r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15384
Expires: Sun, 05 Feb 2023 07:12:47 GMT
Date: Sun, 05 Feb 2023 02:56:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4540
Expires: Sun, 05 Feb 2023 04:12:03 GMT
Date: Sun, 05 Feb 2023 02:56:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 02:36:17 GMT
content-type: application/json
age: 1206
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12148
Expires: Sun, 05 Feb 2023 06:18:51 GMT
Date: Sun, 05 Feb 2023 02:56:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NCQIcvkPx6Vn2G0+rIqjl1shGHg9B/HNPzeynv05nMU//kRtU5+sWDGXaPRrM9v26IBm2rjhvDE=
x-amz-request-id: WA5V68XEM5XGFPJ8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 02:53:05 GMT
age: 198
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
52.88.117.129301 Moved Permanently 178 B URL HTTP/1.1 app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
IP 52.88.117.129:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword HTTP/1.1
Host: app.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Sun, 05 Feb 2023 02:56:23 GMT
Location: https://app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
Server: nginx/1.18.0 (Ubuntu)
Content-Length: 178
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 02:56:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 02:49:07 GMT
age: 437
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b217c968fab2e48b12eeb10432511807
ce4c4c46322cffcf780ff37c07634523ebcf5d49
3e2990b4e7eb955fd802b3a570c86d7abfa30f1acce2adcdac9c6e01b5df768a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90971
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:24 GMT
Etag: "63dddb33-1d7"
Expires: Mon, 06 Feb 2023 04:12:35 GMT
Last-Modified: Sat, 04 Feb 2023 04:12:35 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20994
Expires: Sun, 05 Feb 2023 08:46:18 GMT
Date: Sun, 05 Feb 2023 02:56:24 GMT
Connection: keep-alive
app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
52.88.117.129200 OK 16 kB URL HTTP/1.1 app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
IP 52.88.117.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2124)
Hash 273e13d43e65843bd2fd5ee136c7b18b
6a68d9c89e4c3bc308dc6ad3e54bb4abc5eff4f5
0a7a33026378d2d4436fc983f3ecdac051391e4940d0a6f25c976966dd579f7f
GET /reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword HTTP/1.1
Host: app.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 02:56:24 GMT
ETag: W/"c0cb-OXxvG9QNFz8ZGYQfxmT+3plz010"
Server: nginx/1.18.0 (Ubuntu)
Set-Cookie: AWSELB=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B;PATH=/
AWSELBCORS=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B;PATH=/;SECURE;SAMESITE=None
X-Powered-By: Express
Content-Length: 16489
Connection: keep-alive
push.services.mozilla.com/
54.187.84.223101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.84.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C7PFg/PiI62qOX/Sz9Zbvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gUouh5JKW/ppXMtJysvyHySITio=
code.jquery.com/jquery-2.2.4.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:24 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675565784.dop203.sk1.t,1675565784.cds239.sk1.hn,1675565784.cds214.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.nixplay.com/images/b2c-login/Nixplay%20Logo%20Horizontal%20Lockup%20RGB%20v3%20all.svg
52.88.117.129200 OK 10 kB URL HTTP/1.1 app.nixplay.com/images/b2c-login/Nixplay%20Logo%20Horizontal%20Lockup%20RGB%20v3%20all.svg
IP 52.88.117.129:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (10384), with no line terminators
Hash 25d4528860a5842d05757ccf0072bed3
4e5e4d5cdab4873c01efe02c582a8b116be4aac8
09933683f672fa36f8246c398b17d6ef56cace6277f2bee14ac6d68824068396
GET /images/b2c-login/Nixplay%20Logo%20Horizontal%20Lockup%20RGB%20v3%20all.svg HTTP/1.1
Host: app.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
Cookie: AWSELB=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B; AWSELBCORS=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Type: image/svg+xml
Date: Sun, 05 Feb 2023 02:56:24 GMT
ETag: W/"2890-185d08014c8"
Last-Modified: Fri, 20 Jan 2023 18:45:33 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Content-Length: 10384
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-T7NG37B
142.250.74.168200 OK 92 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T7NG37B
IP 142.250.74.168:0
File type ASCII text, with very long lines (28457)
Hash 201d3784fee36da1f2b7fc0b5ed908b5
97765eadea5244cf213796af8b026719569dea8a
abd7cdb7c23274b6e9ac9aec9fc4ca1e709c9f961db35be3423b20429e6ff757
GET /gtm.js?id=GTM-T7NG37B HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 02:56:25 GMT
expires: Sun, 05 Feb 2023 02:56:25 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpkg.com/ionicons@5.0.0/dist/ionicons/svg/chevron-down-outline.svg
104.16.124.175200 OK 616 B URL HTTP/2 unpkg.com/ionicons@5.0.0/dist/ionicons/svg/chevron-down-outline.svg
IP 104.16.124.175:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash c95b0c2154c0ada136d9a6248ee005aa
6e16b97e873f66aa1d45a148d7f0ee493867e2b0
ec7b0c19753c95385dd1f988f1c420a470f1f0e6ff419012b09d9cec82f0c8fa
GET /ionicons@5.0.0/dist/ionicons/svg/chevron-down-outline.svg HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.nixplay.com/
Origin: https://app.nixplay.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:25 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"d3-hwF59JwtsumoMLgE2BWF18YatqM"
via: 1.1 fly.io
fly-request-id: 01GQ3YX3EVJFCPVCXJBCM5MQ33-fra
cf-cache-status: HIT
age: 1469207
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79485f6c4bd0b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js
104.16.124.175200 OK 17 kB URL HTTP/2 unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js
IP 104.16.124.175:0
File type ASCII text, with no line terminators
Hash 4b7117ed225313c3c7e91c4e6aa1e4ad
af32a26ce72448d4c983ca6cc3ff87d188e38d15
c336321920cb54aae90e7dc82c36328f251b3268a6209c6603af13238a44332c
GET /ionicons@5.0.0/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:24 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106-2QVIn+WWfE7GzXgXZTPbiG+yGbs"
via: 1.1 fly.io
fly-request-id: 01G4XQ07F3VERQN7D11X61A71M-fra
cf-cache-status: HIT
age: 21006273
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79485f6b5b58b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ae33387a62892d7d143b88a9663db004
94b31c45dea6514d041582a83545f81fb4c14d7a
68a0f0dfc7951cc0725b7db0475d0395e24fca3a6a26596c51161c305f60d5ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68A0F0DFC7951CC0725B7DB0475D0395E24FCA3A6A26596C51161C305F60D5AC"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=695
Expires: Sun, 05 Feb 2023 03:08:00 GMT
Date: Sun, 05 Feb 2023 02:56:25 GMT
Connection: keep-alive
app.nixplay.com/images/b2c-login/eye.svg
52.88.117.129200 OK 2.8 kB URL HTTP/1.1 app.nixplay.com/images/b2c-login/eye.svg
IP 52.88.117.129:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2561)
Hash e75fb2edb0fe71d278744e894bc79e2c
276faeaf2c7e083a652fe8f166e55a4fdac8e68f
68c2928895fa3b038f85187e60b5c0d1b7a8814527848e8fcf84783a54b4d12a
GET /images/b2c-login/eye.svg HTTP/1.1
Host: app.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
Cookie: AWSELB=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B; AWSELBCORS=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Type: image/svg+xml
Date: Sun, 05 Feb 2023 02:56:25 GMT
ETag: W/"ae3-185d08014c8"
Last-Modified: Fri, 20 Jan 2023 18:45:33 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Content-Length: 2787
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6526
Expires: Sun, 05 Feb 2023 04:45:11 GMT
Date: Sun, 05 Feb 2023 02:56:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6526
Expires: Sun, 05 Feb 2023 04:45:11 GMT
Date: Sun, 05 Feb 2023 02:56:25 GMT
Connection: keep-alive
q.quora.com/_/ad/a46dbcacff3d47bea94ce58918ec8ab3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword
52.206.88.16200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/a46dbcacff3d47bea94ce58918ec8ab3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword
IP 52.206.88.16:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/a46dbcacff3d47bea94ce58918ec8ab3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Sun, 05 Feb 2023 02:56:25 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,7ef2b82aecb692d8d392f58b0cf98aa9,10.0.0.139,21826,91.90.42.154,,99138882010,1,1675565785.538,0.002,,.,0,0,0.000,0.004,-,0,0,197,68,34,10,35796,,,,,,-,
Content-Length: 43
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 17059
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d907b978dc107f6e95182eee954462a
29a73442173f75b4f3413e2c6459e8448b1cc33f
8268fb8aa86182e7c2113709cce8f559ac8cc831e12cfd7a75c67f30c69808a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: a9d8e72b-b943-4c6d-a01c-7b7b65da6ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzXDqG-eIAMFbTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de054a-778199ce1db9fa1b73a9d4ec;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CyZUnEQ1l6j1CZCVM63GYbV6mAnhjW3kh4E5M07jH6d3t4mwhSK4hw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 17544
etag: "29a73442173f75b4f3413e2c6459e8448b1cc33f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 18766
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 49839
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 43360
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 17544
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8a94e5ac95dab80668e10cd38dd19909
8b343a1135ebabcc0dafdb9230d65cd907b68764
dc18365b31a854a60ff5254abf655fe63346813eec9ced827a7e6b2b62c9bb6e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98006
Date: Sun, 05 Feb 2023 02:56:25 GMT
Etag: "63dde512-1d7"
Expires: Mon, 06 Feb 2023 06:09:51 GMT
Last-Modified: Sat, 04 Feb 2023 04:54:42 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9OP4POCmZUj9z8dSNOoQwFUca1XKk-TyRFhD0VDkHjQI6WbPq0EjsQ==
Age: 4509
api.nixplay.com/v3/system-features
54.213.246.206200 OK 626 B URL HTTP/2 api.nixplay.com/v3/system-features
IP 54.213.246.206:0
Hash 8f24e1a9fcdfbf478ff790c2322264bf
37f944d4e50c44780c11359d4c6b7450f8fb7248
490a64a563401c26ba806cc6ebfb92647f6001906ecb07b758538a2907a67859
GET /v3/system-features HTTP/1.1
Host: api.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.nixplay.com/
Origin: https://app.nixplay.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.nixplay.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
x-response-time: 8.614ms
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
2.18.173.74200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (17769), with no line terminators
Hash 939f95ffc91ae8a9eacb6998ec5a635f
e122fe07195821f6abf871cc65f315c6b9e27f4a
49462b3c223095ac3fc223f11a29e4bceed96feba62e167d444e9a082626fc17
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b07048fb19f7c325242e254218118e14:1675339769.124179"
Last-Modified: Thu, 02 Feb 2023 09:48:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 05 Feb 2023 03:16:25 GMT
Date: Sun, 05 Feb 2023 02:56:25 GMT
Content-Length: 5911
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ipapi.co/country/
104.26.9.44200 OK 2 B IP 104.26.9.44:0
File type ASCII text, with no line terminators
Hash c2f3f489a00553e7a01d369c103c7251
a0509b7780628bd9d9abc7eb8a2163477341053a
23794d91c53ae875c8e247d72561e35d9d06ee07c70c9e0dbcc977a6d161504a
GET /country/ HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.nixplay.com/
Origin: https://app.nixplay.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:26 GMT
content-type: text/plain; charset=utf-8
content-length: 2
allow: OPTIONS, HEAD, OPTIONS, POST, GET
x-frame-options: DENY
vary: Host, Origin
access-control-allow-origin: https://app.nixplay.com
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yyoa8A%2BE%2BUAL5I0g%2BvRKsgV7zPrdbmIPlaT0oLqYAzzTz4XW%2FiT%2BZlablOO1TYQMw4mbxf%2FHkoqKIhWuQbRr%2BPeyk5I%2BLjZ3EIU6UQlwjWpyjHQTpehQUdtH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79485f717acd0b69-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Last-Modified: Sun, 05 Feb 2023 01:57:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 122d09f3c0e479664f7ed8ed3d4dbe74
91a4554bb5ba6a763ba9acbb712e2b57d1a1bd46
fca4655dd725b3d54840da0ab81bb7fafd628b82c56a897a1cd7f647fc4b8200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Last-Modified: Sun, 05 Feb 2023 02:34:08 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
googleads.g.doubleclick.net/pagead/viewthroughconversion/966120210/?random=1675565823639&cv=11&fst=1675565823639&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&auid=1344772763.1675565824&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 972 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/966120210/?random=1675565823639&cv=11&fst=1675565823639&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&auid=1344772763.1675565824&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2153), with no line terminators
Hash 05fcf8bf999c874380bb247b937c8cce
c94c3e6746b7f1863cd5a16488a83387599d9389
2101dea846065e8e335eec530fc1958b9b8e7f643309a4cfaecd2f9f04bbf3ab
GET /pagead/viewthroughconversion/966120210/?random=1675565823639&cv=11&fst=1675565823639&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&auid=1344772763.1675565824&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 02:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 972
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 03:11:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ktck/ArQQ0h1uxtk6YTs1A3Ldok7USq0WA+vOlb7uy4TxgMvy+AK+JVHX9DgNKti8jWKqyzK62TEbsMf9h1Ghw==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 02:56:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Last-Modified: Sun, 05 Feb 2023 01:57:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
app.nixplay.com/images/b2c-login/favicon.ico
52.88.117.129200 OK 6.3 kB URL HTTP/1.1 app.nixplay.com/images/b2c-login/favicon.ico
IP 52.88.117.129:0
File type PNG image data, 32 x 32, 16-bit/color RGBA, non-interlaced\012- data
Hash b1fab541694f0d6bcdc8b52258f532aa
bb696e8c912897bfd352d55cf2eb02240d8f79bb
07a823069d23822416059133dcdac9839140eb6603834d7e09edd1a2131c5d28
GET /images/b2c-login/favicon.ico HTTP/1.1
Host: app.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/reset-pwd/?token=6606734da315877a516c16f788e18125765315ac&utm_medium=email&utm_source=edm&utm_campaign=system&utm_content=recoverpassword
Cookie: AWSELB=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B; AWSELBCORS=D995D3C518BED13043C0BE09C25D54101B41C92ADB9CB43E6F7056F3D7C2AAB94B21E4984290D30823122F5221D2466ED4516E1F2A6E4EE22029E02BD7DA17058E5F359C4B; lang=en_US; _gcl_au=1.1.1344772763.1675565824
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/x-icon
Date: Sun, 05 Feb 2023 02:56:26 GMT
ETag: "63cae14d-189a"
Last-Modified: Fri, 20 Jan 2023 18:45:33 GMT
Server: nginx/1.18.0 (Ubuntu)
Content-Length: 6298
Connection: keep-alive
cdn.taboola.com/libtrc/unip/1403689/tfa.js
151.101.65.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1403689/tfa.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (59645)
Hash 5502a38314db126320d62387be9cdcfe
bbac19fde1997c14186a0cd2b5cc08c01b5f8bbe
ec0322beaf767ad28f4ae566615ab89bbbeff8fcc054cdfc63ac024aec5ffc01
GET /libtrc/unip/1403689/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HESUf1m62jUh+GxJPz06/CG4OFkv5ff/AFEd7aeLKS3iUWxF0jJCJBHqKb/+s12SeFfHGUd0o6c=
x-amz-request-id: NH9A9Q0E2WGB2WHF
x-amz-replication-status: COMPLETED
last-modified: Sun, 29 Jan 2023 11:08:24 GMT
etag: "3132ecde5f1098729c0eaf2630645c31"
x-amz-version-id: LX9137NMamJWkB2pJnr0.8o7hgPemVB_
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 02:56:26 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675565786.010863,VS0,VE194
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 80
content-length: 18337
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 482952c319f6b341719e70726729734d
d562869196fe45ede7cf9d7b83643c020eae68b2
052ed0f05af6fa66b55a1e883536b6fc2743d32d56aa4b7c58f0b8202b67ee9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6186
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Last-Modified: Sun, 05 Feb 2023 01:13:20 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2521dc6dc015025c26c7a1b08b3060a1
f5c7abc50c9229a4b198a5c0d5f6dfa8ac528b9f
6671bc387c8011ec55a9d023502189b997adeb18fc2f199747dec7d688f85bd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5438
Cache-Control: max-age=130246
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Etag: "63de5f62-139"
Expires: Mon, 06 Feb 2023 15:07:12 GMT
Last-Modified: Sat, 04 Feb 2023 13:36:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/966120210/?random=1675565823639&cv=11&fst=1675562400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2147304847&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/966120210/?random=1675565823639&cv=11&fst=1675562400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2147304847&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966120210/?random=1675565823639&cv=11&fst=1675562400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2147304847&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 02:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:25 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=MmBvI180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZhMGZFeCUyQjc2MDBENEdPaXMxS1RvNWNDUzA5cGQ1dllBZVgwS2FzM0Fj; expires=Fri, 01 Mar 2024 02:56:26 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 230155
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/966120210/?random=1675565823639&cv=11&fst=1675562400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2147304847&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/966120210/?random=1675565823639&cv=11&fst=1675562400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2147304847&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966120210/?random=1675565823639&cv=11&fst=1675562400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&tiba=Reset%20Password&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2147304847&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 02:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 15 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
Hash 03f8a95e21ab6c531700fa4aaf129665
cb1c2cf25e7386d51a665704e1f1a13f224b0abf
1cffd88c328bdb7aa965e1fb7b757a4dcfae60e4e2afaa0d818f0841787a973f
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 02:56:26 GMT
content-type: text/javascript
last-modified: Mon, 02 Jan 2023 16:36:54 GMT
etag: W/"63b30826-aae4"
expires: Mon, 06 Feb 2023 02:56:26 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ag.gbc.criteo.com/newidsd
185.235.84.109200 OK 38 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.109:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbfc88d645b24ea8b5e9890b129585fe
26615a8df62dce675d5c9dd32695d9e0faf9ded1
f456781f21d187ee4a7beabae54a28bb03b2a8e1389720eb609033fd73526042
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:25 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 61776
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=app.nixplay.com&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=app.nixplay.com&origin=onetag
IP 178.250.0.157:0
Hash 7ebc1f1d573eadee5fd3831a47f6db39
144f651cdbe6ab86f72ec2e03861cd9c3cc8bb95
60ab36339effffa40ad942ccf0948267ae15e2e5208a63742a089e519b688521
GET /syncframe?topUrl=app.nixplay.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:26 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=13f71577-711b-45b5-a652-b91a8ef1198f; expires=Fri, 01 Mar 2024 02:56:25 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 541370
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=0059b83cb759fd1a5154811ec7279e1f67&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&g=1&optOut=false&bust=03220074933205497&referrer=
64.202.112.95200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=0059b83cb759fd1a5154811ec7279e1f67&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&g=1&optOut=false&bust=03220074933205497&referrer=
IP 64.202.112.95:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=0059b83cb759fd1a5154811ec7279e1f67&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&g=1&optOut=false&bust=03220074933205497&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 02:56:26 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 98fb217fee97e083a1158a60272cafbd
smart-tag.s3-ap-southeast-1.amazonaws.com/widget_dev.js
52.219.132.147200 OK 284 kB URL HTTP/1.1 smart-tag.s3-ap-southeast-1.amazonaws.com/widget_dev.js
IP 52.219.132.147:0
File type Unicode text, UTF-8 text, with very long lines (65466)
Size 284 kB (283639 bytes)
Hash f0cea11bba210b284bf652d1720a17f9
86325df34b3e2ece6983e37b4d504992528c9869
25c6dc3d59e602d47f0ea76309d5f9ff0e43fa73414636160a0ead92c504e857
GET /widget_dev.js HTTP/1.1
Host: smart-tag.s3-ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: jU4qWSA0lxf7gQM2/bQEZNS6bqMKE6ha1N7BIIRQn6mpwvl78GvetZOA8fC9xF8MOdxCO/zbjQY=
x-amz-request-id: 9R7GS1MGBE6BB589
Date: Sun, 05 Feb 2023 02:56:27 GMT
Last-Modified: Mon, 02 Aug 2021 05:10:59 GMT
ETag: "f0cea11bba210b284bf652d1720a17f9"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 283639
gem.gbc.criteo.com/newidsd
178.250.6.194200 OK 39 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8222e15504c43d8e32f25e9928d5a4fa
06fc30f9a64e9802a243be5aacdec040cf37e301
b2b9331b22d8ff7729296651d6166efa7ee7e7c24cfd89443af71e3447dc08b0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 126721
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6bbc115b478766c496bf3794eb0792a3
dc405c689185624c2d53ec7c6381a17e9cb6734c
7ed7adbf707aa904439803a96b759f5df969e255216c945dad6956aaf221a5af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4811
Cache-Control: max-age=171786
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:27 GMT
Etag: "63df041a-139"
Expires: Tue, 07 Feb 2023 02:39:33 GMT
Last-Modified: Sun, 05 Feb 2023 01:19:22 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
trc-events.taboola.com/1403689/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1675565824575&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1675565826129&vi=1675565824573&ri=dbd37fb273b2412cf8cb452124c32b68&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&ler=other
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1403689/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1675565824575&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1675565826129&vi=1675565824573&ri=dbd37fb273b2412cf8cb452124c32b68&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&ler=other
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1403689/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1675565824575&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1675565826129&vi=1675565824573&ri=dbd37fb273b2412cf8cb452124c32b68&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&ler=other HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 02:56:27 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app.nixplay.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
ptag-script.s3-ap-southeast-1.amazonaws.com/ptag.js
52.219.132.147200 OK 1.7 kB URL HTTP/1.1 ptag-script.s3-ap-southeast-1.amazonaws.com/ptag.js
IP 52.219.132.147:0
File type exported SGML document, ASCII text, with very long lines (1687), with no line terminators
Hash 6b4d3a0577c18ead34a6512640f73bfc
92c9899a1310ba17e4db1f20e66b1f5009122b9d
5cbc7bc842ea58e2ee9e5f7dc60e75965a0aa1d663b765a0a68f7a2b32c122ae
GET /ptag.js HTTP/1.1
Host: ptag-script.s3-ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HS4bsYS2XpfRCeEsaG8Ee8+xEWOYk+nf+/E7V4qse+86N9bWR/126HrABX3S7PkudtXPEpFBHn0=
x-amz-request-id: TXRWSQBPN0FYB51C
Date: Sun, 05 Feb 2023 02:56:29 GMT
Last-Modified: Wed, 23 Jun 2021 07:15:47 GMT
ETag: "6b4d3a0577c18ead34a6512640f73bfc"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 1687
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 78407ac1cb64f8eedeb697574509b417
2e2667c7cd3a397de8a75342fb51d4bbc2a53028
d8274c6af50031fb7a5c1ac7b69df880dc0c0024734469aba9f4558a42d850bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8274C6AF50031FB7A5C1AC7B69DF880DC0C0024734469ABA9F4558A42D850BB"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5214
Expires: Sun, 05 Feb 2023 04:23:22 GMT
Date: Sun, 05 Feb 2023 02:56:28 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-80OBJ0j7p_e7yPrHxaGlZtsQ1bmo1iRynrTk6A
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-80OBJ0j7p_e7yPrHxaGlZtsQ1bmo1iRynrTk6A
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-80OBJ0j7p_e7yPrHxaGlZtsQ1bmo1iRynrTk6A HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 05 Feb 2023 02:56:27 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 78407ac1cb64f8eedeb697574509b417
2e2667c7cd3a397de8a75342fb51d4bbc2a53028
d8274c6af50031fb7a5c1ac7b69df880dc0c0024734469aba9f4558a42d850bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8274C6AF50031FB7A5C1AC7B69DF880DC0C0024734469ABA9F4558A42D850BB"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5214
Expires: Sun, 05 Feb 2023 04:23:22 GMT
Date: Sun, 05 Feb 2023 02:56:28 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash fd2f8421086521721ac4b242f5ba4b58
60ba744a6c925acc63c4994cd5bc1c8ffc6f3d59
dca37f14eb01f58452ce9608bb0752abdaa630ebb86a994d493da77ea270d34e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99625
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63ddeaa4-1d7"
Expires: Mon, 06 Feb 2023 06:36:53 GMT
Last-Modified: Sat, 04 Feb 2023 05:18:28 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bm0MBlbnE59Md2KOYFEHZ4KVB9hQiCvy72B3MblK5GSDxqWNdJ_Apg==
Age: 4705
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:28 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 820959
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-sMN6nEj7p_e7yPrHxaGlZtsQ1blGneC9muHFQQ
2.18.172.23200 OK 237 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-sMN6nEj7p_e7yPrHxaGlZtsQ1blGneC9muHFQQ
IP 2.18.172.23:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 74378edf31ef26cd97c236ad08d05fa3
fdd52cdbf193d1dfd1031978667689f3414b49ed
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
GET /cksync.php?cs=3&type=crt&ovsid=k-sMN6nEj7p_e7yPrHxaGlZtsQ1blGneC9muHFQQ HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 237
content-type: image/gif
set-cookie: visitor-id=3185673883580227000V10; Expires=Mon, 05 Feb 2024 02:56:28 GMT; domain=.media.net; Path=/;
data-c-ts=1675565788;Expires=Tue, 07 Mar 2023 02:56:28 GMT;path=/;domain=.media.net;
data-c=k-sMN6nEj7p_e7yPrHxaGlZtsQ1blGneC9muHFQQ~~3;Expires=Tue, 07 Mar 2023 02:56:28 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 05 Feb 2023 02:56:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 02:56:28 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ
142.250.74.2302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8b6856d490fbb6fe293f921d92c9f767
c7a2b9e8b851e130e46ad0ad2a92db9852b5ae60
b3d704f1dcaadca9a1ac0ac6165caf33ed2e6f148b7dde4418f37bd5a86db29f
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm=&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ&google_tc=
date: Sun, 05 Feb 2023 02:56:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 03:11:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-yoHSbUj7p_e7yPrHxaGlZtsQ1bm0wMy11zeJIQ
184.24.45.54200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-yoHSbUj7p_e7yPrHxaGlZtsQ1bm0wMy11zeJIQ
IP 184.24.45.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-yoHSbUj7p_e7yPrHxaGlZtsQ1bm0wMy11zeJIQ HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sun, 05 Feb 2023 02:56:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 02:56:28 GMT
X-Firefox-Spdy: h2
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300
209.54.182.161302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300
IP 209.54.182.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: Q18HHSJWT85Q3E7305KW
Set-Cookie: ad-id=A7ye-xB6X0LxirPxzPnNC5c|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 02:56:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm=&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ&google_tc=
142.250.74.2302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm=&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ&google_tc=
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9e11c8a632a9f11151d94f0808df4f60
91552ac8dac34aaa58268ba12583024f2af3b92f
ccf26cbfc9df740bb6a5d1c216dd18cb76b791b42d45658ad963a6513a2aa183
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_cm=&google_hm=ay1SM3BERmtqN3BfZTd5UHJIeGFHbFp0c1ExYmtGVmVQMGsweHo0UQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_error=3
date: Sun, 05 Feb 2023 02:56:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: ca5975f7-6304-4bae-93e7-d271e9ba1d56
Set-Cookie: uuid2=7106768186455795985; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 02:56:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
37.252.173.215302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 5e40e029-399f-45d7-9a80-bdafe19d3d8f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5f9a07c50e171a7a1c983c3e546fa747
701c6cb3c3acf183ada0ca7144fd5a6accdc3a7a
cf5194a18d2a1926880316305c783ac5d9a6b8086d9ed13d0c50f1303d2fa756
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 02:56:28 GMT
Last-Modified: Sun, 05 Feb 2023 02:08:42 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MY3k4kPBy8bsJntENT8REV_IHDAwRHpRD5sherjM6utEaDk0v9YBgA==
Age: 2866
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA
18.158.219.34302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA
IP 18.158.219.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA
set-cookie: tuuid=3d4094d9-5fdf-4b79-8fd5-704b90151dc2; Expires=Sat, 06 May 2023 02:56:28 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675565788; Expires=Sat, 06 May 2023 02:56:28 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ebce6de82aa929525d1c1e6d8ca17c8a
6e79c213ccf757da0bcbc0e762e9fa8701e51ff0
75baa30790c1aaeaf38d4f92aaf4ca77575f65c977fe5dbf4ea7e895494e5065
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95310
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63dde67c-1d7"
Expires: Mon, 06 Feb 2023 05:24:58 GMT
Last-Modified: Sat, 04 Feb 2023 05:00:44 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _lkwED8NGWfAa6f3sfNtFK9U45w1sSTxxQ1ploC4gMl7ergbdCvzqQ==
Age: 1454
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef93957e7647de6875c55fc7dcfaa912
db22475c14c297db2f90b0b4d3dd6f5210e573b1
6bf15bb83446ac97e63455961ba37f9f93c60fad1abd422403969847c8b6f6c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5357
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Last-Modified: Sun, 05 Feb 2023 01:27:11 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 17b154551d0d62dde5d62de38fa46d8a
3468762be6e127f7641c3409e0ca8a567725e2b6
0dd480ace544fcda0d1504940cab79895ef63d8d17132c8d8b3be6edf07d93b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4157
Cache-Control: max-age=99453
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63ddec1c-139"
Expires: Mon, 06 Feb 2023 06:34:01 GMT
Last-Modified: Sat, 04 Feb 2023 05:24:44 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-w6wVYUj7p_e7yPrHxaGlZtsQ1bl8JwEeCPJ1nQ
3.125.215.124204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-w6wVYUj7p_e7yPrHxaGlZtsQ1bl8JwEeCPJ1nQ
IP 3.125.215.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-w6wVYUj7p_e7yPrHxaGlZtsQ1bl8JwEeCPJ1nQ HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 02:56:28 GMT
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA
18.158.219.34200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA
IP 18.158.219.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-Go4TV0j7p_e7yPrHxaGlZtsQ1bkKOx1y594eTA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-jhUKJUj7p_e7yPrHxaGlZtsQ1bkjT3uqgCyq9g&expires=30
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-jhUKJUj7p_e7yPrHxaGlZtsQ1bkjT3uqgCyq9g&expires=30
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-jhUKJUj7p_e7yPrHxaGlZtsQ1bkjT3uqgCyq9g&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Content-Type: image/gif
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-kaU73Uj7p_e7yPrHxaGlZtsQ1bk6bY4i4GCi3Q
185.86.138.142200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-kaU73Uj7p_e7yPrHxaGlZtsQ1bk6bY4i4GCi3Q
IP 185.86.138.142:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-kaU73Uj7p_e7yPrHxaGlZtsQ1bk6bY4i4GCi3Q HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 05 Feb 2023 02:56:28 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8117356918476542207; expires=Tue, 05 Mar 2024 02:56:28 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 05 Mar 2024 02:56:28 GMT; domain=smartadserver.com; path=/
csync=79:k-kaU73Uj7p_e7yPrHxaGlZtsQ1bk6bY4i4GCi3Q; expires=Mon, 05 Feb 2024 02:56:28 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 392150821fa2297ac03c44478a2dce26
d95771a08af29868b2cf80c0cb7e27b4de9a38e5
30fbbe75e0ec1a15edac9f7b0271ee25bb924822be648cf04c5148eec820af77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=136896
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63de75d7-1d7"
Expires: Mon, 06 Feb 2023 16:58:04 GMT
Last-Modified: Sat, 04 Feb 2023 15:12:23 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0006fb5e3cfceb796be5de36d494e9ac
b597abcab8e24c535b8b4479775f9e2f5b15ccb0
2567f8b81cbffd4565a6638ef2c01d3ded23de59b925b35136e225a0595bbdeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Last-Modified: Sun, 05 Feb 2023 01:13:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNwa32MCELgQ4iN94vE8UYD73tb2i9oFEgEBAQFs4GPoYwAAAAAA_eMAAA&S=AQAAAomHU_CKiouBRddzgwVTU60; Expires=Mon, 5 Feb 2024 08:56:28 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d525a4056778875caaa260fef2c061e
9d0b2b0b9be3e7cc4534f6f270e46fa3e74fa394
5a66f26e823673c1076843efba10956528413b229e342153afdd93cfebd5a673
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4490
Cache-Control: max-age=133971
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63de71a5-1d7"
Expires: Mon, 06 Feb 2023 16:09:19 GMT
Last-Modified: Sat, 04 Feb 2023 14:54:29 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a8f191b6804fc7779af2631165a23cb
d64c7ccd78c831820e1fbe0f96f012bd8a1ea7f8
3d1128de7ff22ad54dc569850cff7895140ead9c34009a0be3a7872694f03869
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6315
Cache-Control: max-age=104142
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63ddf5ff-1d7"
Expires: Mon, 06 Feb 2023 07:52:10 GMT
Last-Modified: Sat, 04 Feb 2023 06:06:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300&dcc=t
209.54.182.161200 OK 65 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300&dcc=t
IP 209.54.182.161:0
File type HTML document, ASCII text
Hash 22fdf49482d8200e8f305bbe262eff14
f254bd4053267c2cf46675613e689016d8b7f775
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
GET /iu3?d=generic&ex-fargs=%3Fid%3D7a40f1d5-927a-fa25-8912-41ccffa0fe5c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.nixplay.com/&ex-hargs=v%3D1.0%3Bc%3D6613110240401%3Bp%3D7A40F1D5-927A-FA25-8912-41CCFFA0FE5C&cb=945539824155191300&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.nixplay.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: XF1AQW4JT0EDZ9J9JYDB
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d12cb53144d0964484d5533da0d9224f
a656489348ebb5f6eb71f7f8758d64ea5e9a1f7a
1b458c0e3cebcfb9bb5cfb8fd54cd54b79825bde21f296a4348b0ce342a38585
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B458C0E3CEBCFB9BB5CFB8FD54CD54B79825BDE21F296A4348B0CE342A38585"
Last-Modified: Sat, 04 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3203
Expires: Sun, 05 Feb 2023 03:49:51 GMT
Date: Sun, 05 Feb 2023 02:56:28 GMT
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-mBUtJkj7p_e7yPrHxaGlZtsQ1bn5-2p6Onw1ig
37.157.4.28200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-mBUtJkj7p_e7yPrHxaGlZtsQ1bn5-2p6Onw1ig
IP 37.157.4.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-mBUtJkj7p_e7yPrHxaGlZtsQ1bn5-2p6Onw1ig HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
etag: "5cadc022-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:28 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww&C=1
cf-ray: 79485f846827b500-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y98a3Lkz2RSsfKUHVe4yLwAA; Path=/; Domain=casalemedia.com; Expires=Mon, 05 Feb 2024 02:56:28 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=706; Path=/; Domain=casalemedia.com; Expires=Sat, 06 May 2023 02:56:28 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=706; Path=/; Domain=casalemedia.com; Expires=Sat, 06 May 2023 02:56:28 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRlv4w111du3IPLwER6nXIbqKJvPKv5gSS5c7SDGAZ4Hr9HXM3QGKFARAtxcW4ko6fFgBz1otmbVxwhDAClvVkOS8mTJtzvpiO8tsFRZ8FIQIeNhBG2ITpVnqUCyhBp3ufgJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-5h5Bj0j7p_e7yPrHxaGlZtsQ1bkGGeuHtrEeMQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 02:56:28 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNwa32MCEHyWPQlDUoUrmjEO7_FD04AFEgEBAQFs4GPoYwAAAAAA_eMAAA&S=AQAAAvYKrrrUFR1Da9i8Wfmqbpw; Expires=Mon, 5 Feb 2024 08:56:28 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e4dfb9e29f29906cd74c15f9796f94a4
eaaad4849c68f6e27b26b49bde5c33d30132d0da
fd04918a97864139ab2d2c32c51f83d39d67c01cd3a97053d95a0f7bcf411fbd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 15:11:58 GMT
Expires: Sat, 11 Feb 2023 15:11:57 GMT
Etag: "eaaad4849c68f6e27b26b49bde5c33d30132d0da"
Cache-Control: max-age=561928,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79485f846d190afa-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 559e28226cae3d9dcc05a4b3b2397e9d
9554456b30a6948aceb7102906e93342907b065f
13c46ddee7d04c6128ab27034d24127c18bb40c5a053da4f641209eb9f693445
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124056
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63de5723-1d7"
Expires: Mon, 06 Feb 2023 13:24:04 GMT
Last-Modified: Sat, 04 Feb 2023 13:01:23 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NK5IQqF9d2wiVZ7mZZMmsi93Q9OJqtLmZ0joq90pIEksMOKSAZyklw==
Age: 1361
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27ce914bad3a60d980c23e19ae639690
270acbd8d798698216b3c48f0e09e0a2d8576836
d5ebe8ba92a47d866879d7a7ab736b586ff458f57e81552255eb423d2eb6719a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4557
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Last-Modified: Sun, 05 Feb 2023 01:40:31 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
id5-sync.com/s/966/9.gif?puid=k-QE4tSEj7p_e7yPrHxaGlZtsQ1bnt8LZeR7mMRA
162.19.138.120200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-QE4tSEj7p_e7yPrHxaGlZtsQ1bnt8LZeR7mMRA
IP 162.19.138.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-QE4tSEj7p_e7yPrHxaGlZtsQ1bnt8LZeR7mMRA HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 05-Feb-2023 03:01:28 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 05-Feb-2023 03:01:28 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 05-Feb-2023 03:01:28 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 05-Feb-2023 03:01:28 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 05-Feb-2023 03:01:28 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 05-Feb-2023 03:01:28 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 02:56:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
dpm.demdex.net/ibs:dpid=28645&dpuuid=
34.243.64.240302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 34.243.64.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-048420acf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=25815784392955842544556465547066239546; Max-Age=15552000; Expires=Fri, 04 Aug 2023 02:56:28 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: na9m2dmPSc0=
Content-Length: 0
Connection: keep-alive
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-BsADtEj7p_e7yPrHxaGlZtsQ1blqg2-lrfwsww&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: image/gif
content-length: 43
cf-ray: 79485f84c867b500-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcu0vHi7X1P3Qn4FgX6g9K5zuW%2BiPXzZRK9d7Tuqa41ls6I2FTsZ%2F8EUonl1FXNQ1sJrsetbE1sIv2VN2nn8V8qRFMs%2FSiy4M%2FFSk6Ox4FNGzwuhs6%2F7Eio7zNeLcgUmS05y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.nixplay.com/v2/reset_pwd/validate/
54.213.246.206200 OK 4 B URL HTTP/2 api.nixplay.com/v2/reset_pwd/validate/
IP 54.213.246.206:0
File type ASCII text, with no line terminators
Hash 37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
POST /v2/reset_pwd/validate/ HTTP/1.1
Host: api.nixplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 46
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:25 GMT
content-type: application/json; charset=UTF-8
server: gunicorn/19.3.0
vary: Cookie
access-control-allow-origin: https://app.nixplay.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=2711&xuid=k-5sLJT0j7p_e7yPrHxaGlZtsQ1blH27CtKJAxeQ&dongle=013b
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-5sLJT0j7p_e7yPrHxaGlZtsQ1blH27CtKJAxeQ&dongle=013b
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-5sLJT0j7p_e7yPrHxaGlZtsQ1blH27CtKJAxeQ&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0006fb5e3cfceb796be5de36d494e9ac
b597abcab8e24c535b8b4479775f9e2f5b15ccb0
2567f8b81cbffd4565a6638ef2c01d3ded23de59b925b35136e225a0595bbdeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:28 GMT
Last-Modified: Sun, 05 Feb 2023 01:13:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-l2WIpUj7p_e7yPrHxaGlZtsQ1bmHE9omYHahWQ
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-l2WIpUj7p_e7yPrHxaGlZtsQ1bmHE9omYHahWQ
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-l2WIpUj7p_e7yPrHxaGlZtsQ1bmHE9omYHahWQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=34c36576614b0e1ae13783da122dc09f; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 02:56:28 GMT
content-length: 49
x-envoy-upstream-service-time: 3
server: ayl-lb-fra02
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 02:56:27 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA&KRTB&23144-uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA&KRTB&23286-uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA&KRTB&23287-uid:k-WFEAokj7p_e7yPrHxaGlZtsQ1bmCvKt2b3pDDA; domain=pubmatic.com; secure; expires=Tue, 07-Mar-2023 02:56:27 GMT; path=/
PugT=1675565787; domain=pubmatic.com; secure; expires=Tue, 07-Mar-2023 02:56:27 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
34.243.64.240200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 34.243.64.240:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Ue4WKl37Sek=
Content-Length: 59
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-NeJQDkj7p_e7yPrHxaGlZtsQ1blvglHuyWuHBw
64.202.112.95200 OK 408 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-NeJQDkj7p_e7yPrHxaGlZtsQ1blvglHuyWuHBw
IP 64.202.112.95:0
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash 57de7889684b7342664382aae05316c4
44d54401eeb29a21e7d6b18413bc4970882a740f
b18923e52113e8f3bc192baf1eb97dcf63c19a97b9405334b2c03974c48aec0c
GET /cookie-sync?p=criteo&uid=k-NeJQDkj7p_e7yPrHxaGlZtsQ1blvglHuyWuHBw HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Type: application/json
Content-Length: 408
Cache-Control: no-cache
X-TraceId: f235b66e0c43785270a762ea7f8ce6d5
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:28 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 1001209
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash be7f3f4089391cef2ea78f259940035e
e1dac0692a0d3111c73cd6b3dd1045b70361406f
0ea389625b51190d2e31782836d5ba57bf2261b9c557a232c7c2eba374ff9fdb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 02:56:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:32:54 GMT
Expires: Sun, 05 Feb 2023 21:32:54 GMT
ETag: "e1dac0692a0d3111c73cd6b3dd1045b70361406f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8b01e823dcdb0bc93def67791b99c1ff
c2b1ff308d5b27a776259ed5696ee0854e586c77
7be7f84db702ba6b520c773d6422eaf7e1ee519485a030057713a74618e3be2d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139254
Date: Sun, 05 Feb 2023 02:56:29 GMT
Etag: "63de922d-1d7"
Expires: Mon, 06 Feb 2023 17:37:23 GMT
Last-Modified: Sat, 04 Feb 2023 17:13:17 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jP61mxGGBL6Gnh4pBauUs-WaWfCf228_ebNBwIH8MBOO5bLTlhjPDw==
Age: 1446
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a8913413cc3807a4937be1cc134090ce
a28f64e21385b9703a184df7169380001aa5bad8
74278e35e611ff7540c0f649189417657561e147fbb138f4d0856ce042f71044
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124129
Date: Sun, 05 Feb 2023 02:56:28 GMT
Etag: "63de4903-1d7"
Expires: Mon, 06 Feb 2023 13:25:17 GMT
Last-Modified: Sat, 04 Feb 2023 12:01:07 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b4dqZzmip1RzJp9RulJU3z-98QoU3_CJPok0AAgu1DBDjF213cxEvA==
Age: 5050
e1.emxdgt.com/put?d=d53&uid=k-d3FwbEj7p_e7yPrHxaGlZtsQ1bl1XsOnM3rkNCrBbVF4FZ-j
3.71.169.66204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-d3FwbEj7p_e7yPrHxaGlZtsQ1bl1XsOnM3rkNCrBbVF4FZ-j
IP 3.71.169.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-d3FwbEj7p_e7yPrHxaGlZtsQ1bl1XsOnM3rkNCrBbVF4FZ-j HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 05 Feb 2023 02:56:28 GMT
content-length: 0
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-Gu4EdEj7p_e7yPrHxaGlZtsQ1bl8mjqRfJZb1w&pn_id=criteo&ext=1
63.35.101.179200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-Gu4EdEj7p_e7yPrHxaGlZtsQ1bl8mjqRfJZb1w&pn_id=criteo&ext=1
IP 63.35.101.179:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-Gu4EdEj7p_e7yPrHxaGlZtsQ1bl8mjqRfJZb1w&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:29 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g352bcab567dcd4734df%7C1675565789094%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 05-Feb-2024 02:56:29 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-Gu4EdEj7p_e7yPrHxaGlZtsQ1bl8mjqRfJZb1w; Domain=ads.yieldmo.com; Expires=Mon, 05-Feb-2024 02:56:29 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 02:56:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=514218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79485f83d86fb518-OSL
x.bidswitch.net/sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30
35.157.76.89302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30
IP 35.157.76.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:29 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=c835799e-b2bd-4b6a-9491-9ae80dfb4b3c; path=/; expires=Mon, 05-Feb-2024 02:56:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675565789; path=/; expires=Mon, 05-Feb-2024 02:56:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675565789; path=/; expires=Mon, 05-Feb-2024 02:56:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675565789; path=/; expires=Mon, 05-Feb-2024 02:56:29 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20986e3ad41b7c7568b647083cfa3ee9
a6199774774df812bb2e847f7d01cddbba9192f2
6cc18cd5bcc4c953f33cb49aecfed274701b2af3a15fd8f7cde0a05f8d6dc1eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5396
Cache-Control: max-age=124470
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 02:56:29 GMT
Etag: "63de48ff-1d7"
Expires: Mon, 06 Feb 2023 13:30:59 GMT
Last-Modified: Sat, 04 Feb 2023 12:01:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30
35.157.76.89200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30
IP 35.157.76.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-VNcLrEj7p_e7yPrHxaGlZtsQ1bmQDsUsEa5b1g&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:29 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.208.71.104204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.208.71.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 02:56:29 GMT
set-cookie: _kuid_=PXE945Li; Expires=Fri, 04-Aug-23 02:56:29 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n007-dub-prod.krxd.net
x-request-time: D=29 t=1675565789
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 02:56:28 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 449521
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash fd048f00b177a5a80c0ed1daf817b74e
60bc5ff616767eb246098ea9c9ad36d133bfb4ed
6650662a421182467f978bd796589e157c14b49b772ef899d42802b4531cc05a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "6650662A421182467F978BD796589E157C14B49B772EF899D42802B4531CC05A"
Last-Modified: Sat, 04 Feb 2023 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3047
Expires: Sun, 05 Feb 2023 03:47:16 GMT
Date: Sun, 05 Feb 2023 02:56:29 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.141.114.230200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.141.114.230:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:29 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: b06e11e0-a500-11ed-9508-0000ac17023c
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
trc-events.taboola.com/1403689/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1675565824575&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1675565829130&vi=1675565824573&ri=dbd37fb273b2412cf8cb452124c32b68&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&ler=other
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1403689/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1675565824575&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1675565829130&vi=1675565824573&ri=dbd37fb273b2412cf8cb452124c32b68&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&ler=other
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1403689/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1675565824575&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1675565829130&vi=1675565824573&ri=dbd37fb273b2412cf8cb452124c32b68&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword&ler=other HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 02:56:30 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app.nixplay.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f28ffcf384ce958b6302d05b6690c088
e5d4cbfc7482d35ee2ca03a7178426f3e2e97010
725d42a020d496f596074794cc2abdaca8a9b821e1a3502eee26056d0f528506
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7665
x-amzn-requestid: 001ba86d-ebc8-4819-89f7-1604bc059cd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGibFeqIAMFqMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8475-076d982b5fccf2b931a05976;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gnkjykHYcMthJkIb-A1P1rRw9FZieh3TmoTT3qVaceWw03TQNX8qfQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:32:24 GMT
age: 15848
etag: "e5d4cbfc7482d35ee2ca03a7178426f3e2e97010"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=MmBvI180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZhMGZFeCUyQjc2MDBENEdPaXMxS1RvNWNDUzA5cGQ1dllBZVgwS2FzM0Fj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:25 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=ULsH6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZhMGZFeCUyQjc2MDBENEdPaXMxS1RyWnl3ZzRJUVpSN1NQUCUyQjd4cDQxazk; expires=Fri, 01 Mar 2024 02:56:26 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 383302
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js
IP 104.16.124.175:0
GET /ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:24 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"e34-Tn/fBtCpAXg6tUKDGbgozKhyxLU"
via: 1.1 fly.io
fly-request-id: 01GE2BC5AHVC8XE3JQGGP8FRF2-ams
cf-cache-status: HIT
age: 11186915
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79485f6bebadb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/ionicons@5.0.0/dist/ionicons/p-763ce0c6.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/ionicons@5.0.0/dist/ionicons/p-763ce0c6.js
IP 104.16.124.175:0
GET /ionicons@5.0.0/dist/ionicons/p-763ce0c6.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.nixplay.com
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:24 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"2fe-nFoH10sI1sMZTGbQl1tybJVCa9k"
via: 1.1 fly.io
fly-request-id: 01GQ46Q1PXEPE0FF0W7VA9PD2B-fra
cf-cache-status: HIT
age: 1461016
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79485f6c2bbeb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
trc.taboola.com/1403689/trc/3/json?tim=1675565824577&data=%7B%22id%22%3A370%2C%22ii%22%3A%22%2Freset-pwd%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675565824573%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnixplay-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675565824576%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.65.44200 OK 0 B URL HTTP/2 trc.taboola.com/1403689/trc/3/json?tim=1675565824577&data=%7B%22id%22%3A370%2C%22ii%22%3A%22%2Freset-pwd%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675565824573%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnixplay-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675565824576%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.65.44:0
GET /1403689/trc/3/json?tim=1675565824577&data=%7B%22id%22%3A370%2C%22ii%22%3A%22%2Freset-pwd%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675565824573%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnixplay-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675565824576%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp.nixplay.com%2Freset-pwd%2F%3Ftoken%3D6606734da315877a516c16f788e18125765315ac%26utm_medium%3Demail%26utm_source%3Dedm%26utm_campaign%3Dsystem%26utm_content%3Drecoverpassword%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.nixplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 02:56:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675565786.339006,VS0,VE111
vary: Accept-Encoding
x-vcl-time-ms: 111
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_error=3
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_error=3
IP 178.250.2.151:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R3pDFkj7p_e7yPrHxaGlZtsQ1bkFVeP0k0xz4Q&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 271512
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.2.151:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:28 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 296613
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-TCrhTkj7p_e7yPrHxaGlZtsQ1bn_6baud7GJOA
52.3.101.55200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-TCrhTkj7p_e7yPrHxaGlZtsQ1bn_6baud7GJOA
IP 52.3.101.55:0
GET /sync?UICR=k-TCrhTkj7p_e7yPrHxaGlZtsQ1bn_6baud7GJOA HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:29 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=53485&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=KWM1_V84UzdCSzhER0lDSHpnanBJZDJxViUyRmVxSmliRFAwMjMlMkZPSnBjYlQ2d3NWcWlwVFREM0J4dHM5UkhBZm9jODBxd1B6NzlDMSUyRlQ0bHFVSmtoQ3JEYmFySXFsdSUyRmVCb0JiUlNEUmUzSjZ3VUNYYW4yTFNnNiUyRnlIbWRoU25nODFBZjMlMkZjS3VpRWpLd1ZKQ3Y2OW52aFdjMFElM0QlM0Q&tld=nixplay.com&fu=https%253A%252F%252Fapp.nixplay.com%252Freset-pwd%252F%253Ftoken%253D6606734da315877a516c16f788e18125765315ac%2526utm_medium%253Demail%2526utm_source%253Dedm%2526utm_campaign%253Dsystem%2526utm_content%253Drecoverpassword&dtycbr=39945
74.119.119.150200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=53485&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=KWM1_V84UzdCSzhER0lDSHpnanBJZDJxViUyRmVxSmliRFAwMjMlMkZPSnBjYlQ2d3NWcWlwVFREM0J4dHM5UkhBZm9jODBxd1B6NzlDMSUyRlQ0bHFVSmtoQ3JEYmFySXFsdSUyRmVCb0JiUlNEUmUzSjZ3VUNYYW4yTFNnNiUyRnlIbWRoU25nODFBZjMlMkZjS3VpRWpLd1ZKQ3Y2OW52aFdjMFElM0QlM0Q&tld=nixplay.com&fu=https%253A%252F%252Fapp.nixplay.com%252Freset-pwd%252F%253Ftoken%253D6606734da315877a516c16f788e18125765315ac%2526utm_medium%253Demail%2526utm_source%253Dedm%2526utm_campaign%253Dsystem%2526utm_content%253Drecoverpassword&dtycbr=39945
IP 74.119.119.150:0
GET /event?a=53485&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=KWM1_V84UzdCSzhER0lDSHpnanBJZDJxViUyRmVxSmliRFAwMjMlMkZPSnBjYlQ2d3NWcWlwVFREM0J4dHM5UkhBZm9jODBxd1B6NzlDMSUyRlQ0bHFVSmtoQ3JEYmFySXFsdSUyRmVCb0JiUlNEUmUzSjZ3VUNYYW4yTFNnNiUyRnlIbWRoU25nODFBZjMlMkZjS3VpRWpLd1ZKQ3Y2OW52aFdjMFElM0QlM0Q&tld=nixplay.com&fu=https%253A%252F%252Fapp.nixplay.com%252Freset-pwd%252F%253Ftoken%253D6606734da315877a516c16f788e18125765315ac%2526utm_medium%253Demail%2526utm_source%253Dedm%2526utm_campaign%253Dsystem%2526utm_content%253Drecoverpassword&dtycbr=39945 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.nixplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:27 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 38269280
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-OkMwzEj7p_e7yPrHxaGlZtsQ1bmtYiSTEVsu-Q
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-OkMwzEj7p_e7yPrHxaGlZtsQ1bmtYiSTEVsu-Q
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-OkMwzEj7p_e7yPrHxaGlZtsQ1bmtYiSTEVsu-Q HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 02:56:28 GMT
x-fastly-to-nlb-rtt: 22179
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=nixplay.com&sn=FirefoxSyncframe&so=0&topUrl=app.nixplay.com&info=ULsH6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZhMGZFeCUyQjc2MDBENEdPaXMxS1RyWnl3ZzRJUVpSN1NQUCUyQjd4cDQxazk&idsd=382640834,1898999769&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=nixplay.com&sn=FirefoxSyncframe&so=0&topUrl=app.nixplay.com&info=ULsH6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZhMGZFeCUyQjc2MDBENEdPaXMxS1RyWnl3ZzRJUVpSN1NQUCUyQjd4cDQxazk&idsd=382640834,1898999769&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=onetag&domain=nixplay.com&sn=FirefoxSyncframe&so=0&topUrl=app.nixplay.com&info=ULsH6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZhMGZFeCUyQjc2MDBENEdPaXMxS1RyWnl3ZzRJUVpSN1NQUCUyQjd4cDQxazk&idsd=382640834,1898999769&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=app.nixplay.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 02:56:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 939957
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2