204 No Content 0 B URL HTTP/2 ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&uid=%7B%22uuid%22%3A%22d9522cdf-932f-4eda-88e4-a93d0b58edcb%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22trivia.buzz%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%22c9b64488-0d41-4b11-ac8d-38c0b856e9ab%22%5D%7D&h=19&m=40&s=19&res=1280x1024>_ms=705
IP 178.16.117.14:0
ASN #198881 GETRESPONSE Sp.z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?ver=3&url=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&uid=%7B%22uuid%22%3A%22d9522cdf-932f-4eda-88e4-a93d0b58edcb%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22trivia.buzz%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%22c9b64488-0d41-4b11-ac8d-38c0b856e9ab%22%5D%7D&h=19&m=40&s=19&res=1280x1024>_ms=705 HTTP/1.1
Host: ga2.getresponse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trivia.buzz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 24 Mar 2023 19:40:08 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: d026bd04-bf6e-4f64-b588-0427c287a16c
x-xss-protection: 0
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
2.18.173.74200 OK 6.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (19718), with no line terminators
Hash e072c2eeb57e57e4a307195a51fc750a
3109ce8e5ccba038646b6ddc290f63a2d8edd98a
64f77a0e6f8760825a06da7538a6ea06a4723478e1b7895078a39f2671456138
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "d19ad32008c4bc3916ea7137df776b3d:1678969189.53513"
Last-Modified: Thu, 16 Mar 2023 09:30:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Fri, 24 Mar 2023 20:00:08 GMT
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Length: 6278
Connection: keep-alive
X-RG: EU
X-CC: NO
b-code.liadm.com/sync-container.js
18.66.15.78200 OK 2.9 kB URL HTTP/2 b-code.liadm.com/sync-container.js
IP 18.66.15.78:0
Hash 5ec34e24b11aee60cafc5126f7e6fdbc
ebe0e1a8775ad0d5459dd7e3c21f447a96b9c0e1
2da54ce5b3465358b5c0cdc854e9456a4c2c71916bebf533f19f9a6eb424bb45
GET /sync-container.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 10 Mar 2023 01:07:19 GMT
last-modified: Tue, 10 May 2022 11:48:07 GMT
etag: W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: QlXiR7EcP-XaNAg7BCmT7X2RmEI2Q9IO1FAWn59pjmcEmg6aUdxBUQ==
age: 1276369
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5323
Cache-Control: max-age=119612
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Etag: "641d1809-1d7"
Expires: Sun, 26 Mar 2023 04:53:40 GMT
Last-Modified: Fri, 24 Mar 2023 03:24:57 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
142.250.74.35200 OK 166 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
IP 142.250.74.35:0
File type HTML document, ASCII text, with very long lines (597)
Size 166 kB (166058 bytes)
Hash 4043af37a3392a9db521ff9ab62d9608
83828688e7a2259ed2f77345851a16122383b422
ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321
GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trivia.buzz
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166058
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 16:20:35 GMT
expires: Tue, 19 Mar 2024 16:20:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 357573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=OPT-KHBKNVK
172.217.21.174200 OK 56 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=OPT-KHBKNVK
IP 172.217.21.174:0
File type Unicode text, UTF-8 text, with very long lines (61853)
Hash 57b3bb8890538c8ea8ff535af8093099
f9f5424aa379dfa5ff508950f3be7e5496695ce1
5aa6870d189a6743d8af98b22792fab5c0ccd5e6afb55886f7f3a0344951861d
GET /gtm/optimize.js?id=OPT-KHBKNVK HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 24 Mar 2023 19:40:08 GMT
expires: Fri, 24 Mar 2023 19:40:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
b-code.liadm.com/a-06r0.min.js
18.66.15.78200 OK 42 kB URL HTTP/2 b-code.liadm.com/a-06r0.min.js
IP 18.66.15.78:0
File type Unicode text, UTF-8 text, with very long lines (43018)
Hash af77088825d864c4fe4d4848352627cf
c2d543b3a3ce5eadbcca72fa74a8aa1a121144cb
f5420afb3f77e8240822f7ef02ca3f6d143c181a9bcc495b997d77a584e02611
GET /a-06r0.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 24 Mar 2023 07:02:59 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: LYyZwe8YfTUJiEjkfon9MODC8KgxB_fBmOZUJj8DGQf7fD5XZDnl1A==
age: 45428
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a5974456d5b0e7b60127595d497e7105
301f44b5137d00ec286c36869a5ae233b6da8881
67e273220b1367d1001f870bdefca145c98dbf6cbe4d0c5e8dcb8f184018d5a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5323
Cache-Control: max-age=119612
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Etag: "641d1809-1d7"
Expires: Sun, 26 Mar 2023 04:53:40 GMT
Last-Modified: Fri, 24 Mar 2023 03:24:57 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 86811cf51ad884b665bacc6090e58e7d
9d70bd7ce092d5000c184b0448515ec2774ab4a8
2c853ef440a7555b43aabfeb2cf0bbd0c726acdbcaab778b17dd618510c2cfbc
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6291
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Last-Modified: Fri, 24 Mar 2023 17:55:17 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 86811cf51ad884b665bacc6090e58e7d
9d70bd7ce092d5000c184b0448515ec2774ab4a8
2c853ef440a7555b43aabfeb2cf0bbd0c726acdbcaab778b17dd618510c2cfbc
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3474
Cache-Control: max-age=91860
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Etag: "641cb2da-1d7"
Expires: Sat, 25 Mar 2023 21:11:08 GMT
Last-Modified: Thu, 23 Mar 2023 20:13:14 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230322/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Fri, 24 Mar 2023 12:50:23 GMT
expires: Fri, 07 Apr 2023 12:50:23 GMT
cache-control: public, max-age=1209600
age: 24585
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trivia.buzz/favicon/triviabuzz/android-chrome-192x192.png
94.158.244.13200 OK 6.5 kB URL HTTP/1.1 trivia.buzz/favicon/triviabuzz/android-chrome-192x192.png
IP 94.158.244.13:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e744f74c7bbc1b250595283730074de
0cdb7443e42fcc6952b81038798bf37f11cac49d
bcbf606f546113d39870e0c5b5b1c9a34fc6a9c1c06178c5b2048b66c38241e1
GET /favicon/triviabuzz/android-chrome-192x192.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full; _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3; _li_dcdm_c=.trivia.buzz; _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; gaVisitorUuid=d9522cdf-932f-4eda-88e4-a93d0b58edcb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: image/png
Content-Length: 6451
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-1933"
Expires: Sun, 23 Apr 2023 19:40:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/favicon/triviabuzz/favicon-16x16.png
94.158.244.13200 OK 719 B URL HTTP/1.1 trivia.buzz/favicon/triviabuzz/favicon-16x16.png
IP 94.158.244.13:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 0bed15bf305395261a7a99dbc600e2c4
004caf90425d77d61d05f850d011b2fee0d49164
eccdc0a178f681c62b8bc4158de5c66843fdc663b53efcb16e2dc2a7e7f637a9
GET /favicon/triviabuzz/favicon-16x16.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full; _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3; _li_dcdm_c=.trivia.buzz; _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; gaVisitorUuid=d9522cdf-932f-4eda-88e4-a93d0b58edcb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: image/png
Content-Length: 719
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-2cf"
Expires: Sun, 23 Apr 2023 19:40:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
rp.liadm.com/j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg
34.224.128.20302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg
IP 34.224.128.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trivia.buzz
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 19:40:08 GMT
content-length: 0
trace-id: dd051f45f9888f42
vary: Origin
location: /j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&n3pc=true
set-cookie: lidid=5c72f381-4ff8-45aa-8fea-9a58e041170e; Max-Age=63072000; Expires=Sun, 23 Mar 2025 19:40:08 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://trivia.buzz
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
64.202.112.95200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 64.202.112.95:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 4a68c63e65ca4e744b3da0614da26dd5
tr.outbrain.com/unifiedPixel?optOut=false&bust=06350820254821988&referrer=&marketerId=00390ad08b957f98e58157b666f68e07ce&name=PAGE_VIEW&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&g=1&obApiVersion=1.1&obtpVersion=2.0.5
64.202.112.95200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?optOut=false&bust=06350820254821988&referrer=&marketerId=00390ad08b957f98e58157b666f68e07ce&name=PAGE_VIEW&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&g=1&obApiVersion=1.1&obtpVersion=2.0.5
IP 64.202.112.95:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?optOut=false&bust=06350820254821988&referrer=&marketerId=00390ad08b957f98e58157b666f68e07ce&name=PAGE_VIEW&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&g=1&obApiVersion=1.1&obtpVersion=2.0.5 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 1a3d77427c93e9eae521039afb661137
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ac8d4dabc0044d3f9300e6f09b86bc68
331a761e7d051c94831a30254ca3ce25b2e7dd2d
05ef2753d9e9b8cd1f09c88eb1cc42ee88ffd4db561c9a05e069373c24112d60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=trivia.buzz
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=trivia.buzz
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=trivia.buzz HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 24 Mar 2023 19:40:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=trivia.buzz
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=trivia.buzz
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=trivia.buzz HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 24 Mar 2023 19:40:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b0ed7d316212efa2b3ef7d98d24b9125
2f2078419c164074981bb5451e5c8e0de4fe17ec
99584b096bb7545bb0fdd5f435b4444c7c3ad6c42a86844fb39ea8228bc6a21f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.3200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.3:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:44 GMT
expires: Sat, 23 Mar 2024 10:26:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 33204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.3200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.3:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 33203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trk-keingent.com/scripts/push/script/zqd2my4gk3?url=trivia.buzz&alturl=/landing/phone-unsubscribe
172.64.194.23200 OK 2.3 kB URL HTTP/2 trk-keingent.com/scripts/push/script/zqd2my4gk3?url=trivia.buzz&alturl=/landing/phone-unsubscribe
IP 172.64.194.23:0
File type ASCII text, with very long lines (7347)
Hash 27fec11121736e843cbb1550c974568a
37041356c6e47fc87d5e373cbd68ed58b0824586
c0dd9a83aa45ccd43d9b02246bb80d36cc3aec14795fabbf3edfdf44795a64cc
GET /scripts/push/script/zqd2my4gk3?url=trivia.buzz&alturl=/landing/phone-unsubscribe HTTP/1.1
Host: trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:07 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 19:40:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX0gASqL4RT3NAXrUJNNdBV9VrUObS9%2Fqq38GKau7%2B7opKBBJOZ83M7%2B2S0N6JKwPthT6Lv3H6rC0MPgXOXnTShLSKTza%2B2RfKwiJhYHVUqRk%2ByaC7sSlaRbgY6qFElbytAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad162520f4d892a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-keingent.com/register/event_log/48epjxn6e5
172.64.194.23200 OK 0 B URL HTTP/2 event.trk-keingent.com/register/event_log/48epjxn6e5
IP 172.64.194.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/48epjxn6e5 HTTP/1.1
Host: event.trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://trivia.buzz/
Origin: https://trivia.buzz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:08 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://trivia.buzz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76i5apjKwkYgOwfvHGnX4Eg1It0FYz8HtS5gD1u5rNBeXaTwRwQ1%2BseBIp9pmmETPnssQP0UyH%2FtEmY7cx42enNdI%2BYPbc1fhlHdiGBdWNR9YcVEMXcuurQBsPihbEoFj3d8ujYTy3cE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad1625a1d0948cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trivia.buzz/upload/media/tests-images/start/3%20(8)-628ce328f1297.png
94.158.244.13200 OK 47 kB URL HTTP/1.1 trivia.buzz/upload/media/tests-images/start/3%20(8)-628ce328f1297.png
IP 94.158.244.13:0
File type PNG image data, 368 x 244, 8-bit colormap, non-interlaced\012- data
Hash ae3a6915eaf48dadf0b90e3e05c0b12e
acfd4ed71d34a82f896b073efbbb8d65e2f8917d
99b7a55ef41f3c0662f9e57f7f51d22fa2c5294ad8cd8b301fd3610cc62da458
GET /upload/media/tests-images/start/3%20(8)-628ce328f1297.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full; _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3; _li_dcdm_c=.trivia.buzz; _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; gaVisitorUuid=d9522cdf-932f-4eda-88e4-a93d0b58edcb; _gaexp=GAX1.2.MhDZxc1rQs62jGWvIS238g.19480.1!0eHnqq23RbaQxzqxops1Rg.19522.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: image/png
Content-Length: 46890
Connection: keep-alive
Last-Modified: Tue, 24 May 2022 13:52:41 GMT
ETag: "628ce329-b72a"
Expires: Sun, 23 Apr 2023 19:40:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
event.trk-keingent.com/register/event_log/48epjxn6e5
172.64.194.23200 OK 0 B URL HTTP/2 event.trk-keingent.com/register/event_log/48epjxn6e5
IP 172.64.194.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/48epjxn6e5 HTTP/1.1
Host: event.trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trivia.buzz/
Content-type: application/json
Origin: https://trivia.buzz
Content-Length: 211
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:09 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://trivia.buzz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vFMTXe3a03FGQSFhCuuWdTUBTll7rU5IyWbA9jQYYCjg%2F7Fu4IlYYPDVie1tMKTAvpXTPGh46hmZafvDoGacsRP8j%2F0HG31shcRdeFFTkZ0buVJj%2BZtKmMc8DoFu86XNZmXLTPgxe1q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad1625c3f9648cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-keingent.com/register/event_log/48epjxn6e5
172.64.194.23200 OK 0 B URL HTTP/2 event.trk-keingent.com/register/event_log/48epjxn6e5
IP 172.64.194.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/48epjxn6e5 HTTP/1.1
Host: event.trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trivia.buzz/
Content-type: application/json
Origin: https://trivia.buzz
Content-Length: 250
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:09 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://trivia.buzz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOjZsSJxWOfUZvy5eYx6sVZprBSmbVjQsLJ7qmOiMi%2FswHBk6veZb1fAiw%2B0m6qS3uqFRwXtID30wWohICNHifVKrf0ySzJaPlPWnbYsq8hAEnKR3MyMd5lHCLeqBIkPwWFcXJzUQIbU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad1625c4fa248cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trivia.buzz/landings/spirit-animals-ads/img/lion.png?1678434648
94.158.244.13200 OK 98 kB URL HTTP/1.1 trivia.buzz/landings/spirit-animals-ads/img/lion.png?1678434648
IP 94.158.244.13:0
File type PNG image data, 682 x 539, 8-bit colormap, non-interlaced\012- data
Hash 34f87753324dcc035eecbb03b6aec402
b2478bbf57206430dd3e4b8b30dfeb9ab348cb26
954a2826d99aacbb1821439def7a3e17d77fad2b61180676240578082bc301ab
GET /landings/spirit-animals-ads/img/lion.png?1678434648 HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full; _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3; _li_dcdm_c=.trivia.buzz; _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; gaVisitorUuid=d9522cdf-932f-4eda-88e4-a93d0b58edcb; _gaexp=GAX1.2.MhDZxc1rQs62jGWvIS238g.19480.1!0eHnqq23RbaQxzqxops1Rg.19522.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: image/png
Content-Length: 98315
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 13:18:08 GMT
ETag: "641da310-1800b"
Expires: Sun, 23 Apr 2023 19:40:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
trivia.buzz/upload/media/tests-images/start/IQ1-6290d102ae77c.png
94.158.244.13200 OK 73 kB URL HTTP/1.1 trivia.buzz/upload/media/tests-images/start/IQ1-6290d102ae77c.png
IP 94.158.244.13:0
File type PNG image data, 327 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash a0dade59fc3a7fcca3bceea876d0c60a
343a822e73878bdfc06dfb0cc39a089b2dcd5355
8542a55f8bcdc7a353fa4b18ac081bf54855a7b9eea9e3608cbf269705a2c460
GET /upload/media/tests-images/start/IQ1-6290d102ae77c.png HTTP/1.1
Host: trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/landing/phone-unsubscribe?utm_source=tbtiburon42229100071022w4022&utm_medium=sms&utm_campaign=sms_2003_click_all_unsub&refid=ch-sms_src-tbtiburon42229100071022w4022_lp-smsuns&ppid=tbz&juid=ab760bfc0d4242d89e6eca3f406ea797
Cookie: PHPSESSID=h7ucrjca6gj7cdvbd7b857uk2j; juid=ab760bfc0d4242d89e6eca3f406ea797; device_view=full; _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3; _li_dcdm_c=.trivia.buzz; _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; gaVisitorUuid=d9522cdf-932f-4eda-88e4-a93d0b58edcb; _gaexp=GAX1.2.MhDZxc1rQs62jGWvIS238g.19480.1!0eHnqq23RbaQxzqxops1Rg.19522.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 19:40:08 GMT
Content-Type: image/png
Content-Length: 73071
Connection: keep-alive
Last-Modified: Fri, 27 May 2022 13:24:18 GMT
ETag: "6290d102-11d6f"
Expires: Sun, 23 Apr 2023 19:40:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM platformdirectads.com, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
www.facebook.com/tr/?id=3120744064631434&ev=PageView&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&rl=&if=false&ts=1679686819957&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679686819956.610593318&it=1679686819647&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3120744064631434&ev=PageView&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&rl=&if=false&ts=1679686819957&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679686819956.610593318&it=1679686819647&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3120744064631434&ev=PageView&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&rl=&if=false&ts=1679686819957&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679686819956.610593318&it=1679686819647&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 24 Mar 2023 19:40:09 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3120744064631434&ev=Microdata&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&rl=&if=false&ts=1679686820495&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TriviaBuzzPhone%20subscription%20%7C%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%22%2C%22og%3Atitle%22%3A%22Phone%20subscription%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1679686819956.610593318&it=1679686819647&coo=false&es=automatic&tm=3&rqm=GET
31.13.72.36200 OK 2.9 kB URL HTTP/2 www.facebook.com/tr/?id=3120744064631434&ev=Microdata&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&rl=&if=false&ts=1679686820495&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TriviaBuzzPhone%20subscription%20%7C%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%22%2C%22og%3Atitle%22%3A%22Phone%20subscription%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1679686819956.610593318&it=1679686819647&coo=false&es=automatic&tm=3&rqm=GET
IP 31.13.72.36:0
Hash 2b7e188413023d488fcb5dcfb20cb28b
fe827c94ebbfb54c31b6880ec629e7b6885d531b
dde1d2020c0d9404d5e38e74ec7a0c2813489ec7898674c516aa284cded95722
GET /tr/?id=3120744064631434&ev=Microdata&dl=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&rl=&if=false&ts=1679686820495&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TriviaBuzzPhone%20subscription%20%7C%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%22%2C%22og%3Atitle%22%3A%22Phone%20subscription%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1679686819956.610593318&it=1679686819647&coo=false&es=automatic&tm=3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 24 Mar 2023 19:40:09 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 908a8567a4a8cd14eee25e0cc2db9916
52232f08a2f58cf84d7d0c7fc7bf3503d5d671de
e2a79aa6dec9c0a269888cf7263c624aa90ca81802a1c78ceaed35dc9f15366f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=trivia.buzz&callback=_gfp_s_&client=ca-pub-9067164180551135
216.58.207.226200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=trivia.buzz&callback=_gfp_s_&client=ca-pub-9067164180551135
IP 216.58.207.226:0
File type ASCII text, with very long lines (389), with no line terminators
Hash 66ef37eea98ab65de9aee5dfbe7d3c44
26a250cd7981bbeb72aacbb04c92a4f044f8d833
f21171a0979a02971e0c7d630aec12b9f74adb1772d503fef3a04c125451593c
GET /gampad/cookie.js?domain=trivia.buzz&callback=_gfp_s_&client=ca-pub-9067164180551135 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 24 Mar 2023 19:40:09 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&n3pc=true
34.224.128.20200 OK 44 B URL HTTP/2 rp.liadm.com/j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&n3pc=true
IP 34.224.128.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bf84977be433a2f3f92515da3617f94c
07fcf9037375129c46d8c449e4f00d0e47455405
d65db05a6374b68286f4d0b3de0b324dc19408c2298e8939cf38fe632ce8e681
GET /j?dtstmp=1679686819149&aid=a-06r0&se=e30&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&tna=v2.7.1&pu=https%3A%2F%2Ftrivia.buzz%2Flanding%2Fphone-unsubscribe%3Futm_source%3Dtbtiburon42229100071022w4022%26utm_medium%3Dsms%26utm_campaign%3Dsms_2003_click_all_unsub%26refid%3Dch-sms_src-tbtiburon42229100071022w4022_lp-smsuns%26ppid%3Dtbz%26juid%3Dab760bfc0d4242d89e6eca3f406ea797&wpn=lc-bundle&c=PHRpdGxlPlRyaXZpYUJ1enpQaG9uZSBzdWJzY3JpcHRpb24gfCA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trivia.buzz
Referer: https://trivia.buzz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:09 GMT
content-type: application/json
content-length: 44
trace-id: 50c425a864f1045c
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 78633dee-b1ee-441b-a724-0d154eab3b48
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://trivia.buzz
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 908a8567a4a8cd14eee25e0cc2db9916
52232f08a2f58cf84d7d0c7fc7bf3503d5d671de
e2a79aa6dec9c0a269888cf7263c624aa90ca81802a1c78ceaed35dc9f15366f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44795223-68&cid=1887302355.1679686820&jid=805157459&gjid=829058716&_gid=2105327967.1679686820&_u=YEBAAEAAQAAAACAAI~&z=1004851577
209.85.233.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44795223-68&cid=1887302355.1679686820&jid=805157459&gjid=829058716&_gid=2105327967.1679686820&_u=YEBAAEAAQAAAACAAI~&z=1004851577
IP 209.85.233.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44795223-68&cid=1887302355.1679686820&jid=805157459&gjid=829058716&_gid=2105327967.1679686820&_u=YEBAAEAAQAAAACAAI~&z=1004851577 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://trivia.buzz
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://trivia.buzz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Mar 2023 19:40:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4266f8db6a53b8fb6b5d6b5d15702004
73f6a9661246e2ed576660e7cc25c545323cd258
9ccfe4140e8ad107feccfff557715078f8d956944ec34f6eebf21331fc8b6673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CCFE4140E8AD107FECCFFF557715078F8D956944EC34F6EEBF21331FC8B6673"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14168
Expires: Fri, 24 Mar 2023 23:36:17 GMT
Date: Fri, 24 Mar 2023 19:40:09 GMT
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 5d46da102a602d476830fc31d16b0150
0fa602620b66a602415e084b7c16a6b27289cfb3
789ec5789b4573a741ed337f7787e3edbcdba4836e9643a03833d798040a5c94
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93304
Date: Fri, 24 Mar 2023 19:40:09 GMT
Etag: "641cb157-1d7"
Expires: Sat, 25 Mar 2023 21:35:13 GMT
Last-Modified: Thu, 23 Mar 2023 20:06:47 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -fyh_K_uIa4I7z7opPCfpsaChqPyX8UAwqEr5DMwPZ3CW5sL2nAv2Q==
Age: 5306
sli.trivia.buzz/baker?dtstmp=1679686820663
95.101.10.169200 OK 19 B URL HTTP/1.1 sli.trivia.buzz/baker?dtstmp=1679686820663
IP 95.101.10.169:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 257 x 1057\012- data
Hash a13d28efebc1a996346c058d7e099d93
c75cea464ecb32876267eca0de33f0afb8f622d0
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
GET /baker?dtstmp=1679686820663 HTTP/1.1
Host: sli.trivia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Cookie: _gcl_au=1.1.864436623.1679686819; _scid=ac75e4e3-dd64-4751-812f-3522c50528e3; _li_dcdm_c=.trivia.buzz; _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; gaVisitorUuid=d9522cdf-932f-4eda-88e4-a93d0b58edcb; _gaexp=GAX1.2.MhDZxc1rQs62jGWvIS238g.19480.1!0eHnqq23RbaQxzqxops1Rg.19522.1; _ga=GA1.2.1887302355.1679686820; _gid=GA1.2.2105327967.1679686820; _gat_UA-44795223-68=1; _fbp=fb.1.1679686819956.610593318; __gads=ID=605a435e263e7073-22eede966cdd00bb:T=1679686809:RT=1679686809:S=ALNI_Mb9BihPKys9zttfziy2ANtevsQfFw; __gpi=UID=00000bcb4be29834:T=1679686809:RT=1679686809:S=ALNI_MaRdrthKfs5I4P-ErMBpThIjgqiRA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 19
Expires: Fri, 24 Mar 2023 19:40:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Mar 2023 19:40:09 GMT
Connection: keep-alive
Set-Cookie: _lc2_fpi=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521; Max-Age=63072000; Domain=.trivia.buzz; SameSite=Lax
i.liadm.com/s/c/a-06r0?s=&cim=&ps=true&ls=true&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
107.20.232.239200 OK 635 B URL HTTP/1.1 i.liadm.com/s/c/a-06r0?s=&cim=&ps=true&ls=true&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
IP 107.20.232.239:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (773)
Hash 804afe0ed6479e20b21b12b7ada93e2c
3f3f0d6e150a7cb09617f852e5b83fad9d147f31
b27d811ffc4148a0c53e118c89757e1adaeced2d1eff74d3788a49868dc7c162
GET /s/c/a-06r0?s=&cim=&ps=true&ls=true&duid=40143cef2324--01gwaj5q6fmdgj2y2z2cqy7521&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false& HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trivia.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:40:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 635
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: _li_ss=CiwKBQgKENQUCgUIeRDUFAoFCAkQ1BQKBgiBARDUFAoGCIsBENQUCgUIfhDUFA; Max-Age=2592000; Expires=Sun, 23 Apr 2023 19:40:09 GMT; SameSite=None; Path=/s; Secure
Request-Time: 6
Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
ocsp.digicert.com/
192.229.221.95200 OK 727 B IP 192.229.221.95:0
Hash d3e7f52f1d9fc24a8d7e7d8489eb42f7
a4d464e68406a2484ff95b54a93daa497503329b
99086a53783e78fe2bc60cc2de4516206d5d14e2260a7575649227f6fd4f8c04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: max-age=115880
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:09 GMT
Etag: "641d0740-2d7"
Expires: Sun, 26 Mar 2023 03:51:29 GMT
Last-Modified: Fri, 24 Mar 2023 02:13:20 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 727
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 147aa520b2d0a53c17a620ef0e7f5459
a6784ffc5f7f5e687ce2f6e209366c3d65516a36
3bb47d0e59a90cfa70b63d39158080ac2f2bbebfeaac745becfdb7787ab85527
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:40:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 28 Mar 2023 18:10:11 GMT
ETag: "a6784ffc5f7f5e687ce2f6e209366c3d65516a36"
Last-Modified: Fri, 24 Mar 2023 18:10:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad162623e3fb4ff-OSL
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 1eafb93b43a0c15aa0a5ec304be9a85c
be7e23035630e505954b9a0b907aa0628afc180c
37ccfa43119516e76649a5d67257337ca71aeab9b854fd4fce13e271ae3ac1d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4505
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:09 GMT
Last-Modified: Fri, 24 Mar 2023 18:25:04 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
98.98.134.243302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
IP 98.98.134.243:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=f096e071-eda8-412f-8aaa-e7f9b6a09b54#1679686809971; Domain=.sitescout.com; Expires=Sat, 23-Mar-2024 19:40:09 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
content-length: 0
date: Fri, 24 Mar 2023 19:40:09 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
98.98.134.243204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
IP 98.98.134.243:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Fri, 24 Mar 2023 19:40:09 GMT
server: AC1.1
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:10 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D
34.246.109.224302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D
IP 34.246.109.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v046-02d41f003.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=27242015285769839962192732146853389852; Max-Age=15552000; Expires=Wed, 20 Sep 2023 19:40:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5UKzBpDrRVc=
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6183aa16775dabcac551059cc1a6ba51
37c58d98e5c60c2e628f932b553e483881583d7d
74f003567d16102c04b404455b9f30ae97459491ca3f501f2a21530973510a6b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1170
Cache-Control: max-age=107877
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Etag: "641cfa6d-1d7"
Expires: Sun, 26 Mar 2023 01:38:07 GMT
Last-Modified: Fri, 24 Mar 2023 01:18:37 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D
34.246.109.224200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D
IP 34.246.109.224:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06r0%2F0%2F65d1fc1408784c11b09b5168a0b65d9a%3Fmuid%3D%24%7BDD_UUID%7D HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v046-0dafbee55.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ZQHc4jNnR5s=
Content-Length: 59
Connection: keep-alive
x.dlx.addthis.com/e/live_intent_sync?na_exid=
184.24.45.23302 Found 0 B URL HTTP/2 x.dlx.addthis.com/e/live_intent_sync?na_exid=
IP 184.24.45.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/live_intent_sync?na_exid= HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y
expires: Fri, 24 Mar 2023 19:40:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 19:40:10 GMT
set-cookie: na_id=2023032419400900016618182371; Path=/; Domain=addthis.com; Max-Age=34214400; Secure; SameSite=None
na_tc=Y; Path=/; Domain=addthis.com; Max-Age=34214400; Secure; SameSite=None
uid=641dfc994ad13fd8; Path=/; Domain=addthis.com; Max-Age=34214400; Secure; SameSite=None
ouid=641dfc990001e63e48584e14db20a5c4c6589a1a5338b047be8d; Path=/; Domain=addthis.com; Max-Age=34214400; Secure; SameSite=None
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 1c520f8ae7aa06fd114f3aa008bce8f5
41e698c7a4200638f0fe50a12b0798fc22dba09f
a32843855b7b12d4639c9899bd93d230f21a59568c3b1852661fe10c4ecf17e7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 19:40:10 GMT
Last-Modified: Fri, 24 Mar 2023 18:47:34 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fLXWEjEiWZA39O6tFhfgUz8JwyMrz4HpA1oZ_Nc10wV4pijUlwaGxA==
Age: 3156
b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
70.42.32.191302 Found 77 B URL HTTP/1.1 b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
IP 70.42.32.191:0
File type HTML document, ASCII text
Hash 7c1e5b67fd3722647b69f39a0022a1cd
c1a820d190419dca7cfc1630d2250bc268c9bb77
90538321da699789e61c931d3d59855aee2b2511c4cc2bd86700410ee01f204f
GET /usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 77
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: //i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Pragma: no-cache
Date: Fri, 24 Mar 2023 19:40:10 GMT
x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y
184.24.45.23200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y
IP 184.24.45.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/live_intent_sync?na_exid=&rd=Y HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Fri, 24 Mar 2023 19:40:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 19:40:10 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im
34.206.163.95302 Found 0 B URL HTTP/2 mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im
IP 34.206.163.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im HTTP/1.1
Host: mid.rkdms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 19:40:10 GMT
content-length: 0
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
location: /restricted
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee90ddfbbe80c960f79e4dc02fc0262b
94bce2b76308d2135544dfccf31bd0d9f88af4d9
ed01967238a15bca10092d62913e416eb931674b86469648973caa1d13912274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee90ddfbbe80c960f79e4dc02fc0262b
94bce2b76308d2135544dfccf31bd0d9f88af4d9
ed01967238a15bca10092d62913e416eb931674b86469648973caa1d13912274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
107.20.232.239303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
IP 107.20.232.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/35004?bidder_id=98254&bidder_uuid= HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 24 Mar 2023 19:40:10 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/35004?bidder_id=98254&bidder_uuid=&_li_chk=true&previous_uuid=e641cbec9428409d941470df885640ae
Set-Cookie: lidid=e641cbec-9428-409d-9414-70df885640ae; Max-Age=63072000; Expires=Sun, 23 Mar 2025 19:40:10 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1faaa6e2a96df65e726bea8a873f5a1d
11b1d41aecbf8830cef3bb3d79667c3ae14fb7e5
ca8c2aeb31c285308a18a4eb8680fb9a1f52d26a61f83e2ca4a83b921aa49552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1faaa6e2a96df65e726bea8a873f5a1d
11b1d41aecbf8830cef3bb3d79667c3ae14fb7e5
ca8c2aeb31c285308a18a4eb8680fb9a1f52d26a61f83e2ca4a83b921aa49552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js
142.250.74.65200 OK 9.1 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (1998)
Hash a90ad9886409dae37a1ec7c98c4c5ab4
8d7c9ef275bd8abb12230474e618baf571b500a9
5a007006827a80c083f9bc31927925cacb3fb0148eceffe34a9adcd628c03481
GET /pagead/js/r20230322/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9109
x-xss-protection: 0
date: Fri, 24 Mar 2023 16:36:35 GMT
expires: Fri, 07 Apr 2023 16:36:35 GMT
cache-control: public, max-age=1209600
age: 11015
etag: 16040247357158217350
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
142.250.74.65200 OK 8.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (2465)
Hash 9da78d3accd905d5cc426fad37ef9ce9
c1c5ebc107844e165679f2b069763d10cf8d226d
79578369b938e27d7a0e3b6d02e048ef340d848e12e7b2465acb1e52dc24eeaa
GET /pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8627
x-xss-protection: 0
date: Fri, 24 Mar 2023 16:28:34 GMT
expires: Fri, 07 Apr 2023 16:28:34 GMT
cache-control: public, max-age=1209600
age: 11496
etag: 8620137988422272387
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1faaa6e2a96df65e726bea8a873f5a1d
11b1d41aecbf8830cef3bb3d79667c3ae14fb7e5
ca8c2aeb31c285308a18a4eb8680fb9a1f52d26a61f83e2ca4a83b921aa49552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 50 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3399)
Hash 1300547bdd24747a1050f3bcf61ed6bd
bca14bfd2016dacf5b54edaf1d51835ba00c8420
2c02b0fea6efd77d65b682a58b6e9bd462c5f74da83157020b98e5f4eca38103
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
timing-allow-origin: *
content-length: 49540
date: Fri, 24 Mar 2023 19:40:10 GMT
expires: Fri, 24 Mar 2023 19:40:10 GMT
cache-control: private, max-age=3000
etag: "1679493709445325"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/interstitial_ad_frame_fy2021.js
142.250.74.65200 OK 8.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (2618)
Hash eb7072fa310dd0d20b6cf048a6ce5d87
b6079525092b8873efc2bd0c4fdc8120cd8a02dd
ba3e588ca8a028d690199768582f94ec41844a47e70dd2caedcfdc10a9fef8f0
GET /pagead/js/r20230322/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8563
x-xss-protection: 0
date: Thu, 23 Mar 2023 22:28:13 GMT
expires: Thu, 06 Apr 2023 22:28:13 GMT
cache-control: public, max-age=1209600
age: 76317
etag: 3720302941478166528
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee90ddfbbe80c960f79e4dc02fc0262b
94bce2b76308d2135544dfccf31bd0d9f88af4d9
ed01967238a15bca10092d62913e416eb931674b86469648973caa1d13912274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=&_li_chk=true&previous_uuid=e641cbec9428409d941470df885640ae
107.20.232.239303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=&_li_chk=true&previous_uuid=e641cbec9428409d941470df885640ae
IP 107.20.232.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/35004?bidder_id=98254&bidder_uuid=&_li_chk=true&previous_uuid=e641cbec9428409d941470df885640ae HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 24 Mar 2023 19:40:10 GMT
Content-Length: 0
Connection: keep-alive
Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Set-Cookie: _li_ss=CgsKCQj_____BxDeFA; Max-Age=2592000; Expires=Sun, 23 Apr 2023 19:40:10 GMT; SameSite=None; Path=/s; Secure
lidid=f4b2ce4d-1921-4006-97e2-396a64255097; Max-Age=63072000; Expires=Sun, 23 Mar 2025 19:40:10 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains
i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
54.221.128.63200 OK 43 B URL HTTP/1.1 i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
IP 54.221.128.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /s/35004?bidder_id=98254&bidder_uuid= HTTP/1.1
Host: i6.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:40:11 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Request-Time: 0
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
ga.getresponse.com/script/c9b64488-0d41-4b11-ac8d-38c0b856e9ab/ga.js
178.16.117.14200 OK 0 B URL HTTP/2 ga.getresponse.com/script/c9b64488-0d41-4b11-ac8d-38c0b856e9ab/ga.js
IP 178.16.117.14:0
ASN #198881 GETRESPONSE Sp.z o.o.
GET /script/c9b64488-0d41-4b11-ac8d-38c0b856e9ab/ga.js HTTP/1.1
Host: ga.getresponse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trivia.buzz
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://trivia.buzz
content-encoding: gzip
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: application/javascript; charset=utf-8
date: Fri, 24 Mar 2023 19:40:07 GMT
etag: W/"452f-NyBX4+pX38MRxlE55GGkEuQm/SE"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: acea40a3-2675-41bc-b90f-1205ae74317f
x-xss-protection: 0
X-Firefox-Spdy: h2
trc.taboola.com/sg/liveintent/1/cm/
151.101.129.44200 OK 0 B URL HTTP/2 trc.taboola.com/sg/liveintent/1/cm/
IP 151.101.129.44:0
GET /sg/liveintent/1/cm/ HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.liadm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
cache-control: no-cache, no-store
pragma: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
date: Fri, 24 Mar 2023 19:40:10 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679686810.910305,VS0,VE96
x-vcl-time-ms: 96
X-Firefox-Spdy: h2
mid.rkdms.com/restricted
34.206.163.95200 OK 0 B IP 34.206.163.95:0
GET /restricted HTTP/1.1
Host: mid.rkdms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.liadm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:10 GMT
content-type: text/html;charset=ISO-8859-1
server: nginx
content-language: en-US
content-encoding: gzip
X-Firefox-Spdy: h2
tr.snapchat.com/config/buzz/46c4b8d0-2a44-4cd8-8864-0ae595bad096.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/buzz/46c4b8d0-2a44-4cd8-8864-0ae595bad096.js
IP 35.190.43.134:0
GET /config/buzz/46c4b8d0-2a44-4cd8-8864-0ae595bad096.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trivia.buzz
Connection: keep-alive
Referer: https://trivia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:40:07 GMT
access-control-allow-origin: https://trivia.buzz
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 172.217.21.170:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Mar 2023 19:40:10 GMT
date: Fri, 24 Mar 2023 19:40:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 172.217.21.170:0
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Mar 2023 19:40:10 GMT
date: Fri, 24 Mar 2023 19:40:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2