firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 15:49:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4k8VIoe4Sb358r8sIFy90ROD46WoOHLyP-fHdln3jFva2OQFTZhGTg==
Age: 1852
www.getemail.io/em
301 Moved Permanently 162 B IP
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET /em HTTP/1.1
Host: www.getemail.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 16:20:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.getemail.io/em
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744792102eddb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7826
Expires: Fri, 02 Sep 2022 18:30:26 GMT
Date: Fri, 02 Sep 2022 16:20:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TA2__Lkql2BOBPYd61ALusaJ7-SsZ-AfLJuFRpKChE-zB5VbH7JIyw==
age: 54283
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 16:20:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bf054e69cebbe5e2b40fd4bcc30f218a
94fd82cb534fc1bd7d7c72979b8b994f475efbbf
c1e8004a77c50e1c206113d14eb88109f6d7549d2040286307444c9e4a903c07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1E8004A77C50E1C206113D14EB88109F6D7549D2040286307444C9E4A903C07"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21501
Expires: Fri, 02 Sep 2022 22:18:22 GMT
Date: Fri, 02 Sep 2022 16:20:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bf054e69cebbe5e2b40fd4bcc30f218a
94fd82cb534fc1bd7d7c72979b8b994f475efbbf
c1e8004a77c50e1c206113d14eb88109f6d7549d2040286307444c9e4a903c07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1E8004A77C50E1C206113D14EB88109F6D7549D2040286307444C9E4A903C07"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21501
Expires: Fri, 02 Sep 2022 22:18:22 GMT
Date: Fri, 02 Sep 2022 16:20:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 15:38:16 GMT
Expires: Fri, 02 Sep 2022 16:14:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: igH7F5aGsDmH05mZ2WG_MiRmiThqxQEorcGTo8U6Yrwgh5-nzEZwpA==
Age: 2505
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a317be698172bac507d98cbd6cf1fc56
a6a8f4ff555452669ead77ed5d7288bc41cbb5e0
673f4dbbb9618ffc21393aa39d9bf926d2cfb1fdd9156b9b09c482a00d3bab95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673F4DBBB9618FFC21393AA39D9BF926D2CFB1FDD9156B9B09C482A00D3BAB95"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10892
Expires: Fri, 02 Sep 2022 19:21:33 GMT
Date: Fri, 02 Sep 2022 16:20:01 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:01 GMT
Last-Modified: Fri, 02 Sep 2022 14:35:36 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a317be698172bac507d98cbd6cf1fc56
a6a8f4ff555452669ead77ed5d7288bc41cbb5e0
673f4dbbb9618ffc21393aa39d9bf926d2cfb1fdd9156b9b09c482a00d3bab95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673F4DBBB9618FFC21393AA39D9BF926D2CFB1FDD9156B9B09C482A00D3BAB95"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10892
Expires: Fri, 02 Sep 2022 19:21:33 GMT
Date: Fri, 02 Sep 2022 16:20:01 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
200 OK 5.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
IP
File type ASCII text, with very long lines (19802), with no line terminators
Hash 58f4ceec3a7d093bfd1950958cbe154b
caf26cce5c1f0aed15242563d761a49871049862
1e7bb2486d8ebbf38a33a57a9021264ff4979716ed8271630410be0c328a8a34
GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 5676
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-4d5a"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3019657
expires: Wed, 23 Aug 2023 16:20:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm5itrUCDg%2FvDPcLadyduQKBGWWBmMT23MRZeCtqwC9IkwFYjCzZ9ZQY2pJJ07%2BFYcoUWAYlQvt8SLZ9Otk54U%2FaXPCyBNNBUpOt71a52vxGa6uJWEKO5E0B6TyCpJdiDPo3eQxr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 744792181c0a0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js
200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js
IP
File type ASCII text, with very long lines (14271)
Hash b28f7cac34dfd6df3e59a875583b6b07
a303e337b3157a6d9d7ad252a0dd6ac811063791
c05bd00b2c2b864ded6d40104d124933056fa8b2cb3e4d2ba9a5102d1602da4e
GET /ajax/libs/axios/0.21.1/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fe182ae-3813"
last-modified: Tue, 22 Dec 2020 05:22:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7421680
expires: Wed, 23 Aug 2023 16:20:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ripM1B0SjBtZswbkaAl6lBb1QjxOu%2BIVF%2F2rYVB0crDpV4t7rY6DeAUfeX94x0vc29xOqnyccAZ59bx7GFA1GRa4zFTX8F88nMeWnZKCZk1wA1mMROC%2FZ2FxeCRUSDNqKzqFVB8N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 744792182c150b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
200 OK 948 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
IP
File type ASCII text, with very long lines (1323)
Hash 7ebddc52578cfcef8faf6bae26114686
9355e6820363f0c4ae0d31182aae76531bc82f31
2ca0c9f084305f3c1551e1a6eaa92bfa72fc383a706332ff2deaf7c164bef119
GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:01 GMT
content-type: text/css; charset=utf-8
content-length: 948
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-f62"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3240609
expires: Wed, 23 Aug 2023 16:20:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNs6CTkRjgExkuYm%2B4XBzwQ3cavH5BOAOSyrGpR1D6DxK2HoELV4YTU%2BDucXIj6LL7vw%2BUmkeTv%2Bw3mgbvEDLV79NJnpcwFxkA8ySKxCz6cNf8WeoAiYoNPToccX3TLvmJ9lQjqh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 744792183c310b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
File type gzip compressed data, from Unix\012- data
Hash 5af80248f042c663d799a503207de7f6
547c895279c2dc3cf8473448b4f4830d2f00fc07
9058c03cdd32cdd1671478e07298223a964148fef7c35a26c94d9f52ecef6ab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 2.5 kB IP
Hash f3a9ad3016cdd58ca1ccd627cdd77ae2
ed582d8e4d0a84feb580ac37d6203e0ccb524a46
0696b811fc5296ec78ceb61c481efdef316f4a803b266739710a70a734590cf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 32ac8787091a53280218a016c5c89c5e
fcb101915d7c3f085c29f78bc1b4379e70311c27
26d3ce8b342444fbd09af4b21c5bf8e52be979587fdeb729805ac55c55684cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.16.0/sp.js
200 OK 27 kB URL HTTP/2 cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.16.0/sp.js
IP
File type ASCII text, with very long lines (816)
Hash 4a15a6982c38dc139d7ab1acc4542a79
f7d09e6bece68ababd638a68740ddb2a77a4169d
1e2583041ecbe6d9c22b93348b8a285ec7fddb557ac9a8d516bda450216a6a34
GET /gh/snowplow/sp-js-assets@2.16.0/sp.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.16.0
x-jsd-version-type: version
etag: W/"134f0-qD7Q5HEa7ag1pE8cf1AzUZPVdxo"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Sep 2022 16:20:02 GMT
age: 2041919
x-served-by: cache-fra19183-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 26902
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XZYDVUsL7AZq8x/YXPxaSw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vYx8vLifgOg3BKdJeMueB9juAQ4=
www.googletagmanager.com/gtag/js?id=AW-978205309
200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-978205309
IP
File type ASCII text, with very long lines (1615)
Hash 111e13c38076cd12e9eae4c7150eef86
cfdf82dbffe7151ce5b41fdb2e4667953cde8165
0cf42f43f24595830924b412529079e238d9e938cef274f664203b545e700448
GET /gtag/js?id=AW-978205309 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 16:20:02 GMT
expires: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-72015201-2
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-72015201-2
IP
File type ASCII text, with very long lines (1615)
Hash 4c2670d034faf1aa20548b7bebac242b
ff0baa8fa749f7dca6d8efc4b677ed474f374a86
ddbbe4a9e7ca907a0d84defe5bb63ebdcd85831315af4943195357a1d2f2bfea
GET /gtag/js?id=UA-72015201-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 16:20:02 GMT
expires: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 77d511601d937d9601f86d8115f63479
39aae55aff7ac6db064a475245b373e598811d4c
654270ab6be61d57959769757951e4e80e00540483b9e783667757c19d9b1508
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 16:20:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "9616FBD9ED971ABB32A1CD50931630A75F008073"
Expires: Sat, 03 Sep 2022 03:00:00 GMT
Last-Modified: Fri, 02 Sep 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2397
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74479218c9b0b512-OSL
www.googleoptimize.com/optimize.js?id=OPT-K9Z63TZ
200 OK 41 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-K9Z63TZ
IP
File type ASCII text, with very long lines (1615)
Hash a2043aa5a2b39361f2b060384bb10a59
fcf7b87f33a1294d1c011fdf8e39889c71efa24f
e2d17b2d2cfa81cf18cd957a90e5b9586daaae4543702a9453f154c6bcc02bb3
GET /optimize.js?id=OPT-K9Z63TZ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 16:20:02 GMT
expires: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 855 B IP
Hash b3e72a40449993273fe5235de264ec9e
5da03e414a3d74d70cf40f85113b8dc82b9a8137
ca94a996f15c350d9445b31459b7556598cb2e23b79612404b4592ca194b7980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 4.0 kB IP
Hash 6d63e5fa42a5c331e756fb507f0fbe7c
b843c3ee4f264acbb5997fc01e918ae5f89c41a8
7ec71ee4a46f1048994d316f8eb818fd278f108734c2021f7f452542bdb74377
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.profitwell.com/js/profitwell.js?auth=b4e1683d423bb3f36b48e2dfb2ccf271
200 OK 56 kB URL HTTP/2 public.profitwell.com/js/profitwell.js?auth=b4e1683d423bb3f36b48e2dfb2ccf271
IP
Hash ad18588fa72b4d51343afc1c0d98b15e
e104190bddb54af28f259362e1c7e07d10cfb6bc
88209b5159d822bf5fd4d5fec89726968af3eb328afa0485ced80710e501f887
GET /js/profitwell.js?auth=b4e1683d423bb3f36b48e2dfb2ccf271 HTTP/1.1
Host: public.profitwell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Sep 2022 01:38:53 GMT
cache-control: public,max-age=86400
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8lhl_jaBOxv7chNRwgAqWQ-QopR_RCOMYRStpYRYZDNBq1cx8-l-xw==
age: 52870
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7cfb503a456fd35050f48a682e0a7ba5
4f47c8f420534ed405f86f356e867bedff1bf222
09f6ee7b7a42c8a54d6cd5523a058ad4ac4833581209090264d8286c9396ed6b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 16:20:02 GMT
Last-Modified: Fri, 02 Sep 2022 16:08:57 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MBCMyNW6CDL2SIf3qyewgV4Un0E_asgR2NYphAnh2sP-MZ2JYBpg5Q==
Age: 665
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7cfb503a456fd35050f48a682e0a7ba5
4f47c8f420534ed405f86f356e867bedff1bf222
09f6ee7b7a42c8a54d6cd5523a058ad4ac4833581209090264d8286c9396ed6b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 16:20:02 GMT
Last-Modified: Fri, 02 Sep 2022 14:38:48 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JzYYsklQ2ok9t55Bgk_yMXdmpfmInbIRHT--ktilp5eVJdaQKRxXsQ==
Age: 6074
api.getemail.io/tracker/t/com.snowplowanalytics.snowplow/tp2
200 OK 2.9 kB URL HTTP/2 api.getemail.io/tracker/t/com.snowplowanalytics.snowplow/tp2
IP
Hash f30f39ee074e6c764e78c047b7d6c70e
2fb67dd5984a734e303a96c39ba61903ba2e15d0
8833d3daa435e280c6cb89ec7c2ffab176071e2f0ec83652f90d8200e022b6e7
OPTIONS /tracker/t/com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: api.getemail.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://getemail.io/
Origin: https://getemail.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json
content-length: 3
x-amzn-requestid: 062930ec-5c3e-4cc3-b729-254f7d8becc6
access-control-allow-origin: https://getemail.io
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
x-amz-apigw-id: X1v_5Gk0joEFeOQ=
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3656
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Last-Modified: Fri, 02 Sep 2022 15:19:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/worksans/v18/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 45540, version 1.0\012- data
Hash 265a048e07b2c44b263558a34fb43ef0
da5d9a13e1d0e704edf24e435e608a7e67daca11
539d1318b0edaab4cfab043af9a46729116345b5b9b318a4c7cd25f5bc48e7e8
GET /s/worksans/v18/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getemail.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 00:12:07 GMT
expires: Thu, 31 Aug 2023 00:12:07 GMT
cache-control: public, max-age=31536000
age: 230875
last-modified: Tue, 23 Aug 2022 17:55:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.getemail.io/tracker/t/com.snowplowanalytics.snowplow/tp2
200 OK 744 B URL HTTP/2 api.getemail.io/tracker/t/com.snowplowanalytics.snowplow/tp2
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (742), with no line terminators
Hash c39cad60a9bed7a190c9225ca5c8f566
18ab75b558d96808d0841d4a4ad66c389d9a1e9f
aa12eacf10aebcdb5d773fee52a3c822c7f2579ff0c1555daa4f40e82cd45b55
POST /tracker/t/com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: api.getemail.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 832
Origin: https://getemail.io
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json
content-length: 744
x-amzn-requestid: 57339898-69b6-4130-99be-d6c555451df7
access-control-allow-origin: https://getemail.io
set-cookie: ge_landing_page=https://getemail.io/em; Max-Age=31536000; Path=/; domain=.getemail.io; Secure; HttpOnly
x-amz-apigw-id: X1v_5GeLjoEF5zQ=
x-amzn-trace-id: Root=1-63122d32-3009e2657c91d09d0abd64f8;Sampled=0
access-control-allow-credentials: true
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6qPWx07zLZkEZv8ldfLdPX7rAVge8LR+FL3Znu0rjMpviXtRP/fCJbBtn7sVBS5kRjcIoemTXhmxSwFJAdctkw==
priority: u=3,i
content-length: 26752
x-fb-trip-id: 1904183273
date: Fri, 02 Sep 2022 16:20:02 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash bbdf3dbc6a7e77aab94caad221e324b6
874e8fda630db03f859aabd5ee0847be9891dafa
48985e04b094a3f1bf9c5ba2ec575d47067e92a42a22505423469407dd901267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3684
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Last-Modified: Fri, 02 Sep 2022 15:18:38 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.3
200 OK 2.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.3
IP
Hash 7e0f2f4c413f8bba918f5a17a479d6b9
cb6d28891d5e0a0e957a0dc8012fd3e25fdea236
ed7d047025a66fac0cdb019de22d08997a036d646ff0b0476aeb4b38ff885470
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:20:02 GMT
date: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.d5eb3c97b67a0b8958ff.js
200 OK 79 kB URL HTTP/2 script.hotjar.com/modules.d5eb3c97b67a0b8958ff.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3dc8b43d8eb580150f88ce4b192fbd5a
931a393c320255e4a21130205a3e7833ccbe952b
fbe4aa317f21d99cccc72c9b1744ee5e40ae14af03efd6d086de903022b62a2b
GET /modules.d5eb3c97b67a0b8958ff.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65509
date: Fri, 02 Sep 2022 09:50:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5a03435fb2b1019b1b00d7bc5c267f72"
last-modified: Fri, 02 Sep 2022 09:49:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6QpTP8Z-25W1cOx8yCWanXU2YVjPriYFlAMyPgEK9DAR405nB05b4Q==
age: 23396
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b6b5ffecd53193507458fbe6e66d3f0
c96009132e435078cd79e19b19eeb0dbcf9abef3
229806893f073d6d725880c375c2f72ab09221a46095e1203d7379c1a29b8bef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.getemail.io/ge-auth/me
403 Forbidden 3.2 kB URL HTTP/2 api.getemail.io/ge-auth/me
IP
Hash 67bc2d90af9fd8bb7fb688baba8a1eed
e769a7058a0bca0be644f6774f13309b9671fae5
b7f0e41d632873f03c4615662cb3747f7ba37133004402001cf69bd2b1172830
GET /ge-auth/me HTTP/1.1
Host: api.getemail.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getemail.io
Connection: keep-alive
Referer: https://getemail.io/
Cookie: landingPage=https://getemail.io/em; ge_landing_page=https://getemail.io/em; _gcl_au=1.1.304314607.1662135601
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 403 Forbidden
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json
content-length: 82
x-amzn-requestid: 838e5927-1768-4f03-a6a5-e9a7eb6e17f9
x-amzn-errortype: AccessDeniedException
x-amz-apigw-id: X1v_7GCbjoEFVag=
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Sep 2022 16:20:02 GMT
expires: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 02 Sep 2022 14:41:12 GMT
expires: Fri, 02 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 5930
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash 0b3d3f4206ab84d8861a8cc4b2ddbe66
4561b7c0419b65db5c1314be2143bd1734e88d89
ec42652b198c82469afbe5e6e69312a25425c1fd38d379cf3761b328ecd48e4a
GET /box-1ada912494ba7fc7aca15fcef1c2a7ae.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 13 Jul 2022 08:33:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -7WK9wc5OCPhWvSDWfaPXwoyIE9nHgpDB1HCfgt1R16OT-sOHAI0vQ==
age: 4434416
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978205309/?random=1662135601174&cv=9&fst=1662135601174&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgetemail.io%2Fem&tiba=Page%20not%20found%20%E2%80%93%20GetEmail.io&auid=304314607.1662135601&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978205309/?random=1662135601174&cv=9&fst=1662135601174&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgetemail.io%2Fem&tiba=Page%20not%20found%20%E2%80%93%20GetEmail.io&auid=304314607.1662135601&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2280), with no line terminators
Hash c00186c703713fd2c1894483ad9e6868
43a9e7f3c212caaccead66a6ed8225f5947f7460
407258c8060b5abec356522f83fe9f8c64c85d8ecde3c0622b9b3c6b994779a5
GET /pagead/viewthroughconversion/978205309/?random=1662135601174&cv=9&fst=1662135601174&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgetemail.io%2Fem&tiba=Page%20not%20found%20%E2%80%93%20GetEmail.io&auid=304314607.1662135601&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 16:20:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1046
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 16:35:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 5.4 kB IP
Hash 77a8827eea2d91c3bb026fea23c499ed
aad43b8d865dddec471429db55a58e0b03895d9a
d51f23de796bb2f0c49fca5da20aaf9a0ac25af197d019742907ff7af8966a51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash 43328b83e76c79b77bd0123f2dd4b466
71e1b13f0afdd3348cd6dac34ccfa5c961b5fdf3
f8b1db2a558952276f7134627fedaa4b3644523afcd0abfd496b27ae6c0b65d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Last-Modified: Fri, 02 Sep 2022 14:33:53 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/preact-incoming-feedback.d50912f3e4e25c75eec4.js
200 OK 33 kB URL HTTP/2 script.hotjar.com/preact-incoming-feedback.d50912f3e4e25c75eec4.js
IP
Hash 9328b9ff19829881d23484c0ac81ac77
6645de429f3ca68034fc810d5eedfe21095f3c2c
6848f9098f60b658bed4c17589bd1ec8c0f228d17328f5ab3af9231f2f53c2fa
GET /preact-incoming-feedback.d50912f3e4e25c75eec4.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33054
date: Fri, 02 Sep 2022 09:50:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "9328b9ff19829881d23484c0ac81ac77"
last-modified: Fri, 02 Sep 2022 09:49:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5krlEs8bqD07UOKyEx2is8Fcn2MI61QBqZ_qt1Yp9OwEA29bR1xuLA==
age: 23395
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/978205309/?random=1662135601174&cv=9&fst=1662134400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgetemail.io%2Fem&tiba=Page%20not%20found%20%E2%80%93%20GetEmail.io&async=1&fmt=3&is_vtc=1&random=3265622546&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978205309/?random=1662135601174&cv=9&fst=1662134400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgetemail.io%2Fem&tiba=Page%20not%20found%20%E2%80%93%20GetEmail.io&async=1&fmt=3&is_vtc=1&random=3265622546&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978205309/?random=1662135601174&cv=9&fst=1662134400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgetemail.io%2Fem&tiba=Page%20not%20found%20%E2%80%93%20GetEmail.io&async=1&fmt=3&is_vtc=1&random=3265622546&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 16:20:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1124643264323239&ev=PageView&dl=https%3A%2F%2Fgetemail.io%2Fem&rl=&if=false&ts=1662135601327&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662135601326.1802477440&it=1662135601076&coo=false&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=1124643264323239&ev=PageView&dl=https%3A%2F%2Fgetemail.io%2Fem&rl=&if=false&ts=1662135601327&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662135601326.1802477440&it=1662135601076&coo=false&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1124643264323239&ev=PageView&dl=https%3A%2F%2Fgetemail.io%2Fem&rl=&if=false&ts=1662135601327&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662135601326.1802477440&it=1662135601076&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Fri, 02 Sep 2022 16:20:02 GMT
expires: Fri, 02 Sep 2022 16:20:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash 531f71248dd45b27e98cd4006c1db08d
da3b4206c8ff9ae895442065e88b2d9f5f5906d1
0a8f2a7799979ba531167f3a98c4a00e70159dde2653ebf0e4e0a4877c704670
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:02 GMT
Last-Modified: Fri, 02 Sep 2022 14:31:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
script.hotjar.com/font-hotjar_5.65042d.woff2
200 OK 2.2 kB URL HTTP/2 script.hotjar.com/font-hotjar_5.65042d.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 2188, version 1.0\012- data
Hash c9fb9163f8b7be37023ebe649688bebf
8a045f40cc0f0035d41679c522334277f9f2de59
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
GET /font-hotjar_5.65042d.woff2 HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getemail.io
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 2188
date: Sun, 03 Jul 2022 05:34:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
etag: "c9fb9163f8b7be37023ebe649688bebf"
last-modified: Fri, 01 Jul 2022 10:52:14 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dd-IKTc6M4kP8Ku2vMZOusTinNctoKCqbvpbeuaCtuDsHyLnPNMCPA==
age: 5309111
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:01 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=sfcKJF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLTFZxMlZnUWZobFBWSjhNcEVpSEFrdm1EM0VRZ2VBNGJmMFlNV3lrako; expires=Wed, 27 Sep 2023 16:20:02 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 270006
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72015201-2&cid=1171665037.1662135601&jid=1153637822&gjid=1954723531&_gid=287062053.1662135601&_u=YEBAAUAAAAAAAC~&z=307285759
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72015201-2&cid=1171665037.1662135601&jid=1153637822&gjid=1954723531&_gid=287062053.1662135601&_u=YEBAAUAAAAAAAC~&z=307285759
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72015201-2&cid=1171665037.1662135601&jid=1153637822&gjid=1954723531&_gid=287062053.1662135601&_u=YEBAAUAAAAAAAC~&z=307285759 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://getemail.io
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://getemail.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Sep 2022 16:20:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 0b0ad7ded21cce103d8814b32a41fdde
bc117c5e741025478a7f5c19933999a561749a4d
4732e35cdf61a3e54bc55c93cb21d4c81881b7931f758db66c99e372d950be0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4449
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:05:54 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 0b0ad7ded21cce103d8814b32a41fdde
bc117c5e741025478a7f5c19933999a561749a4d
4732e35cdf61a3e54bc55c93cb21d4c81881b7931f758db66c99e372d950be0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4442
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:06:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8688
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:20:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8688
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:20:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8688
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:20:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 65933
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 67357
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:55:46 GMT
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
age: 66257
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4Ve7euVpAusbqUYkx-vWIBLDbIidnuXDqMDG0LRpu40sXh6a2fEPJA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 65593
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CDyJUMKmUlrT3LgfeiZhQN1XEV2vKTIZtmV4QZYXaoM4PWbYo8IyJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 14:46:29 GMT
age: 5614
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 65592
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5KUqoLZYviA
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5KUqoLZYviA
IP
Hash 171465d37dc04fc5f9f933c4109cf840
f03ec783b74dc129879523726ca462f8b8e8c9ad
3fbf4a8b0f8629e18658c04cd01523720f6864b2cd8f454036dbd7edf95030e0
POST /s/gts1d4/5KUqoLZYviA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg
302 Found 0 B URL HTTP/2 ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg HTTP/1.1
Host: ad.sxp.smartclip.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty/1.19.9.1
date: Fri, 02 Sep 2022 16:20:03 GMT
content-length: 0
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg&ang_testid=1
set-cookie: uuid=3ba62d5d-332d-1263-1fd7-035f6abef62c; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 02 Oct 2022 16:20:03 GMT; Max-Age=2592000; SameSite=None; Secure;
access-control-allow-credentials: true
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 02316d7d14013c7d25f738d99946aab5
2ca946f576561dc184d32572eb94e06221dd9abd
4099c546750dc6cadd0462312d8dac59a9cb2907e523d85c12039141d5548861
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134401
Date: Fri, 02 Sep 2022 16:20:03 GMT
Etag: "63118413-1d7"
Expires: Sun, 04 Sep 2022 05:40:04 GMT
Last-Modified: Fri, 02 Sep 2022 04:18:27 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DZ82P-iErDVwiubKH36Lzb-GiAeBd8zgh2fM6n_2ZRp5KIilPqImSg==
Age: 4897
ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg&ang_testid=1
200 OK 42 B URL HTTP/2 ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg&ang_testid=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?type=host&dsp=69&dspuuid=k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg&ang_testid=1 HTTP/1.1
Host: ad.sxp.smartclip.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: uuid=3ba62d5d-332d-1263-1fd7-035f6abef62c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
content-length: 42
set-cookie: dspuuid=69.k-rBx6qkd25y_AFZjfCWTrJd9PO45K3xusKOBrmg; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 02 Oct 2022 16:20:03 GMT; Max-Age=2592000; SameSite=None; Secure;
psyn=19237.69; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 02 Oct 2022 16:20:03 GMT; Max-Age=2592000; SameSite=None; Secure;
uuid=3ba62d5d-332d-1263-1fd7-035f6abef62c; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 02 Oct 2022 16:20:03 GMT; Max-Age=2592000; SameSite=None; Secure;
access-control-allow-credentials: true
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5KUqoLZYviA
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5KUqoLZYviA
IP
Hash 171465d37dc04fc5f9f933c4109cf840
f03ec783b74dc129879523726ca462f8b8e8c9ad
3fbf4a8b0f8629e18658c04cd01523720f6864b2cd8f454036dbd7edf95030e0
POST /s/gts1d4/5KUqoLZYviA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 02 Sep 2022 16:20:03 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 506807
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-48bxhkd25y_AFZjfCWTrJd9PO46pAge_tigusQ
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-48bxhkd25y_AFZjfCWTrJd9PO46pAge_tigusQ
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-48bxhkd25y_AFZjfCWTrJd9PO46pAge_tigusQ HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3051372033580257000V10; Expires=Sat, 02 Sep 2023 16:20:03 GMT; domain=.media.net; Path=/;
data-c-ts=1662135603;Expires=Sun, 02 Oct 2022 16:20:03 GMT;path=/;domain=.media.net;
data-c=k-48bxhkd25y_AFZjfCWTrJd9PO46pAge_tigusQ~~3;Expires=Sun, 02 Oct 2022 16:20:03 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E
expires: Fri, 02 Sep 2022 16:20:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Sep 2022 16:20:03 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6f0d13621a550aa591f087c2945aa2c5
18b520f7f9a71966c115f664def155bcacc60096
cf7e40d37010a5aa8ab4cb3091bd665b7401fa42fac3b1de62ca7a48c6b89b4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 16:20:03 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g&C=1
cf-ray: 74479222aa19b50b-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YxItM8sRmR2LaPvPnQ.jqwAA; Path=/; Domain=casalemedia.com; Expires=Sat, 02 Sep 2023 16:20:03 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4495; Path=/; Domain=casalemedia.com; Expires=Thu, 01 Dec 2022 16:20:03 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4495; Path=/; Domain=casalemedia.com; Expires=Thu, 01 Dec 2022 16:20:03 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uObCggc2JmnYX0m2l9KkcSjhkwogcUoZyhdVHPeu2ZJV%2FNim0dqrKyu65%2Bj1a1vCmi53Ct31c7YK84dVrTzsZxvcU2Y%2BhMY0YpvAvROHJCPRTxIFOTqqXw2iEcV4wTt7B3g%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 63aa2f5e80d164ebcdf69f99e614a681
a5b1902fc076ccdd33b37d8dd8f1854f7201beee
95f519727cfe655c136e5f626911ff9f74cfa1824700f9a1be5ac4c971fd332c
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm=&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw&google_tc=
date: Fri, 02 Sep 2022 16:20:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 16:35:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Sep 2022 16:20:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: d82f224a-f979-42ce-8e6d-ca1f4884279e
Set-Cookie: uuid2=7132442601161509314; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 01-Dec-2022 16:20:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-ioKBS0d25y_AFZjfCWTrJd9PO47SuEvB75U35g&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
content-length: 43
cf-ray: 744792233acbb50b-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnonXo4O75SGsdjJE1G1gxq%2FaglA5jA3hWZN7PuNGZc3v5QAYjFm8M4hPFlrfdrGZQp1ybIxlZShilKHJZkoWw63PeCNAgJHEO%2FWQ72RfQWn6d9LH0Af92zhs8zjZIK1hwA0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm=&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm=&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 15f523ea055972d3dde7880b2139aa52
98ec902d97aa00f2c7f73a21e37a9b15afcf1b74
688354be436c09522eda9c0f935b7939796b3252bb463f584c2aacd13c83224c
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_cm=&google_hm=ay1qTnp5ZUVkMjV5X0FGWmpmQ1dUckpkOVBPNDZOREhDZWpNVWtBdw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_error=3
date: Fri, 02 Sep 2022 16:20:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 61 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash 4bdc4a8c5abc4a27e3548ddcd925a61a
40b211814eb26b3929ba487935bf900de087d978
97cec561a71c2210a70f9153fc226db42c804d91f06eeb3b53e47f11451c3417
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 94721
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash cb7a750fa9348267c15cc938996ead6a
992ddfd1fa25e3ed2fbef82f29b5bc7049b27bd0
f95f2c93dd462fb2d17cf40682e7e6aa5138bcd158dcab83c5d66855f50cec79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 16:20:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 13:56:49 GMT
Expires: Tue, 06 Sep 2022 13:56:48 GMT
Etag: "992ddfd1fa25e3ed2fbef82f29b5bc7049b27bd0"
Cache-Control: max-age=336404,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744792234b020b59-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash b6264afed096611659c501b0e3cfd1cf
fd7e7dde995f7f0263c551e0ee6176cb4445f5f7
fce69384b64fb7cb4f13da766bb467582fafc0e5fa9adbf36d9378556772a145
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 16:02:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-OtOMz0d25y_AFZjfCWTrJd9PO47xEvkAz-NZ6y_-QPZkMnqw
200 OK 70 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-OtOMz0d25y_AFZjfCWTrJd9PO47xEvkAz-NZ6y_-QPZkMnqw
IP
File type ASCII text, with no line terminators
Hash e1aedb74d7e5d0f1795063e65e6ec022
9cfc0cf2f321c64addba10440b99a762b2ffadd2
41142ee8eaf440810e66c9e7a962d74a63f3eeb64f1e2ef4544556da441e9cdd
GET /usersync/push?partner=criteo&partnerId=k-OtOMz0d25y_AFZjfCWTrJd9PO47xEvkAz-NZ6y_-QPZkMnqw HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2219b23ff0-2adb-11ed-850e-e74f8c09d82b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 16 Sep 2022 16:20:03 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2219b23ff0-2adb-11ed-850e-e74f8c09d82b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 16 Sep 2022 16:20:03 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-OtOMz0d25y_AFZjfCWTrJd9PO47xEvkAz-NZ6y_-QPZkMnqw%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Fri, 16 Sep 2022 16:20:03 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash f8fbf3a45061a7b3f20fb0e92ae5ebcb
991494da2a511ead959dce96a8e6d1dc44e57b02
fa52f650cc0d7b247b5ad0f504eb67676e79486427a1397655965121d61ed12c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4916
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 14:58:07 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7ac2a549ca7220c81a9bfa2015fed5f3
19c63bd7d67f1d467ccf605ae89519f9e4d4a0bf
f4f04bfd519577f86e46c9bfb906eedba9a291f453c47232bd1e97504e1bdfca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117667
Date: Fri, 02 Sep 2022 16:20:03 GMT
Etag: "63114224-1d7"
Expires: Sun, 04 Sep 2022 01:01:10 GMT
Last-Modified: Thu, 01 Sep 2022 23:37:08 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3eAsEkJmQFF0Txi7HFCe_Ru2R-Aubu_m1XGlULQijMiQk6mBfUFQhg==
Age: 5042
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-pbZ85kd25y_AFZjfCWTrJd9PO46go9TYV98ZOg&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-pbZ85kd25y_AFZjfCWTrJd9PO46go9TYV98ZOg&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-pbZ85kd25y_AFZjfCWTrJd9PO46go9TYV98ZOg&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 02 Sep 2022 16:20:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 5de1857b-70e7-4c5d-bd80-625c0a174c40
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ad.yieldlab.net/m?dm_id=8666&ext_id=k-3bOnV0d25y_AFZjfCWTrJd9PO45yLXq5q71T9Q
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dm_id=8666&ext_id=k-3bOnV0d25y_AFZjfCWTrJd9PO45yLXq5q71T9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dm_id=8666&ext_id=k-3bOnV0d25y_AFZjfCWTrJd9PO45yLXq5q71T9Q HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Sep 2022 16:20:03 GMT
Date: Fri, 02 Sep 2022 16:20:03 GMT
Connection: keep-alive
Set-Cookie: id=76803057-1818-4713-acf9-18cbfac52df9; Path=/; Domain=yieldlab.net; Expires=Sat, 02-Sep-2023 16:20:03 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6f0d13621a550aa591f087c2945aa2c5
18b520f7f9a71966c115f664def155bcacc60096
cf7e40d37010a5aa8ab4cb3091bd665b7401fa42fac3b1de62ca7a48c6b89b4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg
set-cookie: tuuid=c53225fd-2876-4a91-8ff3-048b044e2bc6; Expires=Thu, 01 Dec 2022 16:20:03 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1662135603; Expires=Thu, 01 Dec 2022 16:20:03 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=getemail.io&sn=FirefoxSyncframe&so=0&topUrl=getemail.io&info=QHjXml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLTFZxMlZnUWZobFBWSjhNcEVpSENXNlo3bjRaM3YlMkY3ZEFKSUkwMHBEbg&idsd=-355574402,231642263&cw=1&lsw=1
200 OK 4.7 kB URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=getemail.io&sn=FirefoxSyncframe&so=0&topUrl=getemail.io&info=QHjXml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLTFZxMlZnUWZobFBWSjhNcEVpSENXNlo3bjRaM3YlMkY3ZEFKSUkwMHBEbg&idsd=-355574402,231642263&cw=1&lsw=1
IP
Hash 5caaf64b209b84911437fb0de5417ba4
d99021d5f04735120b66492fa8ccd0c09d1ea264
c3e817994db83ba69ce5849910acabb7c9c9ab019fd453a0bbafde08defbbc7b
GET /sid/json?origin=onetag&domain=getemail.io&sn=FirefoxSyncframe&so=0&topUrl=getemail.io&info=QHjXml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLTFZxMlZnUWZobFBWSjhNcEVpSENXNlo3bjRaM3YlMkY3ZEFKSUkwMHBEbg&idsd=-355574402,231642263&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=getemail.io&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1064403
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 3c5f1534afc70cf7973c450821b0dd5b
2d004c107945a684e6c19c3e4e45f1d29b8d4070
6ac9d25efe6420647f313a90655c96bf970264fae917c7752e2fc10b4a6dde64
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5253
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 14:52:30 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ad.yieldlab.net/m?dt_id=8664&ext_id=k-3bOnV0d25y_AFZjfCWTrJd9PO45yLXq5q71T9Q
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-3bOnV0d25y_AFZjfCWTrJd9PO45yLXq5q71T9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-3bOnV0d25y_AFZjfCWTrJd9PO45yLXq5q71T9Q HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Sep 2022 16:20:03 GMT
Date: Fri, 02 Sep 2022 16:20:03 GMT
Connection: keep-alive
Set-Cookie: id=5f796930-01a2-4141-b445-db8f871817d4; Path=/; Domain=yieldlab.net; Expires=Sat, 02-Sep-2023 16:20:03 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b213a002cbdba5d867282fa9f09c5d35
078c02fbf65bdb60bbf19ff518553c7fd8f6e044
5b8aad782be1df4258e0b06d9064566e509d68335a9dacba20d266b903de3b06
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 14:37:35 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BI6L-Yng90uvcNJA4CB3DPuclV-NJ4kkT8-K9Lux8N1gomqJpCjkog==
Age: 6148
cm.adform.net/pixel?adform_pid=15&adform_pc=k-c5_ep0d25y_AFZjfCWTrJd9PO45RaKg5g62P_Q
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-c5_ep0d25y_AFZjfCWTrJd9PO45RaKg5g62P_Q
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-c5_ep0d25y_AFZjfCWTrJd9PO45RaKg5g62P_Q HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 12 Jul 2016 14:10:56 GMT
etag: "5784fa70-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d1d7a0cbe8902f1c6911d8d06636e3d
9249a9581e4e23397d570f91e32d08c27fa76c01
eaf3575906f30de7894eec91b11f56528f4e6d8d90f4b0ca49892ab99b6d9733
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1139
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 16:01:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-TKHFLUd25y_AFZjfCWTrJd9PO44dcNMYpJqbLg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-RLDku0d25y_AFZjfCWTrJd9PO45JnqCSsMn6Zw&expires=30
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-RLDku0d25y_AFZjfCWTrJd9PO45JnqCSsMn6Zw&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-RLDku0d25y_AFZjfCWTrJd9PO45JnqCSsMn6Zw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Fri, 02 Sep 2022 16:20:03 GMT
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b83499acb9d9084e2ae6344d7e4ffd8e
fec88d25ed11714853c1e46f6e3799bcebfe38d5
9b3f32dd934f53283b161aa93e4829bed6dd90e162bd0a9d38eec60b1b91c5ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1975
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:47:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lbz3Y0d25y_AFZjfCWTrJd9PO45UbQfP_3Dryw
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lbz3Y0d25y_AFZjfCWTrJd9PO45UbQfP_3Dryw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lbz3Y0d25y_AFZjfCWTrJd9PO45UbQfP_3Dryw HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 16:20:03 GMT
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 16:20:03 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDMtEmMCEIe9iCYEyNPLNDvNlIx37UYFEgEBAQF-E2McYwAAAAAA_eMAAA&S=AQAAAtKYLmNYvNsPr_Wvsap44lk; Expires=Sat, 2 Sep 2023 22:20:03 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b17d179a71af1fb31864a523628ae2d0
6d066e75ff7a6871ced6fb09a37f0d9232462518
c139ebe2002441fd9a9a1369c530a9d444fd8f72d12f02d87123980c7715e7ff
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:53:53 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _aYCPFfD37Y7x2ceBqrEKplTqEhHJS53gwQtQjdSpl9ora1YJ4Ri_A==
Age: 1570
ocsp.sectigo.com/
200 OK 471 B IP
Hash 40bd749e477fb466e4d107cc39c24861
7cb2654172f8275db93397093cafeb75952e3196
4795e7833105124a65bff4c531838fd2314c91fbd976963474f7be31ae485ec4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 16:20:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 03:11:55 GMT
Expires: Wed, 07 Sep 2022 03:11:54 GMT
Etag: "7cb2654172f8275db93397093cafeb75952e3196"
Cache-Control: max-age=384110,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744792246c5c0b59-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22aa0fd25c5c13c7bed0a4136d0e8c90
f0290dcda1730af82f1a99b769540ca76822e461
774c641cb06d2979ffd7da6a99acff3956c78b1a0d4aea76b842dd6905b64479
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "774C641CB06D2979FFD7DA6A99ACFF3956C78B1A0D4AEA76B842DD6905B64479"
Last-Modified: Fri, 02 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11106
Expires: Fri, 02 Sep 2022 19:25:09 GMT
Date: Fri, 02 Sep 2022 16:20:03 GMT
Connection: keep-alive
status.thawte.com/
200 OK 471 B IP
Hash 506414771012d05639eb98a64229a907
99df1c506cbba5747703322db153a6d8533da530
29a308d21127e9f9c43e48d778c55ea3a485cd5876fa26f04f2f18b00904c1b8
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4794
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:00:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v038-0c296aa05.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=80828750220286565751882823499135605042; Max-Age=15552000; Expires=Wed, 01 Mar 2023 16:20:03 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0s1rSRE9QBQ=
Content-Length: 0
Connection: keep-alive
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 43 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 369683
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-PXzdd0d25y_AFZjfCWTrJd9PO46QyMxc8ldINQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 16:20:03 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDMtEmMCEErUHnokCKXioAWF2LKBQ40FEgEBAQF-E2McYwAAAAAA_eMAAA&S=AQAAAv_z5Va3dEJUvgXHDgMpW00; Expires=Sat, 2 Sep 2023 22:20:03 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=2711&xuid=k-iert6Ed25y_AFZjfCWTrJd9PO47i53g9rT8-0g&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-iert6Ed25y_AFZjfCWTrJd9PO47i53g9rT8-0g&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-iert6Ed25y_AFZjfCWTrJd9PO47i53g9rT8-0g&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-XCFm4kd25y_AFZjfCWTrJd9PO46vulhlZEVVAw
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-XCFm4kd25y_AFZjfCWTrJd9PO46vulhlZEVVAw
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-XCFm4kd25y_AFZjfCWTrJd9PO46vulhlZEVVAw HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=7572e3b131a90f63d28e64dfeaa3fd5a; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 16:20:03 GMT
content-length: 49
x-envoy-upstream-service-time: 8
server: ayl-lb-fra02
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-Y1J6oUd25y_AFZjfCWTrJd9PO45yK9GrbCJrdA
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-Y1J6oUd25y_AFZjfCWTrJd9PO45yK9GrbCJrdA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-Y1J6oUd25y_AFZjfCWTrJd9PO45yK9GrbCJrdA HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Fri, 02-Sep-2022 16:25:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Fri, 02-Sep-2022 16:25:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Fri, 02-Sep-2022 16:25:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Fri, 02-Sep-2022 16:25:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Fri, 02-Sep-2022 16:25:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Fri, 02-Sep-2022 16:25:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Fri, 02 Sep 2022 16:20:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v038-001c634f9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 22tkFO0ESMY=
Content-Length: 59
Connection: keep-alive
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 02 Sep 2022 16:20:01 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 609795
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-8x0RbEd25y_AFZjfCWTrJd9PO478w_Tv9uVgEQ
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-8x0RbEd25y_AFZjfCWTrJd9PO478w_Tv9uVgEQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-8x0RbEd25y_AFZjfCWTrJd9PO478w_Tv9uVgEQ HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 16:20:04 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: da88208152578957216071237228e92e
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e93841060507122d9d2e0282077c24a6
ce731676aa2cea7953af28435578ced42e45bbcf
4332d7225b96e434731ade1988228742a920e5c44d082641c7ed8dd2bd6fa7f6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 16:20:04 GMT
Last-Modified: Fri, 02 Sep 2022 14:32:07 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0hRgLXpLcsbh5yQKKGZJ_8My5Bl56Uy2GhY717KaYzt4QD7mbb4l1A==
Age: 6477
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a38f1f466431d3c4fe5b8cb3b46e8cff
fe9230a333250ba51787a02771a979ef97779100
00abbdf08e5a59295b12c2e77c5d5357d6761ac6fb7de060b98c9671f175acea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91817
Date: Fri, 02 Sep 2022 16:20:04 GMT
Etag: "6310da0f-1d7"
Expires: Sat, 03 Sep 2022 17:50:21 GMT
Last-Modified: Thu, 01 Sep 2022 16:13:03 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X3EMOjHGcyGoNsPdksrdVPpIx51xT9ggyIhRSyeqnnpLI0lOa3oBpA==
Age: 5838
sync-criteo.ads.yieldmo.com/sync?id=k-j7QacUd25y_AFZjfCWTrJd9PO4608_uAZ4kMHA&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-j7QacUd25y_AFZjfCWTrJd9PO4608_uAZ4kMHA&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-j7QacUd25y_AFZjfCWTrJd9PO4608_uAZ4kMHA&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:04 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g9521e4066703e9a6217%7C1662135604077%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 02-Sep-2023 16:20:04 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-j7QacUd25y_AFZjfCWTrJd9PO4608_uAZ4kMHA; Domain=ads.yieldmo.com; Expires=Sat, 02-Sep-2023 16:20:04 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 3ffcbb50fa3da9175c8faa8527cfe57a
5dccfc33bd78d9d2a7a1809b1c429b0555e1f9d4
4c4e64eadf49e2c31572b0044bdb75b95cc7616bb1dd645d4be6ab97d9e14898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6197
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:20:04 GMT
Last-Modified: Fri, 02 Sep 2022 14:36:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 16:20:04 GMT
set-cookie: _kuid_=PDiLv3pW; Expires=Wed, 01-Mar-23 16:20:04 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n022-dub-prod.krxd.net
x-request-time: D=32 t=1662135604
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 02 Sep 2022 16:20:03 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 492007
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 7ca0fdee1e018b252b843634606970e2
4c5c608c65e582808c82d522dfd954e6568566ff
c9c16a9782d9e8e18e5b4cbb161f76c08854e271afccfc3bd8d4a696f09d4b85
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "C9C16A9782D9E8E18E5B4CBB161F76C08854E271AFCCFC3BD8D4A696F09D4B85"
Last-Modified: Fri, 02 Sep 2022 07:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3530
Expires: Fri, 02 Sep 2022 17:18:54 GMT
Date: Fri, 02 Sep 2022 16:20:04 GMT
Connection: keep-alive
criteo-partners.tremorhub.com/sync?UICR=k-cqMEZEd25y_AFZjfCWTrJd9PO47JUpqfEMmo2A
200 OK 78 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-cqMEZEd25y_AFZjfCWTrJd9PO47JUpqfEMmo2A
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 0bb3d20bb12adc08814abfdc9efc1869
962039116ab1c6b138cad242bc145f13e7d44623
dd17af018ebe8643ee49386f655b135de3d76ff7e45ae46dfe264280b1654970
GET /sync?UICR=k-cqMEZEd25y_AFZjfCWTrJd9PO47JUpqfEMmo2A HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:04 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
www.getemail.io/em
301 Moved Permanently 0 B IP
ASN #209242 Cloudflare London, LLC
Analyzer Verdict Alert fortinet Malware
GET /em HTTP/1.1
Host: www.getemail.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 02 Sep 2022 16:20:01 GMT
content-type: text/html; charset=UTF-8
location: https://getemail.io/em
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-redirect-by: WordPress
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 4
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74479212fc25b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: text/javascript
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
etag: W/"62bc0403-a792"
expires: Sat, 03 Sep 2022 16:20:02 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Work+Sans:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic
IP
GET /css?family=Work+Sans:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:20:02 GMT
date: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-470090.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-470090.js?sv=6
IP
GET /c/hotjar-470090.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 16:20:02 GMT
cache-control: max-age=60
etag: W/2ed72788155ec7f9246eef89f90fd43b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S5rK5zCaNcgzQkQ9_yUyN0Zf_mFJzHWNhBBuGn12z2oyDXQzddE4zg==
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=sfcKJF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLTFZxMlZnUWZobFBWSjhNcEVpSEFrdm1EM0VRZ2VBNGJmMFlNV3lrako
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=QHjXml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLTFZxMlZnUWZobFBWSjhNcEVpSENXNlo3bjRaM3YlMkY3ZEFKSUkwMHBEbg; expires=Wed, 27 Sep 2023 16:20:02 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 306058
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 92733
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-EDlBcEd25y_AFZjfCWTrJd9PO45KDxjJUkUBFw
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-EDlBcEd25y_AFZjfCWTrJd9PO45KDxjJUkUBFw
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-EDlBcEd25y_AFZjfCWTrJd9PO45KDxjJUkUBFw HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 16:20:03 GMT
x-fastly-to-nlb-rtt: 23493
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jNzyeEd25y_AFZjfCWTrJd9PO46NDHCejMUkAw&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:03 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 295982
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
getemail.io/em
404 Not Found 0 B IP
ASN #209242 Cloudflare London, LLC
Analyzer Verdict Alert fortinet Malware
GET /em HTTP/1.1
Host: getemail.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Fri, 02 Sep 2022 16:20:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://getemail.io/wp-json/>; rel="https://api.w.org/"
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 6
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744792156f940b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=getemail.io&origin=onetag
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=getemail.io&origin=onetag
IP
GET /syncframe?topUrl=getemail.io&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getemail.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:20:02 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=6e1069fc-06fa-4657-b859-7ad379b23ee4; expires=Wed, 27 Sep 2023 16:20:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 365507
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
141.193.213.21
23.36.76.226
3.126.56.137
104.18.20.226
37.157.6.252
185.235.84.81
31.13.72.36
93.184.220.29
34.252.199.249
141.226.228.48