c1.getapplicationmy.info/?step_id=1&installer_id=5814291279809650308&publisher_id=2109&source_id=0&page_id=0&affiliate_id=0&country_code=TH&locale=EN&browser_id=4&download_id=8989550112986612604&external_id=0&session_id=3849726163828376518&hardware_id=10907072781520068500&installer_file_name=restart+the+download&uuid=*
94.229.72.124200 OK 782 B URL HTTP/1.1 c1.getapplicationmy.info/?step_id=1&installer_id=5814291279809650308&publisher_id=2109&source_id=0&page_id=0&affiliate_id=0&country_code=TH&locale=EN&browser_id=4&download_id=8989550112986612604&external_id=0&session_id=3849726163828376518&hardware_id=10907072781520068500&installer_file_name=restart+the+download&uuid=*
IP 94.229.72.124:0
ASN #42831 UK Dedicated Servers Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (782), with no line terminators
Hash e94c50e3c1a1ca09e8a88d76cefedf9d
5f2326bf25949d8c5378df1c396e5946d71075bf
ad739347a2730380469424d219fe9c1bca37cfa6f132b32b3db5d70e53c87c19
Analyzer Verdict Alert quad9 Sinkholed
GET /?step_id=1&installer_id=5814291279809650308&publisher_id=2109&source_id=0&page_id=0&affiliate_id=0&country_code=TH&locale=EN&browser_id=4&download_id=8989550112986612604&external_id=0&session_id=3849726163828376518&hardware_id=10907072781520068500&installer_file_name=restart+the+download&uuid=* HTTP/1.1
Host: c1.getapplicationmy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 782
content-type: text/html; charset=utf-8
date: Thu, 24 Nov 2022 15:16:07 GMT
server: nginx
set-cookie: sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920; path=/; domain=.getapplicationmy.info; expires=Tue, 12 Dec 2090 18:30:15 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3412
Expires: Thu, 24 Nov 2022 16:13:00 GMT
Date: Thu, 24 Nov 2022 15:16:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2267
Cache-Control: max-age=157970
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:08 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:08:58 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9727
Expires: Thu, 24 Nov 2022 17:58:15 GMT
Date: Thu, 24 Nov 2022 15:16:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 14:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3430
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X2+08zuzIJ644L683/US8yT8oqDDf8a3PNFpJ3Ph3RqkXplc9MvZu/Z3NWGydGvjEiuQU/HI/Ow=
x-amz-request-id: BPN174B2R62X82XS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 14:40:26 GMT
age: 2142
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
c1.getapplicationmy.info/favicon.ico
94.229.72.124404 Not Found 9 B URL HTTP/1.1 c1.getapplicationmy.info/favicon.ico
IP 94.229.72.124:0
ASN #42831 UK Dedicated Servers Limited
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: c1.getapplicationmy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1.getapplicationmy.info/?step_id=1&installer_id=5814291279809650308&publisher_id=2109&source_id=0&page_id=0&affiliate_id=0&country_code=TH&locale=EN&browser_id=4&download_id=8989550112986612604&external_id=0&session_id=3849726163828376518&hardware_id=10907072781520068500&installer_file_name=restart+the+download&uuid=*
Cookie: sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Thu, 24 Nov 2022 15:16:08 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 15:08:53 GMT
cache-control: public,max-age=3600
age: 436
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4547
Cache-Control: max-age=155187
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:09 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:22:36 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lJprjp17sw7ZsplBGYo0eQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Flc6A9/iVtiFslvUlW25FF2A+ls=
c1.getapplicationmy.info/?affiliate_id=0&browser_id=4&ch=1&country_code=TH&download_id=8989550112986612604&external_id=0&hardware_id=10907072781520068500&installer_file_name=restart+the+download&installer_id=5814291279809650308&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTMxMDE2OCwiaWF0IjoxNjY5MzAyOTY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2w4c2Q1MGliamM0bzM0bzgwNnI4YTgiLCJuYmYiOjE2NjkzMDI5NjgsInRzIjoxNjY5MzAyOTY4NTc3NTYzfQ.-6_dHitFXOFRUvgjNFBYyoYr3LqoK9Tf4MA5f_FpAbk&locale=EN&page_id=0&publisher_id=2109&session_id=3849726163828376518&sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920&source_id=0&step_id=1&uuid=%2A
94.229.72.124302 Found 11 B URL HTTP/1.1 c1.getapplicationmy.info/?affiliate_id=0&browser_id=4&ch=1&country_code=TH&download_id=8989550112986612604&external_id=0&hardware_id=10907072781520068500&installer_file_name=restart+the+download&installer_id=5814291279809650308&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTMxMDE2OCwiaWF0IjoxNjY5MzAyOTY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2w4c2Q1MGliamM0bzM0bzgwNnI4YTgiLCJuYmYiOjE2NjkzMDI5NjgsInRzIjoxNjY5MzAyOTY4NTc3NTYzfQ.-6_dHitFXOFRUvgjNFBYyoYr3LqoK9Tf4MA5f_FpAbk&locale=EN&page_id=0&publisher_id=2109&session_id=3849726163828376518&sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920&source_id=0&step_id=1&uuid=%2A
IP 94.229.72.124:0
ASN #42831 UK Dedicated Servers Limited
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert quad9 Sinkholed
GET /?affiliate_id=0&browser_id=4&ch=1&country_code=TH&download_id=8989550112986612604&external_id=0&hardware_id=10907072781520068500&installer_file_name=restart+the+download&installer_id=5814291279809650308&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTMxMDE2OCwiaWF0IjoxNjY5MzAyOTY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2w4c2Q1MGliamM0bzM0bzgwNnI4YTgiLCJuYmYiOjE2NjkzMDI5NjgsInRzIjoxNjY5MzAyOTY4NTc3NTYzfQ.-6_dHitFXOFRUvgjNFBYyoYr3LqoK9Tf4MA5f_FpAbk&locale=EN&page_id=0&publisher_id=2109&session_id=3849726163828376518&sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920&source_id=0&step_id=1&uuid=%2A HTTP/1.1
Host: c1.getapplicationmy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1.getapplicationmy.info/?step_id=1&installer_id=5814291279809650308&publisher_id=2109&source_id=0&page_id=0&affiliate_id=0&country_code=TH&locale=EN&browser_id=4&download_id=8989550112986612604&external_id=0&session_id=3849726163828376518&hardware_id=10907072781520068500&installer_file_name=restart+the+download&uuid=*
Cookie: sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 24 Nov 2022 15:16:09 GMT
location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_SU5IleOSHalxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stleEiMFl0NUscCfSwvqLrt3Ni6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqf4h8XW3oo3KgwCmdvyHLFv_FYa7SBxIcs9FBGG7KDclmCVqtXP71FlORI6OE9wu32VR9N6VlO3IacDQOK-VfcWdoi-CHUVHtSB9Sx-s7vcAeaxKc6G9IsDwyAI_pxP8l6mRdX61FkrPYauYFhmk0HrPUMtOCDCczFcMVn9Y7vvYlBDcv9X3LmFAppFYNNIzrTIsNYMTB-VSVsYTleTaXoOOPad7U916vwpJzGpe6rA5QagBfxZFQyXmusJxFvUVGd6G5SE547-eeut9HnV7pohcdtcPj8vBXKssTarn2TYv9Jc1GsfeE3iu8hUsg76jAtn3ABXsIt9ap3N8aUimdg7h20eF2nTPOKQfBqs_8osWVc7uD5V3ktp7HYzwFGrb26biv7qQM2wPCNws_DhwV-6RbWmexDJP-hvbkJVyAQ_8Ayp5agST5XfBPAc_9eFP2dhKWmINt241Wo3ZbgW6ukU3m013TDzhAcBRrHQuj7jkdRvsdfiUMsCIVdrZnl1Z6Q5O6A5Dnk5KvyIfpiJtmbi5IfZTlhEWtH-HXmmAgaZPx89ft0JMRBPxp9zhHV5jwuW-sDad6jDvcbqRxrNRal8HFk3jfUCc-RI66Y_9pIvoTGL4kocLZSGpzkahoH54AQWqY47NALiBG8MZ8ZTNxnjB7PkeFzP7PEreplw__H_3r51ufQlcm-V_35L_YU5rTtVMG76myXC6eHVjZ9ABEcuh8tKZVx4u9FvkbK-3dJ44TwTf88QruHyiNPXr4mwRbB8S3_oJFRyoAbDA25L6ixcr2QqTqL7mjAOoFd8Zpf3U6hA9v7zawilC-swbpl3a65MEQ1IxiNxRDRsHYrnZcnJUha1buBFIDlnIdIPd-ute0yya-gG1eIqfjQD-aU9pK6nty94uS5FLE8JiukQZczXWZcLY709qLZWskcT584Ns23eYXvg3Ga6zIGsYDN1JrwkFCrDjDtmNtGVr38AdQdCsljQRUi6sc1GYq6N3Xr_x3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeLiE4ScfKiAjNtDi2nfvaqOKxFYEA1yqMDDhIvvWDjjHSdq46yfLC-NFfh5Hcy70mBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliKTEOj30cz8Z5GZ1oRoZqBvxQ8-ND3oyY7vsQLmg2vrVlK5Pp8oP2etDvfwyvOBULkRDMpb9sIgBmovpAhHlqjb3QmuxGayRCUWGIJM7Y0_dWQbsdxVB4xckg15ubBcxBtLPbkJ2zEcPg054Vjf-QWtaubucC-7peH8_0ByfSo24p3HGKA4DkaVHUVgE-cuaYAArBhPBCDIV2DwC0YDHGlaxsw9gdgn_QPfpmVtnMEzNAhc6UQPNDVkhYzcek6I_ZL3cviTEhS07loU_DeYQptrKA702xtOJVcczBayHf-z9pBpKPHqFei5BYH2uSc2i5Gp1WRhbkPKCYPbwW8hssrXxaaKUF0vyJzX_8Sm8JSV-DhlSKu0kB7fcUlWsJB618GhtuLZUTFSQBK8wf2VrSUdOCr0TtmJXNw4ZUirtJAe3PGMCz63C96oWvK5oacX2YD_8oUGQDMNtnqY_k9iJ3X336ZlbZzBMzZ143l3T4f2FEfpwp0bdLor3QmuxGayRCUWGIJM7Y0_dM2-r2x-vXLY
server: nginx
set-cookie: sid=ec25c7d4-6c0a-11ed-b7a6-04fe51ced920; path=/; domain=.getapplicationmy.info; expires=Tue, 12 Dec 2090 18:30:16 GMT; max-age=2147483647; HttpOnly
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 077b945d3a829a4bc425221cde262257
64eedf0134098a56933783caae12ccf93b8e5194
6f90a7776c0b56af2d29c19f2d34bb0ff42a30abda0d526cbda2ff8984d42215
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 15:16:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 07:25:45 GMT
Expires: Thu, 01 Dec 2022 07:25:44 GMT
Etag: "64eedf0134098a56933783caae12ccf93b8e5194"
Cache-Control: max-age=575973,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f31aabfd5fb524-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_SU5IleOSHalxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stleEiMFl0NUscCfSwvqLrt3Ni6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqf4h8XW3oo3KgwCmdvyHLFv_FYa7SBxIcs9FBGG7KDclmCVqtXP71FlORI6OE9wu32VR9N6VlO3IacDQOK-VfcWdoi-CHUVHtSB9Sx-s7vcAeaxKc6G9IsDwyAI_pxP8l6mRdX61FkrPYauYFhmk0HrPUMtOCDCczFcMVn9Y7vvYlBDcv9X3LmFAppFYNNIzrTIsNYMTB-VSVsYTleTaXoOOPad7U916vwpJzGpe6rA5QagBfxZFQyXmusJxFvUVGd6G5SE547-eeut9HnV7pohcdtcPj8vBXKssTarn2TYv9Jc1GsfeE3iu8hUsg76jAtn3ABXsIt9ap3N8aUimdg7h20eF2nTPOKQfBqs_8osWVc7uD5V3ktp7HYzwFGrb26biv7qQM2wPCNws_DhwV-6RbWmexDJP-hvbkJVyAQ_8Ayp5agST5XfBPAc_9eFP2dhKWmINt241Wo3ZbgW6ukU3m013TDzhAcBRrHQuj7jkdRvsdfiUMsCIVdrZnl1Z6Q5O6A5Dnk5KvyIfpiJtmbi5IfZTlhEWtH-HXmmAgaZPx89ft0JMRBPxp9zhHV5jwuW-sDad6jDvcbqRxrNRal8HFk3jfUCc-RI66Y_9pIvoTGL4kocLZSGpzkahoH54AQWqY47NALiBG8MZ8ZTNxnjB7PkeFzP7PEreplw__H_3r51ufQlcm-V_35L_YU5rTtVMG76myXC6eHVjZ9ABEcuh8tKZVx4u9FvkbK-3dJ44TwTf88QruHyiNPXr4mwRbB8S3_oJFRyoAbDA25L6ixcr2QqTqL7mjAOoFd8Zpf3U6hA9v7zawilC-swbpl3a65MEQ1IxiNxRDRsHYrnZcnJUha1buBFIDlnIdIPd-ute0yya-gG1eIqfjQD-aU9pK6nty94uS5FLE8JiukQZczXWZcLY709qLZWskcT584Ns23eYXvg3Ga6zIGsYDN1JrwkFCrDjDtmNtGVr38AdQdCsljQRUi6sc1GYq6N3Xr_x3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeLiE4ScfKiAjNtDi2nfvaqOKxFYEA1yqMDDhIvvWDjjHSdq46yfLC-NFfh5Hcy70mBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliKTEOj30cz8Z5GZ1oRoZqBvxQ8-ND3oyY7vsQLmg2vrVlK5Pp8oP2etDvfwyvOBULkRDMpb9sIgBmovpAhHlqjb3QmuxGayRCUWGIJM7Y0_dWQbsdxVB4xckg15ubBcxBtLPbkJ2zEcPg054Vjf-QWtaubucC-7peH8_0ByfSo24p3HGKA4DkaVHUVgE-cuaYAArBhPBCDIV2DwC0YDHGlaxsw9gdgn_QPfpmVtnMEzNAhc6UQPNDVkhYzcek6I_ZL3cviTEhS07loU_DeYQptrKA702xtOJVcczBayHf-z9pBpKPHqFei5BYH2uSc2i5Gp1WRhbkPKCYPbwW8hssrXxaaKUF0vyJzX_8Sm8JSV-DhlSKu0kB7fcUlWsJB618GhtuLZUTFSQBK8wf2VrSUdOCr0TtmJXNw4ZUirtJAe3PGMCz63C96oWvK5oacX2YD_8oUGQDMNtnqY_k9iJ3X336ZlbZzBMzZ143l3T4f2FEfpwp0bdLor3QmuxGayRCUWGIJM7Y0_dM2-r2x-vXLY
108.168.193.189302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_SU5IleOSHalxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stleEiMFl0NUscCfSwvqLrt3Ni6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqf4h8XW3oo3KgwCmdvyHLFv_FYa7SBxIcs9FBGG7KDclmCVqtXP71FlORI6OE9wu32VR9N6VlO3IacDQOK-VfcWdoi-CHUVHtSB9Sx-s7vcAeaxKc6G9IsDwyAI_pxP8l6mRdX61FkrPYauYFhmk0HrPUMtOCDCczFcMVn9Y7vvYlBDcv9X3LmFAppFYNNIzrTIsNYMTB-VSVsYTleTaXoOOPad7U916vwpJzGpe6rA5QagBfxZFQyXmusJxFvUVGd6G5SE547-eeut9HnV7pohcdtcPj8vBXKssTarn2TYv9Jc1GsfeE3iu8hUsg76jAtn3ABXsIt9ap3N8aUimdg7h20eF2nTPOKQfBqs_8osWVc7uD5V3ktp7HYzwFGrb26biv7qQM2wPCNws_DhwV-6RbWmexDJP-hvbkJVyAQ_8Ayp5agST5XfBPAc_9eFP2dhKWmINt241Wo3ZbgW6ukU3m013TDzhAcBRrHQuj7jkdRvsdfiUMsCIVdrZnl1Z6Q5O6A5Dnk5KvyIfpiJtmbi5IfZTlhEWtH-HXmmAgaZPx89ft0JMRBPxp9zhHV5jwuW-sDad6jDvcbqRxrNRal8HFk3jfUCc-RI66Y_9pIvoTGL4kocLZSGpzkahoH54AQWqY47NALiBG8MZ8ZTNxnjB7PkeFzP7PEreplw__H_3r51ufQlcm-V_35L_YU5rTtVMG76myXC6eHVjZ9ABEcuh8tKZVx4u9FvkbK-3dJ44TwTf88QruHyiNPXr4mwRbB8S3_oJFRyoAbDA25L6ixcr2QqTqL7mjAOoFd8Zpf3U6hA9v7zawilC-swbpl3a65MEQ1IxiNxRDRsHYrnZcnJUha1buBFIDlnIdIPd-ute0yya-gG1eIqfjQD-aU9pK6nty94uS5FLE8JiukQZczXWZcLY709qLZWskcT584Ns23eYXvg3Ga6zIGsYDN1JrwkFCrDjDtmNtGVr38AdQdCsljQRUi6sc1GYq6N3Xr_x3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeLiE4ScfKiAjNtDi2nfvaqOKxFYEA1yqMDDhIvvWDjjHSdq46yfLC-NFfh5Hcy70mBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliKTEOj30cz8Z5GZ1oRoZqBvxQ8-ND3oyY7vsQLmg2vrVlK5Pp8oP2etDvfwyvOBULkRDMpb9sIgBmovpAhHlqjb3QmuxGayRCUWGIJM7Y0_dWQbsdxVB4xckg15ubBcxBtLPbkJ2zEcPg054Vjf-QWtaubucC-7peH8_0ByfSo24p3HGKA4DkaVHUVgE-cuaYAArBhPBCDIV2DwC0YDHGlaxsw9gdgn_QPfpmVtnMEzNAhc6UQPNDVkhYzcek6I_ZL3cviTEhS07loU_DeYQptrKA702xtOJVcczBayHf-z9pBpKPHqFei5BYH2uSc2i5Gp1WRhbkPKCYPbwW8hssrXxaaKUF0vyJzX_8Sm8JSV-DhlSKu0kB7fcUlWsJB618GhtuLZUTFSQBK8wf2VrSUdOCr0TtmJXNw4ZUirtJAe3PGMCz63C96oWvK5oacX2YD_8oUGQDMNtnqY_k9iJ3X336ZlbZzBMzZ143l3T4f2FEfpwp0bdLor3QmuxGayRCUWGIJM7Y0_dM2-r2x-vXLY
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_SU5IleOSHalxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stleEiMFl0NUscCfSwvqLrt3Ni6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqf4h8XW3oo3KgwCmdvyHLFv_FYa7SBxIcs9FBGG7KDclmCVqtXP71FlORI6OE9wu32VR9N6VlO3IacDQOK-VfcWdoi-CHUVHtSB9Sx-s7vcAeaxKc6G9IsDwyAI_pxP8l6mRdX61FkrPYauYFhmk0HrPUMtOCDCczFcMVn9Y7vvYlBDcv9X3LmFAppFYNNIzrTIsNYMTB-VSVsYTleTaXoOOPad7U916vwpJzGpe6rA5QagBfxZFQyXmusJxFvUVGd6G5SE547-eeut9HnV7pohcdtcPj8vBXKssTarn2TYv9Jc1GsfeE3iu8hUsg76jAtn3ABXsIt9ap3N8aUimdg7h20eF2nTPOKQfBqs_8osWVc7uD5V3ktp7HYzwFGrb26biv7qQM2wPCNws_DhwV-6RbWmexDJP-hvbkJVyAQ_8Ayp5agST5XfBPAc_9eFP2dhKWmINt241Wo3ZbgW6ukU3m013TDzhAcBRrHQuj7jkdRvsdfiUMsCIVdrZnl1Z6Q5O6A5Dnk5KvyIfpiJtmbi5IfZTlhEWtH-HXmmAgaZPx89ft0JMRBPxp9zhHV5jwuW-sDad6jDvcbqRxrNRal8HFk3jfUCc-RI66Y_9pIvoTGL4kocLZSGpzkahoH54AQWqY47NALiBG8MZ8ZTNxnjB7PkeFzP7PEreplw__H_3r51ufQlcm-V_35L_YU5rTtVMG76myXC6eHVjZ9ABEcuh8tKZVx4u9FvkbK-3dJ44TwTf88QruHyiNPXr4mwRbB8S3_oJFRyoAbDA25L6ixcr2QqTqL7mjAOoFd8Zpf3U6hA9v7zawilC-swbpl3a65MEQ1IxiNxRDRsHYrnZcnJUha1buBFIDlnIdIPd-ute0yya-gG1eIqfjQD-aU9pK6nty94uS5FLE8JiukQZczXWZcLY709qLZWskcT584Ns23eYXvg3Ga6zIGsYDN1JrwkFCrDjDtmNtGVr38AdQdCsljQRUi6sc1GYq6N3Xr_x3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeLiE4ScfKiAjNtDi2nfvaqOKxFYEA1yqMDDhIvvWDjjHSdq46yfLC-NFfh5Hcy70mBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliKTEOj30cz8Z5GZ1oRoZqBvxQ8-ND3oyY7vsQLmg2vrVlK5Pp8oP2etDvfwyvOBULkRDMpb9sIgBmovpAhHlqjb3QmuxGayRCUWGIJM7Y0_dWQbsdxVB4xckg15ubBcxBtLPbkJ2zEcPg054Vjf-QWtaubucC-7peH8_0ByfSo24p3HGKA4DkaVHUVgE-cuaYAArBhPBCDIV2DwC0YDHGlaxsw9gdgn_QPfpmVtnMEzNAhc6UQPNDVkhYzcek6I_ZL3cviTEhS07loU_DeYQptrKA702xtOJVcczBayHf-z9pBpKPHqFei5BYH2uSc2i5Gp1WRhbkPKCYPbwW8hssrXxaaKUF0vyJzX_8Sm8JSV-DhlSKu0kB7fcUlWsJB618GhtuLZUTFSQBK8wf2VrSUdOCr0TtmJXNw4ZUirtJAe3PGMCz63C96oWvK5oacX2YD_8oUGQDMNtnqY_k9iJ3X336ZlbZzBMzZ143l3T4f2FEfpwp0bdLor3QmuxGayRCUWGIJM7Y0_dM2-r2x-vXLY HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c1.getapplicationmy.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 24 Nov 2022 15:16:10 GMT
content-length: 0
set-cookie: rhid=82432261743; Max-Age=15552000; Expires=Tue, 23-May-2023 15:16:10 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p185689.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplgdyiN53G4w4iXD7klJ1soTN51QfSABfb5V1c6EPCUBHQZJmTz01hKSQ2vqeL6yY8OGVIq7SQHtx_OFPQCjhnAH-x-IPcASFnqtVa-2GiiP3Gw-sO1_rUq1R9o9SZG6I6v-KwP6NPP-OWD5KNHTUkwhWEgv8CbnYyFVeGWQDnkQRltjPnnWR7AE3etKt5ABP6K2RVFz-dUO3kCNH_7FwTEcPsWYYAHXuuIiL9Dueu6NG9ZRcugIsLmQGyX6TAX9PihRfh7j5gJJsPygQ54GEcnI_6xtxDi9X5Kgbz0VF_-WH_9b8ky2I1b9jtsDaOMRPTF2zLY09swJV2k4XVJzHJXhtG8JWcgjAVM3nVB9IAF9s0nxK-yUfBaAUgheKjLQ6KwCMoixrppYpzOdbr39iZtp1G14qROszd_qCYvh_QGQx2Qa1NZi5E3diGSWbgUjfjtF6khNhNQxyZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v0gFfTyOLRiwQ&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukM9EGt2BuSY6dMS3Fphj6SOGQC9dDh_SZpF7-6xQY3BPj4nA3ArmfBrSWWBbJth49B0KBelcUuVng&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=JqqHJF0zZfk&rr=1&abtg=0
X-Firefox-Spdy: h2
globalconsumerwinner.com/redirect-simple?ci=193&c=no&m_c_r=best
137.74.65.7301 Moved Permanently 185 B URL HTTP/2 globalconsumerwinner.com/redirect-simple?ci=193&c=no&m_c_r=best
IP 137.74.65.7:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4c555068310076e85908835c721911f5
9ec990aabb4391e139034f68e5e657e0f1d0b74d
568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
GET /redirect-simple?ci=193&c=no&m_c_r=best HTTP/1.1
Host: globalconsumerwinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx/1.14.2
date: Thu, 24 Nov 2022 15:16:10 GMT
content-type: text/html
content-length: 185
location: https://www.globalconsumerwinner.com/redirect-simple?ci=193&c=no&m_c_r=best
x-frame-options: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:16:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:16:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:16:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:16:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 62944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 28923
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 62783
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 61936
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 28848
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 62331
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29564, version 1.0\012- data
Hash 1b66ccb164151a6cf698667c8b570cc6
f5617a0f087645703c874453960be6382c8a7427
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
GET /s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.globalconsumerwinner.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:17:02 GMT
expires: Wed, 22 Nov 2023 01:17:02 GMT
cache-control: public, max-age=31536000
age: 223149
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.srvtrck.com/v1/redirect?type=linkId&id=0f929ece25c24f1ea3b661c1d7d49c05&api_key=4762ed855d632653578bb0b0b1cbab5b&site_id=8233b159ba5c4e4f970e524d6dd1a9c6&dch=feed&ad_t=advertiser&yk_tag=-no--
104.19.169.96302 Found 0 B URL HTTP/2 r.srvtrck.com/v1/redirect?type=linkId&id=0f929ece25c24f1ea3b661c1d7d49c05&api_key=4762ed855d632653578bb0b0b1cbab5b&site_id=8233b159ba5c4e4f970e524d6dd1a9c6&dch=feed&ad_t=advertiser&yk_tag=-no--
IP 104.19.169.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?type=linkId&id=0f929ece25c24f1ea3b661c1d7d49c05&api_key=4762ed855d632653578bb0b0b1cbab5b&site_id=8233b159ba5c4e4f970e524d6dd1a9c6&dch=feed&ad_t=advertiser&yk_tag=-no-- HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:11 GMT
content-length: 0
location: http://www.fc-moto.de
p3p: CP="CAO PSA OUR"
set-cookie: ykuid=2e44eac771c84ca9a971bbf158f1a02f; Domain=.srvtrck.com; Expires=Fri, 24-Nov-2023 15:16:11 GMT; Path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f31ab27ce7b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.fc-moto.de/
104.20.16.34301 Moved Permanently 612 B IP 104.20.16.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (380)
Hash 99dd25cf73c84f2987bea01683ef51a3
6655892d06263dc9b1714caf1385ba49dc4f18b5
06933587ca253b791e4534e5b0bfada1d60e413cbf82346e4405c4b0daf03dc3
GET / HTTP/1.1
Host: www.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 15:16:11 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.fc-moto.de/
CF-Cache-Status: DYNAMIC
Server-Timing: cf-q-config;dur=6.0000020312145e-06
Server: cloudflare
CF-RAY: 76f31ab44b5e1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26705ef00b24c8a972ab8fefdf19ec7b
de3d46908ff270c65896905840de2be0d84b59b3
f3c9bbfa4d4d9ca72d4199ef3fd0eddf44327c70cc1154fbd38936ef73223a13
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5669
Cache-Control: max-age=126808
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:11 GMT
Etag: "637ec0ee-1d7"
Expires: Sat, 26 Nov 2022 02:29:39 GMT
Last-Modified: Thu, 24 Nov 2022 00:55:10 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26705ef00b24c8a972ab8fefdf19ec7b
de3d46908ff270c65896905840de2be0d84b59b3
f3c9bbfa4d4d9ca72d4199ef3fd0eddf44327c70cc1154fbd38936ef73223a13
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:13 GMT
Last-Modified: Thu, 24 Nov 2022 14:44:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 20687e640af9d48594c21c5eea651168
b98b6f8edb54a5fdd5c08fd7d4d9eaaf3deec4f1
ca22af3aa955a33fd79ea44866fd1611406a7a1cdf8d540b2b1c1d3d2dca39c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3045
Cache-Control: max-age=135674
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:13 GMT
Etag: "637eedd2-117"
Expires: Sat, 26 Nov 2022 04:57:27 GMT
Last-Modified: Thu, 24 Nov 2022 04:06:42 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
www.fc-moto.de/WebRoot/StoreTypes/6.16.1/Store/lib/package-sf.min.css
104.20.17.34200 OK 55 kB URL HTTP/2 www.fc-moto.de/WebRoot/StoreTypes/6.16.1/Store/lib/package-sf.min.css
IP 104.20.17.34:0
File type ASCII text, with very long lines (41835)
Hash faad9f038b1667103ce20d00eff3bea7
c790afc1b80e92b44538487c59c7356c963f897d
12e0097c871fece32b36fdf458e209f5329bdffa12933f087434c950d27ef9f7
GET /WebRoot/StoreTypes/6.16.1/Store/lib/package-sf.min.css HTTP/1.1
Host: www.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Cookie: ShopInit=1; ShopInit-legacy=1; IC_DeliveryCountry=NO; IC_DeliveryCountry-legacy=NO; IC_IP2Location_Locale=no_NO; IC_IP2Location_Locale-legacy=no_NO; SessionID-legacy=6edb10cfe7ef917cb03c6997876be4a5; IC_TargetCurrency=NOK; IC_TargetCurrency-legacy=NOK; SessionID=6edb10cfe7ef917cb03c6997876be4a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:13 GMT
content-type: text/css
last-modified: Tue, 03 Sep 2013 09:49:34 GMT
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 16:22:12 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Accept-Language,Connection,Content-Type,Cookie,DNT,Host,Keep-Alive,Origin,Referer,User-Agent,X-CSRF-Token,X-Requested-With
access-control-allow-credentials: true
p3p: CP="NOI NAV"
cf-cache-status: HIT
age: 514441
server: cloudflare
cf-ray: 76f31ac11a161bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 252d5293a18da84cc494dd72e1fefed3
52f64c4cfe0b8c7e68d4ac7c1e5d6e483690a136
16356d42f88f6a29cf5df17d9461180869ef8145e5a2d120e65f64c8e11f9e0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2273
Cache-Control: max-age=144265
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:13 GMT
Etag: "637f1265-116"
Expires: Sat, 26 Nov 2022 07:20:38 GMT
Last-Modified: Thu, 24 Nov 2022 06:42:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Permanent+Marker&display=swap
142.250.74.10200 OK 119 kB URL HTTP/2 fonts.googleapis.com/css?family=Permanent+Marker&display=swap
IP 142.250.74.10:0
Size 119 kB (118948 bytes)
Hash 1222952bc1698598b0582fc779b6e4d6
ea3814c4c715940f9bef834d1c552a112561a13a
8b2f5e4c3f5f7814327cd01e2cbab5d9f2e89eda6c3e355413dde51c27ce7b57
GET /css?family=Permanent+Marker&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.globalconsumerwinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 15:16:11 GMT
date: Thu, 24 Nov 2022 15:16:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 64bacbb678651eb2188087ef97a8d3ba
b60612b4347f06f6252787c9818d0abf23142a8c
52da706502df2f837bf52848fe06737bb2c3d2bfd5f099650a6c7491164c5b2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:14 GMT
Last-Modified: Thu, 24 Nov 2022 14:38:53 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 400 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
Size 400 kB (400374 bytes)
Hash 178628a33e4ed3eb73fc0dbc539163ef
eb7a82015acd9aad6c362bc0b4fce8e965ccddb3
d8c37d2ab3e83d190ec62029ad9aa09ed7ea14f3b32ba851b5c170f69e007f4d
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f31ac1eac3b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 4.7 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8de66f3eee33d972d20506bb6ecf81c7
def9cd372c70f09f0603fc9db4dddb2bd0811e35
87db15713815d2c68875275cac9aad0c0fe225394d5fe1999c584dc598e0a425
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3B202B8AEA8696CF4C99239EA0981E6D854F0BDADEDEBF1F22FFB0850658848"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6657
Expires: Thu, 24 Nov 2022 17:07:11 GMT
Date: Thu, 24 Nov 2022 15:16:14 GMT
Connection: keep-alive
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 7.5 kB URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
Hash 488e071de31ad1f9bdbd5fb84293d110
0d0b9d5dbddb34d4fe1656af7c87170f2db5dd31
7953e0f3b8ecbf41626f8898a59be8a1ac6931fba4c6a452ec9ec46c62a637ae
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f31ac41a061c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.fc-moto.de/
104.20.17.34200 OK 86 kB IP 104.20.17.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8369), with CRLF, LF line terminators
Hash c63397b473d88000c8d02e6f527f297e
bae905c547ac783817c26952bc71b2f4a28e3ac2
3c2f095426e02199db25d2e9b99086e98b2f48a19998facd3f43bbb9e1e03817
GET / HTTP/1.1
Host: www.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:13 GMT
content-type: text/html; charset=utf-8
vary: Host,Accept-Encoding,User-Agent
content-language: no
x-appserver: 172.30.20.10:10079
x-powered-by: epages 6
x-store: FCMotoDB
x-timeas: 1605
set-cookie: ShopInit=1; Version=1; SameSite=None;Path=/; Comment=To test if browser accepts cookies; HttpOnly; secure
ShopInit-legacy=1; Version=1;Path=/; Comment=To test if browser accepts cookies; HttpOnly; secure
ShopInit-legacy=1; Version=1;Path=/; Comment=To test if browser accepts cookies; HttpOnly; secure
IC_DeliveryCountry=NO; Version=1; SameSite=None;Path=/; HttpOnly; secure
IC_DeliveryCountry-legacy=NO; Version=1;Path=/; HttpOnly; secure
IC_DeliveryCountry-legacy=NO; Version=1;Path=/; HttpOnly; secure
IC_IP2Location_Locale=no_NO; Version=1; SameSite=None; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
IC_IP2Location_Locale-legacy=no_NO; Version=1; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
IC_IP2Location_Locale-legacy=no_NO; Version=1; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
SessionID-legacy=6edb10cfe7ef917cb03c6997876be4a5; Version=1;Path=/; HttpOnly; secure
IC_TargetCurrency=NOK; Version=1; SameSite=None; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
IC_TargetCurrency-legacy=NOK; Version=1; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
IC_TargetCurrency-legacy=NOK; Version=1; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
ShopInit=1; Version=1; SameSite=None;Path=/; Comment=To test if browser accepts cookies; HttpOnly; secure
ShopInit-legacy=1; Version=1;Path=/; Comment=To test if browser accepts cookies; HttpOnly; secure
IC_DeliveryCountry=NO; Version=1; SameSite=None;Path=/; HttpOnly; secure
IC_DeliveryCountry-legacy=NO; Version=1;Path=/; HttpOnly; secure
IC_IP2Location_Locale=no_NO; Version=1; SameSite=None; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
IC_IP2Location_Locale-legacy=no_NO; Version=1; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
SessionID-legacy=6edb10cfe7ef917cb03c6997876be4a5; Version=1;Path=/; HttpOnly; secure
IC_TargetCurrency=NOK; Version=1; SameSite=None; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
IC_TargetCurrency-legacy=NOK; Version=1; Max-Age=157680000; Path=/; Expires=Wed, 24-Nov-2027 04:16:11 CET; HttpOnly; secure
SessionID=6edb10cfe7ef917cb03c6997876be4a5; Version=1; SameSite=None; Path=/; HttpOnly; secure
SessionID-legacy=6edb10cfe7ef917cb03c6997876be4a5; Version=1; Path=/; HttpOnly; secure
SessionID=;Max-Age=0;SameSite=None;Expires=Tue, 29-Mar-2005 19:30:42 GMT;Path=/epages/fcm.sf
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Accept-Language,Connection,Content-Type,Cookie,DNT,Host,Keep-Alive,Origin,Referer,User-Agent,X-CSRF-Token,X-Requested-With
access-control-allow-credentials: true
p3p: CP="NOI NAV"
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f31ab53dd01bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.8 kB IP 93.184.220.29:0
Hash db767ac25240205058a4fe785b212256
fd83a881767021e61c72e1103d290c932251c787
4c7ef5d4dd6e5c0249fbc33ff5e80296a0d9fa311fcb9d40fd66a53ea72ae0dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4313
Cache-Control: max-age=142381
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:14 GMT
Etag: "637f0312-117"
Expires: Sat, 26 Nov 2022 06:49:15 GMT
Last-Modified: Thu, 24 Nov 2022 05:37:22 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
cookie-cdn.cookiepro.com/scripttemplates/6.12.0/assets/v2/otPcTab.json
104.18.3.3200 OK 19 kB URL HTTP/2 cookie-cdn.cookiepro.com/scripttemplates/6.12.0/assets/v2/otPcTab.json
IP 104.18.3.3:0
Hash 882bf8409605a84e8190e81d67533454
38e731e6d2101525475806ba99d1aa2a03d082f6
93b468e7d777b3ab571df1368de1d5a815500ca92176bf9a3940a24893bb59d9
GET /scripttemplates/6.12.0/assets/v2/otPcTab.json HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fc-moto.de/
Origin: https://www.fc-moto.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/json
content-md5: GnXyviRqBJ9J+P0JZdTpiw==
last-modified: Wed, 20 Jan 2021 07:14:36 GMT
x-ms-request-id: 24436439-f01e-0006-776a-de0bf2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 38907
expires: Fri, 25 Nov 2022 15:16:14 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f31ac6e829b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.scarabresearch.com/wpjs/wploader.js?ts=2760
54.230.111.21200 OK 11 kB URL HTTP/1.1 static.scarabresearch.com/wpjs/wploader.js?ts=2760
IP 54.230.111.21:0
File type Unicode text, UTF-8 text, with very long lines (26064)
Hash 0f773e1beaf5e952a4c0a046abd6c30a
0dededb556d0a9cebceeb7ae2aa06a97d690bf28
5797e0fc2f0b6436894e52be62e17d8e5a197a3aaa5dea334225bb52f63fd16a
GET /wpjs/wploader.js?ts=2760 HTTP/1.1
Host: static.scarabresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 11:09:48 GMT
x-amz-version-id: DzVXMgBeksdrQfAKjc.ckmkVhMlLjwqT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 23 Nov 2022 22:32:22 GMT
Cache-Control: max-age=86400
ETag: W/"1bb200ba7add3c5d4bfb6f3822bfe5af"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JhQBlyeC2Jwf5AdXmnT_QMeg3eMENDUgPeWArLNvXtRd5DSLPWZg8w==
Age: 60233
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 24ac8d7bbf729c2ff337e5870b151c6f
e39a6b6029fad3b0b67b402a2875be4816fc6513
af47b454ee92d890c4eb654105779629bd9433fa7933c11b98c944798fc2c35b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5538
Cache-Control: max-age=143606
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:14 GMT
Etag: "637f0312-117"
Expires: Sat, 26 Nov 2022 07:09:40 GMT
Last-Modified: Thu, 24 Nov 2022 05:37:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
static.cleverpush.com/channel/loader/pP2ptDvFE7FiBZsvS.js
104.26.15.31200 OK 89 kB URL HTTP/2 static.cleverpush.com/channel/loader/pP2ptDvFE7FiBZsvS.js
IP 104.26.15.31:0
Hash 2faf24c3b1a80f82d8268dbcc9fef1da
97519b37b57d5f35411ab00f384cbd6c839b9dd2
b7bd759f2e07d14a2664665506d576367175697319f42dd2c290ff5f246c6dfe
GET /channel/loader/pP2ptDvFE7FiBZsvS.js HTTP/1.1
Host: static.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/javascript
x-amz-id-2: d2Jk6XU5TXANvBWRUCcce6+FZMzzLnUDJSEYeJ2D+j6XbN1uIbtBopO6ixRg3IKvsqAXrOTxQTM=
x-amz-request-id: E6P6WJBQ450B6521
last-modified: Wed, 23 Nov 2022 00:02:35 GMT
etag: W/"7ee820bd638fa21c050d3d87016ae79c"
cache-control: public, max-age=21600
cf-cache-status: HIT
age: 10750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j53v5LJIGd%2BUanFR9nucsw%2FciTlTaNA2jTDKJFZKgzP4VLsPx8oDo2agiGfTMl6W0OpVd6BFin721bCAoqa6JTtN1BXTfTP4ZGbTUjIAAsKkf4G53CP7uHqOUfyuuYmYXJSMr8xqzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f31ac7e9a2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p.fc-moto.de/p/tgTrackingProxy/tp.php
116.203.65.47200 OK 2.4 kB URL HTTP/2 p.fc-moto.de/p/tgTrackingProxy/tp.php
IP 116.203.65.47:0
ASN #24940 Hetzner Online GmbH
Hash 1d68545519152c25a6825bca47ac00b7
76012d79793c30b157669b6d0eb9ed0fafe8127d
e90a0f7184795fc2ef17df05d6c027dde307c4ffed617c49f158bdf722465b6b
OPTIONS /p/tgTrackingProxy/tp.php HTTP/1.1
Host: p.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.fc-moto.de/
Origin: https://www.fc-moto.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.fc-moto.de
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
content-encoding: br
X-Firefox-Spdy: h2
p.fc-moto.de/p/tgTrackingProxy/tp.php
116.203.65.47200 OK 808 B URL HTTP/2 p.fc-moto.de/p/tgTrackingProxy/tp.php
IP 116.203.65.47:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (528), with no line terminators
Hash c384230d544d60449a78f6a5c86ba60e
a2254008a3a063d5477ea089f060ea6edff33316
968597db45399c5e17a3db9c7d4d5c87ab2e725570c5ef2cfbc8ff3dc112515d
POST /p/tgTrackingProxy/tp.php HTTP/1.1
Host: p.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 2339
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Thu+Nov+24+2022+15%3A16%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.12.0&hosts=&consentId=fbe2121f-69cc-4a93-83bd-7e7278a9f753&interactionCount=0&landingPath=https%3A%2F%2Fwww.fc-moto.de%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www.fc-moto.de
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2755cd8e56fa66506ab7d537e7f7a279
34a208f3dadbb5a43d816f4baedbe54c9b416c98
569f690c5675eb6723df230c5afc6aae7deb9726d567bc3e17e9e5069ff1f457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "569F690C5675EB6723DF230C5AFC6AAE7DEB9726D567BC3E17E9E5069FF1F457"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Thu, 24 Nov 2022 15:56:56 GMT
Date: Thu, 24 Nov 2022 15:16:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 11 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 397b8ad62ca893636b126969db4843b1
112797dcecda4b777a04bcc56a7ba9d3746f75bb
3e89a8a43812dda44fcd618a7e7aa71f04e2db3fe96a7046f7a3716543af3516
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41A5826C4EE61C5E28E9CDC633889A9E78DB0BAAF9CC741F254A83CF85692230"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6956
Expires: Thu, 24 Nov 2022 17:12:11 GMT
Date: Thu, 24 Nov 2022 15:16:15 GMT
Connection: keep-alive
hal9000.redintelligence.net/retarget?a=42538&version=1&mode=img
138.201.84.252302 Found 0 B URL HTTP/1.1 hal9000.redintelligence.net/retarget?a=42538&version=1&mode=img
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /retarget?a=42538&version=1&mode=img HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 15:16:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=fd148fbcfbefba10; expires=Wed, 22-Feb-2023 15:16:15 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=42538&version=1&mode=img&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash dec9145006b6908c027ac5e59ab60730
aff6a0460c6e692b27f05366d8bbba634ccb19a2
58df82c93d1d70f32302046d0ab755e35e807c8784ef76be554b55c1978f61a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126290
Date: Thu, 24 Nov 2022 15:16:15 GMT
Etag: "637ed046-1d7"
Expires: Sat, 26 Nov 2022 02:21:05 GMT
Last-Modified: Thu, 24 Nov 2022 02:00:38 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LNorOTvXABDqb-jDsnpLfNKQrpWlPkgVuKw0_ebQ4sfC6MlI07zzsA==
Age: 1227
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 52d319d38501f48189595a90daba5f88
b10cdf9f17c76617a0d6fe271255dca5c2406d9d
12238963e58c5c78c58076afa431b2c33dbe61df2c4aea81334b36d047d8c9c8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146373
Date: Thu, 24 Nov 2022 15:16:15 GMT
Etag: "637f1f1c-1d7"
Expires: Sat, 26 Nov 2022 07:55:48 GMT
Last-Modified: Thu, 24 Nov 2022 07:37:00 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KFctTFTDHR5N-_nt1w6jU9SQDjV0ZMzrDiAGwfcw1jfXK4uvxrh8jg==
Age: 1128
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2755cd8e56fa66506ab7d537e7f7a279
34a208f3dadbb5a43d816f4baedbe54c9b416c98
569f690c5675eb6723df230c5afc6aae7deb9726d567bc3e17e9e5069ff1f457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "569F690C5675EB6723DF230C5AFC6AAE7DEB9726D567BC3E17E9E5069FF1F457"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Thu, 24 Nov 2022 15:56:56 GMT
Date: Thu, 24 Nov 2022 15:16:15 GMT
Connection: keep-alive
api.cleverpush.com/channel/optin-visitor
104.26.15.31200 OK 0 B URL HTTP/2 api.cleverpush.com/channel/optin-visitor
IP 104.26.15.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.fc-moto.de/
Origin: https://www.fc-moto.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE1A7nmzUpv46CG7dHgNCiipDFPiq%2BMlTU8tCpkQQS6WPyWGnZwLRP7dS%2FBevaOb%2F2aqpF%2B8yQDW6PIb2V6vp3zOoGTDFbg65IRsrN39Yu2cBxAs7ezZWuSTAX40PBWox27ceA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f31acc9950fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
recommender.scarabresearch.com/merchants/13F587DE98AF4DC1/?pv=1182301098&xp=1&f=f%3APERSONAL%2Cl%3A10%2Co%3A0&cv=1&ca=&cp=1
52.29.57.30200 OK 10 kB URL HTTP/1.1 recommender.scarabresearch.com/merchants/13F587DE98AF4DC1/?pv=1182301098&xp=1&f=f%3APERSONAL%2Cl%3A10%2Co%3A0&cv=1&ca=&cp=1
IP 52.29.57.30:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65214), with no line terminators
Hash b4c95b83e0fd8859278c0d11c6b9b946
fef083cbb793c88f68113d63d30665352c2e3bf6
4649250e63affcff534d41ef92dfdfac87cd00fd94f790218c3b9c1a39ddc85a
GET /merchants/13F587DE98AF4DC1/?pv=1182301098&xp=1&f=f%3APERSONAL%2Cl%3A10%2Co%3A0&cv=1&ca=&cp=1 HTTP/1.1
Host: recommender.scarabresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.fc-moto.de
Content-Encoding: gzip
Content-Type: application/json;charset=utf-8
Date: Thu, 24 Nov 2022 15:16:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Set-Cookie: cdv=199DF51383D93F2B; Path=/; Expires=Fri, 24-Nov-2023 21:05:27 GMT; Max-Age=31556952; Secure; SameSite=None
s=32F65F850DC216C2; Secure; SameSite=None
Timing-Allow-Origin: *
Vary: Accept-Encoding, User-Agent
transfer-encoding: chunked
Connection: keep-alive
retrack-kupona.kuponacdn.de/customers/14588.html
35.157.253.162200 OK 18 kB URL HTTP/2 retrack-kupona.kuponacdn.de/customers/14588.html
IP 35.157.253.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5887)
Hash e8cc214251349719c366bd3a9b3e26d2
3da7808ea377804e5b8cb3057dc44590438db709
7bfd37b406c4fa27e54e871e6dd9cb96f7200af4f918525e1d823e8009c22558
GET /customers/14588.html HTTP/1.1
Host: retrack-kupona.kuponacdn.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: text/html
content-length: 17574
server: nginx/1.14.2
x-amz-id-2: 0BPC1QLqWqkpZy4YUaoicV2ZFgUe0gQxieTp9PvKRrFE6LGubNtoS1a+5vsrxaBGB8CEGjZbtm8=
x-amz-request-id: 1K8JX44AK37CJ72F
last-modified: Wed, 23 Nov 2022 19:08:21 GMT
etag: "e8cc214251349719c366bd3a9b3e26d2"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 23 Nov 2022 20:08:20 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
hal9000.redintelligence.net/retarget?a=42538&version=1&mode=img&redirected=1
138.201.84.252302 Found 0 B URL HTTP/1.1 hal9000.redintelligence.net/retarget?a=42538&version=1&mode=img&redirected=1
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /retarget?a=42538&version=1&mode=img&redirected=1 HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fc-moto.de/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=fd148fbcfbefba10
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 15:16:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=fd148fbcfbefba10; expires=Wed, 22-Feb-2023 15:16:15 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: //pixel.mathtag.com/event/img?mt_id=1406649&mt_adid=222954&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
opt.kuponacdn.de/mastertag_opt.js?v=000dbedbbbaf5e4d
3.68.62.31200 OK 1.7 kB URL HTTP/2 opt.kuponacdn.de/mastertag_opt.js?v=000dbedbbbaf5e4d
IP 3.68.62.31:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c82db532f8c4e567f421c3f15efca0c5
a8a0f6098c0301ce7bfe7b816debb9b3b5927841
1d00b500d7f00687f6831d2789396db65d1bb10fea76877752c36dd13a121809
GET /mastertag_opt.js?v=000dbedbbbaf5e4d HTTP/1.1
Host: opt.kuponacdn.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://retrack-kupona.kuponacdn.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/javascript
content-length: 1700
server: nginx/1.14.2
x-amz-id-2: aMkqI9a3Zih+2kiVytKKkcfS2DHdj428RtC0M789kT+rbzNsHZnVDAexetMwN1xdpDXKs/HnRY4=
x-amz-request-id: FJ6PDMFN3Z9QCJ4R
last-modified: Thu, 18 Feb 2021 16:01:58 GMT
etag: "c82db532f8c4e567f421c3f15efca0c5"
cache-control: public,max-age=7776000
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
api.cleverpush.com/channel/optin-visitor
104.26.15.31200 OK 63 B URL HTTP/2 api.cleverpush.com/channel/optin-visitor
IP 104.26.15.31:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2c5a457f256ca7f31164faf66e5bb22b
3ea41d08cc15359057f693164a69641013942185
f8f18f3d342804c279fd721eb0678666b5f517daa97ad199fd20b346dbdce793
POST /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fc-moto.de/
Content-Type: application/json
Origin: https://www.fc-moto.de
Content-Length: 54
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pSgOWhb3qKSg%2FOEh7z%2F3%2Flnf0Z4d6OnNjN85vZRH0CEjyoZVQSb6E7ZUqDfBKSXqtlfyjNiS2abZqkV8GLDWG4%2BjguwJ4t7meqkBV%2B%2BSlivbkxTsy758FBeWusbDAzpjtJH%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f31accf987fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
opt.kuponacdn.de/mastertag_opt.html?v=000dbedbbbaf5e4d&kp_customer_id=14588&kp_ref=https%3A%2F%2Fwww.fc-moto.de%2F
3.68.62.31200 OK 15 kB URL HTTP/2 opt.kuponacdn.de/mastertag_opt.html?v=000dbedbbbaf5e4d&kp_customer_id=14588&kp_ref=https%3A%2F%2Fwww.fc-moto.de%2F
IP 3.68.62.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303), with CRLF line terminators
Hash 2ab35d3550ea9f9e372de92abd73e8ab
2d8eecf0d0fd795dfbaf39c79db81f39498858a7
1e6e35a9034371564ac02fce5a1d190de7b1227aaeefb1de03fbec8a6ea46de3
GET /mastertag_opt.html?v=000dbedbbbaf5e4d&kp_customer_id=14588&kp_ref=https%3A%2F%2Fwww.fc-moto.de%2F HTTP/1.1
Host: opt.kuponacdn.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://retrack-kupona.kuponacdn.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: text/html
content-length: 14566
server: nginx/1.14.2
x-amz-id-2: GSccNddbUJZleGo/AUgVS/bk/VS1iuqsCAx+jAUTuiKZ6AoW5KnD5PLZvHwcNyBy+EnfBKttaeA=
x-amz-request-id: 60971199AA13A890
last-modified: Thu, 18 Feb 2021 16:02:41 GMT
etag: "2ab35d3550ea9f9e372de92abd73e8ab"
cache-control: public,max-age=7776000
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
opt.kuponacdn.de/mastertag_opt_conf.js?v=000dbedbbbaf5e4d
3.68.62.31200 OK 1.2 kB URL HTTP/2 opt.kuponacdn.de/mastertag_opt_conf.js?v=000dbedbbbaf5e4d
IP 3.68.62.31:0
File type ASCII text, with very long lines (891), with CRLF line terminators
Hash 1cc6a922fcf3ad2884aa7b2c44c6c8a7
2e71ff7506fa48899fc4dc90a3e598674675e24d
5fa521b3e20ac062a8790ed8634246afbdbd97a12b8ecf6b0f5ba1cf0b738c49
GET /mastertag_opt_conf.js?v=000dbedbbbaf5e4d HTTP/1.1
Host: opt.kuponacdn.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opt.kuponacdn.de/mastertag_opt.html?v=000dbedbbbaf5e4d&kp_customer_id=14588&kp_ref=https%3A%2F%2Fwww.fc-moto.de%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/javascript
content-length: 1229
server: nginx/1.14.2
x-amz-id-2: xEAXwvQGhUlNuxh7SKPmX4MFl7R0xKhMUwpls3+9SOx9rCuDvV3o7dh/v1wjPQz0OpqzBTnRB1Y=
x-amz-request-id: 8ABA10152058495D
last-modified: Thu, 18 Feb 2021 16:01:42 GMT
etag: "1cc6a922fcf3ad2884aa7b2c44c6c8a7"
cache-control: public,max-age=7776000
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6273
Cache-Control: max-age=89570
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:15 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 16:09:05 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 14:41:08 GMT
expires: Thu, 24 Nov 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 2107
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 07465bdc3d7098d739d2af16cb755dd2
d96ca49d9f920e708668d483af261a91114d035c
72cf4761060720d5ff948e62b3786d4a77ec7ade202e3237a41b622c56b63827
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1667
Cache-Control: max-age=111256
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:15 GMT
Etag: "637e93d4-139"
Expires: Fri, 25 Nov 2022 22:10:31 GMT
Last-Modified: Wed, 23 Nov 2022 21:42:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
webchannel-content.eservice.emarsys.net/customer/441007718/campaigns?url=https:%2F%2Fwww.fc-moto.de%2F&prev_url=&lang=no&ca=&uli=false
34.117.30.199200 OK 27 kB URL HTTP/2 webchannel-content.eservice.emarsys.net/customer/441007718/campaigns?url=https:%2F%2Fwww.fc-moto.de%2F&prev_url=&lang=no&ca=&uli=false
IP 34.117.30.199:0
Hash 44cfc8d4ddbe218328d3ec767f00cc40
051a6241ca4b39b9c0bfce4c1a282e064591ea7e
fa1a028b0265a5744245b87681e0b51175fd274ceafc029c643860410598060c
GET /customer/441007718/campaigns?url=https:%2F%2Fwww.fc-moto.de%2F&prev_url=&lang=no&ca=&uli=false HTTP/1.1
Host: webchannel-content.eservice.emarsys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
content-type: application/json
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/956041260/?random=1669302974945&cv=11&fst=1669302974945&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&auid=1698007569.1669302975&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&rfmt=3&fmt=4
142.250.74.98200 OK 945 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/956041260/?random=1669302974945&cv=11&fst=1669302974945&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&auid=1698007569.1669302975&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2063), with no line terminators
Hash b8b3ad721cbdabe2c0c8f985595da515
97d94cb9c7073173f1ae9559c82be176e4cf2042
355b0c10f77db99daef15fc25b7b3a57dedc430ba9f5ec7282f761857362c3cb
GET /pagead/viewthroughconversion/956041260/?random=1669302974945&cv=11&fst=1669302974945&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&auid=1698007569.1669302975&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 945
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:31:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070800967/?random=1669302974941&cv=11&fst=1669302974941&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&auid=1698007569.1669302975&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&rfmt=3&fmt=4
142.250.74.98200 OK 992 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1070800967/?random=1669302974941&cv=11&fst=1669302974941&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&auid=1698007569.1669302975&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2154), with no line terminators
Hash 4137d2475e4233995b1bc51144d55458
34fb0eec4fd15a857fd24370d3e666b5067b9465
74937592957afe6dc116d41a709e0603d8c8f3706debd7ddd8fd692b5aa80105
GET /pagead/viewthroughconversion/1070800967/?random=1669302974941&cv=11&fst=1669302974941&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&auid=1698007569.1669302975&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 992
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:31:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2cc602e7a83a9f7ee8c6d5bf8e12970e
9321cfea558844d877d41d10c2bf313c36745490
172a72821e740cbf3938517a04bc80ec06a66c24bb2e811333f05e7cb355bb79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1757
Cache-Control: max-age=171449
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Etag: "637f7e9c-1d7"
Expires: Sat, 26 Nov 2022 14:53:45 GMT
Last-Modified: Thu, 24 Nov 2022 14:24:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/956041260/?random=1669302974945&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2308118588&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/956041260/?random=1669302974945&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2308118588&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/956041260/?random=1669302974945&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2308118588&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1070800967/?random=1669302974941&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2555052930&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1070800967/?random=1669302974941&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2555052930&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1070800967/?random=1669302974941&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2555052930&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/956041260/?random=1669302974945&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2308118588&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/956041260/?random=1669302974945&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2308118588&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/956041260/?random=1669302974945&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2308118588&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1070800967/?random=1669302974941&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2555052930&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1070800967/?random=1669302974941&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2555052930&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1070800967/?random=1669302974941&cv=11&fst=1669302000000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=1MtjCIfrhwEQx8DM_gM&frm=0&url=https%3A%2F%2Fwww.fc-moto.de%2F&tiba=FC-Moto%20%E2%96%B7%20Motorsykkel%2C%20Outdoor%2C%20Vintersport%20og%20Sykling%20Shop&data=ecomm_pagetype%3Dstartpage%3Becomm_prodid%3D%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=2555052930&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash bd6296ec9daaa3e6ab202fa297b046d2
e445c212d58f4b056fa94af4874536155df6d319
0736f933641c57d8b8bf830ebcc29e65dbea9b926c2865fd5fbd02ea24ab1fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=164317
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Etag: "637f5047-13a"
Expires: Sat, 26 Nov 2022 12:54:53 GMT
Last-Modified: Thu, 24 Nov 2022 11:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45623427-1&cid=1564172431.1669302976&jid=624396490&gjid=439255212&_gid=829316197.1669302976&_u=YEBAAAAAAAAAACAAIg~&z=1503903260
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45623427-1&cid=1564172431.1669302976&jid=624396490&gjid=439255212&_gid=829316197.1669302976&_u=YEBAAAAAAAAAACAAIg~&z=1503903260
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45623427-1&cid=1564172431.1669302976&jid=624396490&gjid=439255212&_gid=829316197.1669302976&_u=YEBAAAAAAAAAACAAIg~&z=1503903260 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.fc-moto.de
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 15:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612593058584&cb=1669302976088&dep=5%2CEVENT_TAGS_ABSENT
23.38.200.197200 OK 381 B URL HTTP/2 ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612593058584&cb=1669302976088&dep=5%2CEVENT_TAGS_ABSENT
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash e1bee89eff7a40b07cdecf34867bbb2d
22ff8dc4102ec9e1096b1044ac4a42120d505cfd
ddcde22b896fc7d2691810c1463ab90c033f295c5322a1dc607e7b700207c1dd
GET /user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612593058584&cb=1669302976088&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1EazBabVJpTVRNdE1EbGxaUzAwTVRNeExXRTFNVFV0TkRZeU1ESmxaRFJsWlRWaQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.fc-moto.de
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 381
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1356187213437982
date: Thu, 24 Nov 2022 15:16:16 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669302976.3c6bc412
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
p.fc-moto.de/p/tgTrackingProxy/tp.php
116.203.65.47200 OK 704 B URL HTTP/2 p.fc-moto.de/p/tgTrackingProxy/tp.php
IP 116.203.65.47:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (512), with no line terminators
Hash 8bd1f62d40a720ef513e7044963a29a9
fd17a592a2e5ff347b54f45d6869005465b97865
54efc39891bb78b214316a00e0e00a80f4496c8382eb513a010eaedbece56dcd
POST /p/tgTrackingProxy/tp.php HTTP/1.1
Host: p.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 716
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Thu+Nov+24+2022+15%3A16%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.12.0&hosts=&consentId=fbe2121f-69cc-4a93-83bd-7e7278a9f753&interactionCount=0&landingPath=https%3A%2F%2Fwww.fc-moto.de%2F&groups=C0001%3A1%2CC0010%3A1%2CC0003%3A1%2CC0004%3A1%2CC0011%3A1%2CC0012%3A1; _gcl_au=1.1.1698007569.1669302975
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www.fc-moto.de
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2612593058584&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fc-moto.de%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669302976088
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2612593058584&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fc-moto.de%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669302976088
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2612593058584&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fc-moto.de%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669302976088 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
referrer-policy: origin
x-pinterest-rid: 1634857507261977
date: Thu, 24 Nov 2022 15:16:16 GMT
akamai-grn: 0.274f2417.1669302976.3c6bc419
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 245f3534ec41aef0381bc271d5ea28f9
91fbad206b43df490e22329adcdb4d08213e4d5e
bf3e5742b5ea9e9bf8120037d73357893661acd71c870e74b42a6d22e60c527e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 15:16:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 28 Nov 2022 12:37:08 GMT
ETag: "91fbad206b43df490e22329adcdb4d08213e4d5e"
Last-Modified: Thu, 24 Nov 2022 12:37:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1124
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f31ad3aee30b02-OSL
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 5
referrer-policy: origin
x-pinterest-rid: 1029593242204899
date: Thu, 24 Nov 2022 15:16:16 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669302976.3c6bc60c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612593058584&cb=1669302976202&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fc-moto.de%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612593058584&cb=1669302976202&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fc-moto.de%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612593058584&cb=1669302976202&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fc-moto.de%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
referrer-policy: origin
x-pinterest-rid: 1562213443409160
date: Thu, 24 Nov 2022 15:16:16 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZXZlVXM29hZHNqZnNoUDhlWnZrWlJmUzIyVTJCZzVhRHlucG9SMkM4a2xmeEw5SUp5dGt6NWRQRHZYcnJVMHowK0RheVgwdnhsbzNKSWpTVlMvVDlIUmRCVytlME1HSUF4K01YRXJKdktPST0mQkg4UXFCYzNpTXYyV2xuT3l2RDhCMFBiWDZvPQ=="; Expires=Fri, 24 Nov 2023 15:16:16 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1669302976.3c6bc681
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1916308201952347&ev=PageView&dl=https%3A%2F%2Fwww.fc-moto.de%2F&rl=&if=false&ts=1669302976160&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669302976159.741009782&it=1669302975719&coo=false&eid=fbevid1669302974969191s33731769658158&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1916308201952347&ev=PageView&dl=https%3A%2F%2Fwww.fc-moto.de%2F&rl=&if=false&ts=1669302976160&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669302976159.741009782&it=1669302975719&coo=false&eid=fbevid1669302974969191s33731769658158&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1916308201952347&ev=PageView&dl=https%3A%2F%2Fwww.fc-moto.de%2F&rl=&if=false&ts=1669302976160&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669302976159.741009782&it=1669302975719&coo=false&eid=fbevid1669302974969191s33731769658158&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 15:16:16 GMT
X-Firefox-Spdy: h2
mastertag.kpcustomer.de/?custid=14588&kp_load_heias_pixel=0&kp_load_neory_pixel=1&kp_load_piggybacks=1&kp_load_conversiontags=0&kp_load_on_valid_product_id_only=0&kp_site=startpage&kp_queries=cbp&kp_uses_full_category=0&t=3317475929223567000
34.253.54.209200 OK 176 B URL HTTP/2 mastertag.kpcustomer.de/?custid=14588&kp_load_heias_pixel=0&kp_load_neory_pixel=1&kp_load_piggybacks=1&kp_load_conversiontags=0&kp_load_on_valid_product_id_only=0&kp_site=startpage&kp_queries=cbp&kp_uses_full_category=0&t=3317475929223567000
IP 34.253.54.209:0
File type ASCII text, with no line terminators
Hash a981a2e052b0bed9050ef2fbd66f1ab7
c7958e410f91de385ec833d32c328cd47fd62ede
eca1b340bf782bb77a9c4d82e13191b813fe03705c78c00a75eeb09cb6f76f73
GET /?custid=14588&kp_load_heias_pixel=0&kp_load_neory_pixel=1&kp_load_piggybacks=1&kp_load_conversiontags=0&kp_load_on_valid_product_id_only=0&kp_site=startpage&kp_queries=cbp&kp_uses_full_category=0&t=3317475929223567000 HTTP/1.1
Host: mastertag.kpcustomer.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://retrack-kupona.kuponacdn.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: application/javascript
content-length: 176
server: nginx/1.9.6
x-powered-by: Express
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
kp-uuid: 0
is-bot: 0
kp-piggybacks: 1
kp-publishers: 18447,14588,14588-1736,40478,3321,49948,49948-1736
etag: "1860994466"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash d4daf1dfe64a0efc5307761240844950
5b7380b1249c7ba65c5d3cf3ef7db0a0aa0f87fa
26330bc9faf9f88ea49947d9253df1ba70c061730a628813391dc9b7d946e74f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Last-Modified: Thu, 24 Nov 2022 13:29:54 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=0ItnUF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJOJTJGJTJGakNwc1hHNGdCeXZvUm00YmclMkZxWVh0bFMzd2I5dSUyRjMlMkJ3Tk1XVkh4; expires=Tue, 19 Dec 2023 15:16:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 258760
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1d08f7fbe6aed6d8ba415a8f14d609af
6afb73c7fa74c2f1d99f67c468da8e16e7b9ebec
18e1fed8a1e67f690011be914294e252f800175c4550cb3af93a631fa7eaeff0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Last-Modified: Thu, 24 Nov 2022 14:49:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1d08f7fbe6aed6d8ba415a8f14d609af
6afb73c7fa74c2f1d99f67c468da8e16e7b9ebec
18e1fed8a1e67f690011be914294e252f800175c4550cb3af93a631fa7eaeff0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1667
Cache-Control: max-age=155552
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Etag: "637f40dd-13a"
Expires: Sat, 26 Nov 2022 10:28:48 GMT
Last-Modified: Thu, 24 Nov 2022 10:01:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7dd014d15e688837e6648e02ffb2d72e
873df827d32872cc237acdf35272bcf3769690a1
2aaec05bb3663336374697fe259f2a372d1d22d56773ed92dd2842324ad74b78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gem.gbc.criteo.com/newidsd
178.250.6.54200 OK 40 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.54:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 494ae7a5ca07f683ad7a14d8e1c46699
3d1a884d228c73cdd6d0c180ef5fd82b28d7f6cd
9157364f7335dea333af6ac448a6198e99c8ddb7cc872e3ce66ec707ff1f6ddf
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 77766
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2d0f5964676e93d723a46b698a62b3d
bbb25064c78032c06fbf8af11e3018f33d27f6a3
16206ea58096fed9731349cd1c02b70f68fec72cd86d82b1b60dc043e253b99a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16206EA58096FED9731349CD1C02B70F68FEC72CD86D82B1B60DC043E253B99A"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17335
Expires: Thu, 24 Nov 2022 20:05:11 GMT
Date: Thu, 24 Nov 2022 15:16:16 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7dd014d15e688837e6648e02ffb2d72e
873df827d32872cc237acdf35272bcf3769690a1
2aaec05bb3663336374697fe259f2a372d1d22d56773ed92dd2842324ad74b78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.ad-srv.net/retarget?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items=
88.99.165.19302 Found 0 B URL HTTP/1.1 ad.ad-srv.net/retarget?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items=
IP 88.99.165.19:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /retarget?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items= HTTP/1.1
Host: ad.ad-srv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://retrack-kupona.kuponacdn.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 15:16:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: pwzdy6wsn8n7_uid=6d0e0f9b77c5160a; expires=Wed, 22-Feb-2023 15:16:16 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location: ?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items=&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/
142.250.74.130302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://retrack-kupona.kuponacdn.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/
216.58.207.194200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9857957;type=invmedia;cat=marki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4053800609987.0894;~oref=https://retrack-kupona.kuponacdn.de/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://retrack-kupona.kuponacdn.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:16:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.ad-srv.net/retarget?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items=&redirected=1
88.99.165.19200 OK 338 B URL HTTP/1.1 ad.ad-srv.net/retarget?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items=&redirected=1
IP 88.99.165.19:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9b4dfd7532feacbca30c8858f11f5ca8
f6ac32c59905a5b31f72042d8e4ca7bad1f2bcee
6a78f6315db75dc19c728b579addc1fbae35aa7186283845a6cdb8dc8207c28f
GET /retarget?a=49948&version=1&event=view&cat=16420&gdpr=0&gdpr_consent=&segment=&items=&redirected=1 HTTP/1.1
Host: ad.ad-srv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://retrack-kupona.kuponacdn.de/
Connection: keep-alive
Cookie: pwzdy6wsn8n7_uid=6d0e0f9b77c5160a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 15:16:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: pwzdy6wsn8n7_uid=6d0e0f9b77c5160a; expires=Wed, 22-Feb-2023 15:16:17 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 338
Connection: close
Content-Type: text/html; charset=UTF-8
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.ad-srv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 24 Nov 2022 01:07:28 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W_IqepzM2VdbNGQtw7tQAXwGhUfTQLRQKeMY_K361Ok5cVitx-uk3w==
Age: 50930
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60258dcaa6d9afc4bfb6d21a63a592db
76d29d03caffd13932dc90bcda32c7955ef6a411
ec5c9a0eafdf97b91c622ef8faf15158fb10fee1bc4db145833feefbfdd81b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC5C9A0EAFDF97B91C622EF8FAF15158FB10FEE1BC4DB145833FEEFBFDD81B2C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3238
Expires: Thu, 24 Nov 2022 16:10:15 GMT
Date: Thu, 24 Nov 2022 15:16:17 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-6XwE101Jeg6caUWuy4E109fDMJT8kLwy6AIhug
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-6XwE101Jeg6caUWuy4E109fDMJT8kLwy6AIhug
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-6XwE101Jeg6caUWuy4E109fDMJT8kLwy6AIhug HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60258dcaa6d9afc4bfb6d21a63a592db
76d29d03caffd13932dc90bcda32c7955ef6a411
ec5c9a0eafdf97b91c622ef8faf15158fb10fee1bc4db145833feefbfdd81b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC5C9A0EAFDF97B91C622EF8FAF15158FB10FEE1BC4DB145833FEEFBFDD81B2C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3238
Expires: Thu, 24 Nov 2022 16:10:15 GMT
Date: Thu, 24 Nov 2022 15:16:17 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9c9fcc8a4e3c5f2bd5bff5d33385dc76
ce22c8ddf0fa1f3118db865d0cf01e003ca3d091
c1c33db8d78970ab2f7be07deac1c36824404180c8737c107bb44eec386a4d49
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142585
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637efea6-1d7"
Expires: Sat, 26 Nov 2022 06:52:42 GMT
Last-Modified: Thu, 24 Nov 2022 05:18:30 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Na7NYqKTGtUS7j4il8U5Qs8-O_xFe2ueZOA6O8u_XWuLVP-uYPCQpA==
Age: 5652
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 1006978
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jLwwhE1Jeg6caUWuy4E109fDMJSzaQgozSuM0g
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jLwwhE1Jeg6caUWuy4E109fDMJSzaQgozSuM0g
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-jLwwhE1Jeg6caUWuy4E109fDMJSzaQgozSuM0g HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3123045773580284000V10; Expires=Fri, 24 Nov 2023 15:16:17 GMT; domain=.media.net; Path=/;
data-c-ts=1669302977;Expires=Sat, 24 Dec 2022 15:16:17 GMT;path=/;domain=.media.net;
data-c=k-jLwwhE1Jeg6caUWuy4E109fDMJSzaQgozSuM0g~~3;Expires=Sat, 24 Dec 2022 15:16:17 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 24 Nov 2022 15:16:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 15:16:17 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ
142.250.74.66302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 43627cd9cb4f429d26a53c5b2a003c7a
78dd148fdb79834f8e82176c4ee518da7f449460
6d843e79d9fa3a30c12f28e9e6341a5b1b363867e15484beb612e541a5ba25dc
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm=&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ&google_tc=
date: Thu, 24 Nov 2022 15:16:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:31:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2
15.197.193.217200 OK 471 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2
IP 15.197.193.217:0
Hash 86776344fc6dd826ff48ca2f315dec8a
23054ddd051e653c90cc3232bbe1ecb88820b29a
7a6a778b4a383d8385e3843a7fd1ad88a5e7182d5627740511dd2c83a6f264c1
GET /track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.ad-srv.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm=&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ&google_tc=
142.250.74.66302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm=&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ&google_tc=
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 3271baebe4dba957214149d5ce7bebcd
7643a7e274070528548c44eb3eec2c2f03de5673
07313957f9983ca992e63130fe9d8034b6ed932d114925d28f1216102099a674
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_cm=&google_hm=ay1YUGF6dUUxSmVnNmNhVVd1eTRFMTA5ZkRNSlFZWGFUWGZVanVSUQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_error=3
date: Thu, 24 Nov 2022 15:16:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 15:16:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: a4543d20-340d-47cb-a274-baa0172c2a90
Set-Cookie: uuid2=6163746289075664315; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 15:16:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x.bidswitch.net/sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30
52.28.76.191302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30
IP 52.28.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=9e92bc08-75bd-4282-b09b-edaeb037dc9b; path=/; expires=Fri, 24-Nov-2023 15:16:17 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669302977; path=/; expires=Fri, 24-Nov-2023 15:16:17 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669302977; path=/; expires=Fri, 24-Nov-2023 15:16:17 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669302977; path=/; expires=Fri, 24-Nov-2023 15:16:17 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash c10f8c32732eb516be8f42938d780535
e9f55071168dde3f1667e1b6630905d3bf95c863
3008b69ea6d7683eeb50576aaea94cf9c1f5fd0542dadd28f4309891e2165bb7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136459
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637efa7e-1d7"
Expires: Sat, 26 Nov 2022 05:10:36 GMT
Last-Modified: Thu, 24 Nov 2022 05:00:46 GMT
Server: ECS (dcb/7F3C)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YnTYt9Le91Iurd75UqddsEjesa_SuRQoVwXkL9XQyr88lpuvSczaBQ==
Age: 590
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c289bcb2d22c912d781279e16dd9ea30
3cae3ea21540f9bcf1998f7cea7844bf7c33bd69
aff014398aa6e2cab3e595b33dc536e596124078d09a6c55c0fe8465aa42480a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5668
Cache-Control: max-age=112044
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637e8749-118"
Expires: Fri, 25 Nov 2022 22:23:41 GMT
Last-Modified: Wed, 23 Nov 2022 20:49:13 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
insight.adsrvr.org/track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4
15.197.193.217302 Found 324 B URL HTTP/2 insight.adsrvr.org/track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4
IP 15.197.193.217:0
Hash 6338151574b644e16b2313d7795bddf6
5bd7b1e82a58713a803c686300ed62c825993b5d
0fbfcafcd846f76e3a2a23bb3e2b126408152039b895cada605cc212a2fb8148
GET /track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=d6d1fd87-6128-42a6-92da-15fddd6d8527; domain=.adsrvr.org; expires=Fri, 24-Nov-2023 15:16:17 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30
52.28.76.191200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30
IP 52.28.76.191:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-rfHMgk1Jeg6caUWuy4E109fDMJQNqgbyBXt8fA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Gj-uMU1Jeg6caUWuy4E109fDMJTwv_CS04zlTw
35.157.229.218204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Gj-uMU1Jeg6caUWuy4E109fDMJTwv_CS04zlTw
IP 35.157.229.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Gj-uMU1Jeg6caUWuy4E109fDMJTwv_CS04zlTw HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 15:16:17 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6106238b7557ccdfb37e30571a4cddd0
f8c6aa9837f33318ce05482e9a8b63746437710b
7fefccd99a48308cee65aac1de81f007c46cc0770be346529b9a7724470bc154
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5921
Cache-Control: max-age=127762
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637ec3b2-1d7"
Expires: Sat, 26 Nov 2022 02:45:39 GMT
Last-Modified: Thu, 24 Nov 2022 01:06:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg&C=1
cf-ray: 76f31adada90b4ed-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y3.KwRpHSmwrRKWVo3KvqgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 24 Nov 2023 15:16:17 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1835; Path=/; Domain=casalemedia.com; Expires=Wed, 22 Feb 2023 15:16:17 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1835; Path=/; Domain=casalemedia.com; Expires=Wed, 22 Feb 2023 15:16:17 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph8KCIw%2Bb24SSbHSmcimkAzbZMVKBfwFanFFK%2FzaTYz2aoSbDr5U4NmFEE1NWdbYiXdEEbeKjyNNOum3F0W%2FdvKRt45otoWAFB9tHj6vISMH9mM85DOCo3l5Z01MISvN8bpE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ebfc7cbd74089324a63ee2fbd512c436
4dd817c8cd4f918bd3bba8b4e9c7157f2d42e7b7
e0411c1f91e7f52f3be5fc42ef0b3778e4bd1c7e7bc17d669ce7b853e3fa3590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5476
Cache-Control: max-age=145317
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637f0a02-1d7"
Expires: Sat, 26 Nov 2022 07:38:14 GMT
Last-Modified: Thu, 24 Nov 2022 06:06:58 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 269daeccc73eda2c3691db3dc5efbbb4
16d9fd5c3a5451574f8786bf64cb5b40fd03cd68
5f6df29fc9a421a3aa07c9358a46a6312bffbe219aafd4132d9ab38c4fb0e0be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Last-Modified: Thu, 24 Nov 2022 14:27:06 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
37.252.171.53302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 15:16:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 71627317-1954-4008-a00c-cc59338d481c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-CKOSe01Jeg6caUWuy4E109fDMJRTooJ853MhEg&expires=30
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-CKOSe01Jeg6caUWuy4E109fDMJRTooJ853MhEg&expires=30
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-CKOSe01Jeg6caUWuy4E109fDMJRTooJ853MhEg&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 268dba7e088444ec60a00e22179bb279
9f0e2354da358bd889ac182941c7d534c14fcbad
10a56e73a9bcda9a3939f262316d4ad67a7e68cf980491dbae3d732ef7642c13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6530
Cache-Control: max-age=91624
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637e3427-1d7"
Expires: Fri, 25 Nov 2022 16:43:21 GMT
Last-Modified: Wed, 23 Nov 2022 14:54:31 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 8f95964d3de7b251291347f52eadc0fa
c39a42df4a24153b8f2aac828f8e30f9a724fc1a
612438addb46ea6b3edae579f938eeca02b8d5a96b1db38e237fa28bf27745fe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 15:16:17 GMT
Last-Modified: Thu, 24 Nov 2022 14:00:05 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KFuE7o9lFdv1gR89ZvVyafOpafvFDhYSfTSfk6gzn_jhXZj_JRSClg==
Age: 4572
insight.adsrvr.org/track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1
15.197.193.217302 Found 344 B URL HTTP/2 insight.adsrvr.org/track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1
IP 15.197.193.217:0
Hash 827866c029d2340704df9b34e69f712e
77af7bec7a056348e5d76a21e9cbfe68fd1701c3
f327e6b73eadbe946d44217e6faedcd818614a4260a1002b45a91e2f6d25e527
GET /track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=c0a4a2b3-6ec9-4949-b57b-090359839bf6; domain=.adsrvr.org; expires=Fri, 24-Nov-2023 15:16:17 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-g7j2vU1Jeg6caUWuy4E109fDMJQ8MGvTq3MTwg&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: image/gif
content-length: 43
cf-ray: 76f31adb2b15b4ed-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB%2Fa7Ke%2Ft%2BgkJddcGbrDB6AlXBylGqE%2F5z3gjS9rvWz7oqf7mG87mq7kDLsCmveoefq2P4havPTntHnsOGblkIQRbyERyRcC0%2FHP60BKU5WxC5fCbvyX2dJ6AJIiGHPmyzk0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 30b93830c5f8003d39d3702fc4f896c6
c91d8a65f328f004278fa2504c9647ea8ec8c272
e2f5440341522c1ab3acfbcf0f8ef8391ea515bec8c08fdf95352ba0b6b95abf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3837
Cache-Control: max-age=90011
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637e385f-1d7"
Expires: Fri, 25 Nov 2022 16:16:28 GMT
Last-Modified: Wed, 23 Nov 2022 15:12:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NdPEQ01Jeg6caUWuy4E109fDMJS21t7fnIXMJQ
185.86.139.114200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NdPEQ01Jeg6caUWuy4E109fDMJS21t7fnIXMJQ
IP 185.86.139.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-NdPEQ01Jeg6caUWuy4E109fDMJS21t7fnIXMJQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 24 Nov 2022 15:16:16 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=1967253068164813967; expires=Sun, 24 Dec 2023 15:16:17 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 24 Dec 2023 15:16:17 GMT; domain=smartadserver.com; path=/
csync=79:k-NdPEQ01Jeg6caUWuy4E109fDMJS21t7fnIXMJQ; expires=Fri, 24 Nov 2023 15:16:17 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc118bae963b381ce5450890130ecf15
9355a16a81b11e024dd2c5c0024aba1121fff925
cb5bc2cc49e05c133434eeb725690b3e32a0d3c6b75074582f941eee3bf7e1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9828
x-amzn-requestid: bf2f8429-416d-40d4-a237-7593ee26c27a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEv0KHywIAMFvtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e934d-349e1dcc595b1be906a83577;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bQcpPUgu6eN6PQeLMGWwBlf01iHj77_aXHjKmh8SH7HsWlUX6kipDg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 62334
etag: "9355a16a81b11e024dd2c5c0024aba1121fff925"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
52.50.158.189302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 52.50.158.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=60277333888925233782712981252617298648; Max-Age=15552000; Expires=Tue, 23 May 2023 15:16:17 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jqOik+5BQMQ=
Content-Length: 0
Connection: keep-alive
ad.yieldlab.net/m?dt_id=8664&ext_id=k-mWqpJU1Jeg6caUWuy4E109fDMJRQnSaSEnA56Q
23.61.208.154204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-mWqpJU1Jeg6caUWuy4E109fDMJRQnSaSEnA56Q
IP 23.61.208.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-mWqpJU1Jeg6caUWuy4E109fDMJRQnSaSEnA56Q HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 23 Nov 2022 15:16:17 GMT
Date: Thu, 24 Nov 2022 15:16:17 GMT
Connection: keep-alive
Set-Cookie: id=19509e47-7310-4fc8-aed9-f1edc6a465a3; Path=/; Domain=yieldlab.net; Expires=Fri, 24-Nov-2023 15:16:17 GMT; Max-Age=31536000; Secure; SameSite=None
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d15634914c802f61f511987be5a1f647
71e93b7a597fceddff42bd68fb75861ac2f8abce
5a3bcfd1e22d1bbfd40500b483e22b96f7eba33c15123ea1ff33bb65a3a8c6b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A3BCFD1E22D1BBFD40500B483E22B96F7EBA33C15123EA1FF33BB65A3A8C6B0"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18934
Expires: Thu, 24 Nov 2022 20:31:51 GMT
Date: Thu, 24 Nov 2022 15:16:17 GMT
Connection: keep-alive
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA
18.197.178.227302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA
IP 18.197.178.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA
set-cookie: tuuid=6d40e6ba-d1d5-417c-996b-dccabdd4c769; Expires=Wed, 22 Feb 2023 15:16:17 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1669302977; Expires=Wed, 22 Feb 2023 15:16:17 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b8950887e4a6bc5532a786a2018e6ff
0e475765fff5cf24b0939887d29fa2f010098726
a23a642e1b716feec565dfa8cdb844530af49c0bb8f555b6bc47677ccacc11f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5649
Cache-Control: max-age=158065
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637f3b21-1d7"
Expires: Sat, 26 Nov 2022 11:10:42 GMT
Last-Modified: Thu, 24 Nov 2022 09:36:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBMGKf2MCEBGdEP5eKdYTUVUUBssjUeEFEgEBAQHcgGOJYwAAAAAA_eMAAA&S=AQAAAlCPeu1YxtKIfCuyPJvrZ8o; Expires=Fri, 24 Nov 2023 21:16:17 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c289bcb2d22c912d781279e16dd9ea30
3cae3ea21540f9bcf1998f7cea7844bf7c33bd69
aff014398aa6e2cab3e595b33dc536e596124078d09a6c55c0fe8465aa42480a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: max-age=109415
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637e8749-118"
Expires: Fri, 25 Nov 2022 21:39:52 GMT
Last-Modified: Wed, 23 Nov 2022 20:49:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash d451e227869c10fecdf35081940bf550
e1ac7b9aec55adc792987e67f4631f800c7a7c56
1471b6fa55f24be2015f7067e94c3a70d3b84ff2a48d7ceab9f634efc38b4e8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 15:16:17 GMT
Last-Modified: Thu, 24 Nov 2022 14:29:31 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oj7H65SsTqFrzkN0szUr-R3FSkCoYnPal81032DGhtDAdfcEUMIKaw==
Age: 2806
id5-sync.com/s/966/9.gif?puid=k-xp6kl01Jeg6caUWuy4E109fDMJTc9GS_CLZoKQ
162.19.138.119200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-xp6kl01Jeg6caUWuy4E109fDMJTc9GS_CLZoKQ
IP 162.19.138.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-xp6kl01Jeg6caUWuy4E109fDMJTc9GS_CLZoKQ HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 24-Nov-2022 15:21:17 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 24-Nov-2022 15:21:17 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 24-Nov-2022 15:21:17 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 24-Nov-2022 15:21:17 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 24-Nov-2022 15:21:17 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 24-Nov-2022 15:21:17 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 24 Nov 2022 15:16:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw&KRTB&23144-uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw&KRTB&23286-uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw&KRTB&23287-uid:k-_kbHlE1Jeg6caUWuy4E109fDMJR7eGc_TI9xqw; domain=pubmatic.com; secure; expires=Sat, 24-Dec-2022 15:16:16 GMT; path=/
PugT=1669302976; domain=pubmatic.com; secure; expires=Sat, 24-Dec-2022 15:16:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA
18.197.178.227200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA
IP 18.197.178.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZGlH6E1Jeg6caUWuy4E109fDMJQ0FFOLWH_tNA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw&verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw&verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-7xfLQU1Jeg6caUWuy4E109fDMJT3R_PIc4N_pw&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 15:16:17 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBMGKf2MCEKyv1yDp22p22rWcAv7E8c8FEgEBAQHcgGOJYwAAAAAA_eMAAA&S=AQAAAiivDGjJa3yRbElb2lFl57Q; Expires=Fri, 24 Nov 2023 21:16:17 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
52.50.158.189200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 52.50.158.189:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: RCm855ZuS+c=
Content-Length: 59
Connection: keep-alive
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dRaJ2E1Jeg6caUWuy4E109fDMJRRpZKcc6MBoLMRUKEPA2--
3.66.98.174200 OK 57 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dRaJ2E1Jeg6caUWuy4E109fDMJRRpZKcc6MBoLMRUKEPA2--
IP 3.66.98.174:0
Hash 971b2ca88b865f63607de43e075885eb
3e19632436326138584a55a534d67d27f7758f6d
7c574d394792bd0c07f26488e456e30a06440062504d1e19fe3f51156836fa72
GET /usersync/push?partner=criteo&partnerId=k-dRaJ2E1Jeg6caUWuy4E109fDMJRRpZKcc6MBoLMRUKEPA2-- HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22f176f050-6c0a-11ed-a470-6d26758e3e40%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 15:16:17 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22f176f050-6c0a-11ed-a470-6d26758e3e40%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 15:16:17 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22f176f050-6c0a-11ed-a470-6d26758e3e40%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 15:16:17 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22f176f050-6c0a-11ed-a470-6d26758e3e40%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 08 Dec 2022 15:16:17 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-dRaJ2E1Jeg6caUWuy4E109fDMJRRpZKcc6MBoLMRUKEPA2--%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 08 Dec 2022 15:16:17 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZHxePk1Jeg6caUWuy4E109fDMJQdo3gBNzYC4g
64.202.112.159200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZHxePk1Jeg6caUWuy4E109fDMJQdo3gBNzYC4g
IP 64.202.112.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-ZHxePk1Jeg6caUWuy4E109fDMJQdo3gBNzYC4g HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 15:16:17 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 033a1515446183ce3025536c4cf9a73e
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 826da14cffa2bc6cf62e79d2cd1bbf35
78e927e01a66541a451d64e71adb45c6ee5f1cdf
33d453e77b6404ae54df56a261601a03c5e1aa625164a2fdcb09da2421aed6b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2978
Cache-Control: max-age=129113
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:16:18 GMT
Etag: "637ed479-116"
Expires: Sat, 26 Nov 2022 03:08:11 GMT
Last-Modified: Thu, 24 Nov 2022 02:18:33 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 43 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 558444
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 8d3e0eb4f3a8994c4afcc9bb03a1c8a9
66e7d69e546add93a8ca6d68f1ef818f8db18b77
fb0d91278a6f08f872b0e560a341edea1ce8a113954d005d6544d676c4ca966a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99693
Date: Thu, 24 Nov 2022 15:16:17 GMT
Etag: "637e54a9-1d7"
Expires: Fri, 25 Nov 2022 18:57:50 GMT
Last-Modified: Wed, 23 Nov 2022 17:13:13 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ggrUsdZn4ZUovdrCfhALJzUSkLFn3Qu01UtfLDCHSiA1fmWykxF5Lg==
Age: 6277
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fef181349a0dd9c4320c1fe7bbdce92b
338f720af51516010986d28d5b450f5fee08ad39
bb671ecb45dbfcd9216e90c5fa89ab966468b5979d091f62f4299185b314108d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 15:16:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:11:52 GMT
Expires: Wed, 30 Nov 2022 03:11:51 GMT
Etag: "338f720af51516010986d28d5b450f5fee08ad39"
Cache-Control: max-age=474333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f31adb7e85b524-OSL
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 359404
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash bde98f8e3fafdcd8a893414c5aa660a5
79beec2b93940a05ad28760f6e5656deb9f89b4f
d8222bcc3e40bf5f6b315afa47cb6f7f7d4f7b3ca1d667bbb43cc636da13f319
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163567
Date: Thu, 24 Nov 2022 15:16:18 GMT
Etag: "637f5d05-1d7"
Expires: Sat, 26 Nov 2022 12:42:25 GMT
Last-Modified: Thu, 24 Nov 2022 12:01:09 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZUJdi5NaUo0nis6Qnjbppjb3krMs4QOiSYyvUwWXXSACsmIVJHGCvA==
Age: 2476
ag.gbc.criteo.com/newidsd
178.250.6.106200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.106:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 107399
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4
15.197.193.217200 OK 0 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4
IP 15.197.193.217:0
GET /track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=4 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.ad-srv.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=fc-moto.de&sn=FirefoxSyncframe&so=0&topUrl=www.fc-moto.de&info=C3koa180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJOJTJGJTJGakNwc1hHNGdCeXZvUm00YmclMkIzMEhwdTdwS0h4cnBIUEYlMkZyNDlGVA&idsd=-651095151,-1523531339&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=fc-moto.de&sn=FirefoxSyncframe&so=0&topUrl=www.fc-moto.de&info=C3koa180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJOJTJGJTJGakNwc1hHNGdCeXZvUm00YmclMkIzMEhwdTdwS0h4cnBIUEYlMkZyNDlGVA&idsd=-651095151,-1523531339&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=onetag&domain=fc-moto.de&sn=FirefoxSyncframe&so=0&topUrl=www.fc-moto.de&info=C3koa180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJOJTJGJTJGakNwc1hHNGdCeXZvUm00YmclMkIzMEhwdTdwS0h4cnBIUEYlMkZyNDlGVA&idsd=-651095151,-1523531339&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.fc-moto.de&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1381006
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-9Rg19U1Jeg6caUWuy4E109fDMJSjKFhyYMdOuw
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-9Rg19U1Jeg6caUWuy4E109fDMJSjKFhyYMdOuw
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-9Rg19U1Jeg6caUWuy4E109fDMJSjKFhyYMdOuw HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:17 GMT
x-fastly-to-nlb-rtt: 22363
access-control-allow-credentials: true
X-Firefox-Spdy: h2
p.fc-moto.de/p/tgTrackingProxy/tp.php
116.203.65.47200 OK 0 B URL HTTP/2 p.fc-moto.de/p/tgTrackingProxy/tp.php
IP 116.203.65.47:0
ASN #24940 Hetzner Online GmbH
POST /p/tgTrackingProxy/tp.php HTTP/1.1
Host: p.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 903
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Thu+Nov+24+2022+15%3A16%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.12.0&hosts=&consentId=fbe2121f-69cc-4a93-83bd-7e7278a9f753&interactionCount=0&landingPath=https%3A%2F%2Fwww.fc-moto.de%2F&groups=C0001%3A1%2CC0010%3A1%2CC0003%3A1%2CC0004%3A1%2CC0011%3A1%2CC0012%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www.fc-moto.de
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
analytics.webgains.io/clk.min.js
143.204.55.46200 OK 0 B URL HTTP/2 analytics.webgains.io/clk.min.js
IP 143.204.55.46:0
GET /clk.min.js HTTP/1.1
Host: analytics.webgains.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 23 Nov 2022 18:46:43 GMT
etag: W/"7141e9bbef032b9cc2d8c2abd6b54515"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k0IZLy6Kd99Ov7iXJwyGeLYRFHfdRiswsT9sPVAWOpjGFxYwmyWmng==
age: 73773
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.2.130:0
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Fri, 25 Nov 2022 15:16:15 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=0ItnUF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJOJTJGJTJGakNwc1hHNGdCeXZvUm00YmclMkZxWVh0bFMzd2I5dSUyRjMlMkJ3Tk1XVkh4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=C3koa180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJOJTJGJTJGakNwc1hHNGdCeXZvUm00YmclMkIzMEhwdTdwS0h4cnBIUEYlMkZyNDlGVA; expires=Tue, 19 Dec 2023 15:16:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 248503
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.globalconsumerwinner.com/redirect-simple?ci=193&c=no&m_c_r=best
137.74.65.7200 OK 0 B URL HTTP/2 www.globalconsumerwinner.com/redirect-simple?ci=193&c=no&m_c_r=best
IP 137.74.65.7:0
GET /redirect-simple?ci=193&c=no&m_c_r=best HTTP/1.1
Host: www.globalconsumerwinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 24 Nov 2022 15:16:11 GMT
content-type: text/html; charset=UTF-8
x-frame-options: *
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.fc-moto.de&origin=onetag
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.fc-moto.de&origin=onetag
IP 178.250.2.146:0
GET /syncframe?topUrl=www.fc-moto.de&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d4f5bdb3-9aaa-4ee6-9cbb-0de866f1c393; expires=Tue, 19 Dec 2023 15:16:16 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 879059
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
p.fc-moto.de/p/tgTrackingProxy/tp.php
116.203.65.47200 OK 0 B URL HTTP/2 p.fc-moto.de/p/tgTrackingProxy/tp.php
IP 116.203.65.47:0
ASN #24940 Hetzner Online GmbH
POST /p/tgTrackingProxy/tp.php HTTP/1.1
Host: p.fc-moto.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Thu+Nov+24+2022+15%3A16%3A17+GMT%2B0000+(Coordinated+Universal+Time)&version=6.12.0&hosts=&consentId=fbe2121f-69cc-4a93-83bd-7e7278a9f753&interactionCount=1&landingPath=https%3A%2F%2Fwww.fc-moto.de%2F&groups=C0001%3A1%2CC0010%3A1%2CC0003%3A1%2CC0004%3A1%2CC0011%3A1%2CC0012%3A1; _gcl_au=1.1.1698007569.1669302975; scarab.visitor=%22199DF51383D93F2B%22; _ga=GA1.2.1564172431.1669302976; _gid=GA1.2.829316197.1669302976; _gat_TR0=1; _fbp=fb.1.1669302976159.741009782; _pin_unauth=dWlkPU1USmlaVFJrTm1JdFpEQTBNaTAwTkdabUxXRTNaVGd0TnpWa01XVmhOalptTUdWag; cto_bundle=6x1QBV8xTGpWeGVmaDNBTWxTODdlMHh0YmE4d1VPS1ZaenZiZ3EzQ0lBWmdjOU9sakxFc2lZYlNXN3YybWNlJTJCaXZWb0RLZ1k5OTRzNFdJbjZHVXlQUXlTbm9nMEFTR0kxN1JMRDV5NzVUV1NoYWFQUHV4WXRHcXNvcjU2d0c3VzhFN0VOREIwdSUyRnpmQU53Q05kZXN4OG5OSmtRJTNEJTNE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:18 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www.fc-moto.de
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
cookie-cdn.cookiepro.com/scripttemplates/6.12.0/assets/otCenterRounded.json
104.18.3.3200 OK 0 B URL HTTP/2 cookie-cdn.cookiepro.com/scripttemplates/6.12.0/assets/otCenterRounded.json
IP 104.18.3.3:0
GET /scripttemplates/6.12.0/assets/otCenterRounded.json HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fc-moto.de/
Origin: https://www.fc-moto.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/json
content-md5: pT5GRWkYeY6SN2hsUEfddA==
last-modified: Wed, 20 Jan 2021 07:14:34 GMT
x-ms-request-id: 006d007d-601e-003b-546a-de7de9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 38907
expires: Fri, 25 Nov 2022 15:16:14 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f31ac6e827b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XPazuE1Jeg6caUWuy4E109fDMJQYXaTXfUjuRQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:16 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 299953
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2
15.197.193.217302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2
IP 15.197.193.217:0
GET /track/up?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=2
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=c5a8c64a-9550-4499-afc7-2e6885533814; domain=.adsrvr.org; expires=Fri, 24-Nov-2023 15:16:17 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cookie-cdn.cookiepro.com/consent/7accc1f0-51c6-439d-9cab-7fcbd8480083/7accc1f0-51c6-439d-9cab-7fcbd8480083.json
104.18.3.3200 OK 0 B URL HTTP/2 cookie-cdn.cookiepro.com/consent/7accc1f0-51c6-439d-9cab-7fcbd8480083/7accc1f0-51c6-439d-9cab-7fcbd8480083.json
IP 104.18.3.3:0
GET /consent/7accc1f0-51c6-439d-9cab-7fcbd8480083/7accc1f0-51c6-439d-9cab-7fcbd8480083.json HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fc-moto.de
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=86400
content-md5: 5rwwgiSZS8h3cxsRj4E29g==
last-modified: Tue, 12 Jan 2021 11:18:06 GMT
x-ms-request-id: 1c2f71bd-601e-00ad-586a-de7438000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 52124
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f31ac30b5bb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
fcmoto.cleverpush.com/iframe?origin=https%3A%2F%2Fwww.fc-moto.de
78.46.198.121200 OK 0 B URL HTTP/2 fcmoto.cleverpush.com/iframe?origin=https%3A%2F%2Fwww.fc-moto.de
IP 78.46.198.121:0
ASN #24940 Hetzner Online GmbH
GET /iframe?origin=https%3A%2F%2Fwww.fc-moto.de HTTP/1.1
Host: fcmoto.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
x-backend-server: cleverpush-worker-15
content-encoding: gzip
X-Firefox-Spdy: h2
cookie-cdn.cookiepro.com/scripttemplates/6.12.0/otBannerSdk.js
104.18.3.3200 OK 0 B URL HTTP/2 cookie-cdn.cookiepro.com/scripttemplates/6.12.0/otBannerSdk.js
IP 104.18.3.3:0
GET /scripttemplates/6.12.0/otBannerSdk.js HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fc-moto.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/javascript
content-md5: Aib4Vlvkay7u77hQspwwDQ==
last-modified: Wed, 20 Jan 2021 07:14:45 GMT
x-ms-request-id: 1e073764-b01e-0038-506a-de9c8d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 44588
expires: Fri, 25 Nov 2022 15:16:14 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f31ac51fddb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
cookie-cdn.cookiepro.com/consent/7accc1f0-51c6-439d-9cab-7fcbd8480083/9cb8c9f3-d841-4d44-9b8f-4b63707e55ed/no.json
104.18.3.3200 OK 0 B URL HTTP/2 cookie-cdn.cookiepro.com/consent/7accc1f0-51c6-439d-9cab-7fcbd8480083/9cb8c9f3-d841-4d44-9b8f-4b63707e55ed/no.json
IP 104.18.3.3:0
GET /consent/7accc1f0-51c6-439d-9cab-7fcbd8480083/9cb8c9f3-d841-4d44-9b8f-4b63707e55ed/no.json HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fc-moto.de/
Origin: https://www.fc-moto.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:14 GMT
content-type: application/x-javascript
cache-control: public, max-age=86400
content-md5: pW+mG2VaAmysLj61RTDbIQ==
last-modified: Tue, 12 Jan 2021 11:18:18 GMT
x-ms-request-id: 6a60ba5c-301e-0054-6b6a-de771a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 30829
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f31ac61f1fb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1
15.197.193.217200 OK 0 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1
IP 15.197.193.217:0
GET /track/upb/?adv=fsjmydf&ref=https%3A%2F%2Fretrack-kupona.kuponacdn.de%2F&upid=c4ifh21&upv=1.1.0&td1=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.ad-srv.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 15:16:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
p185689.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplgdyiN53G4w4iXD7klJ1soTN51QfSABfb5V1c6EPCUBHQZJmTz01hKSQ2vqeL6yY8OGVIq7SQHtx_OFPQCjhnAH-x-IPcASFnqtVa-2GiiP3Gw-sO1_rUq1R9o9SZG6I6v-KwP6NPP-OWD5KNHTUkwhWEgv8CbnYyFVeGWQDnkQRltjPnnWR7AE3etKt5ABP6K2RVFz-dUO3kCNH_7FwTEcPsWYYAHXuuIiL9Dueu6NG9ZRcugIsLmQGyX6TAX9PihRfh7j5gJJsPygQ54GEcnI_6xtxDi9X5Kgbz0VF_-WH_9b8ky2I1b9jtsDaOMRPTF2zLY09swJV2k4XVJzHJXhtG8JWcgjAVM3nVB9IAF9s0nxK-yUfBaAUgheKjLQ6KwCMoixrppYpzOdbr39iZtp1G14qROszd_qCYvh_QGQx2Qa1NZi5E3diGSWbgUjfjtF6khNhNQxyZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v0gFfTyOLRiwQ&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukM9EGt2BuSY6dMS3Fphj6SOGQC9dDh_SZpF7-6xQY3BPj4nA3ArmfBrSWWBbJth49B0KBelcUuVng&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=JqqHJF0zZfk&rr=1&abtg=0
108.168.193.189200 OK 0 B URL HTTP/2 p185689.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplgdyiN53G4w4iXD7klJ1soTN51QfSABfb5V1c6EPCUBHQZJmTz01hKSQ2vqeL6yY8OGVIq7SQHtx_OFPQCjhnAH-x-IPcASFnqtVa-2GiiP3Gw-sO1_rUq1R9o9SZG6I6v-KwP6NPP-OWD5KNHTUkwhWEgv8CbnYyFVeGWQDnkQRltjPnnWR7AE3etKt5ABP6K2RVFz-dUO3kCNH_7FwTEcPsWYYAHXuuIiL9Dueu6NG9ZRcugIsLmQGyX6TAX9PihRfh7j5gJJsPygQ54GEcnI_6xtxDi9X5Kgbz0VF_-WH_9b8ky2I1b9jtsDaOMRPTF2zLY09swJV2k4XVJzHJXhtG8JWcgjAVM3nVB9IAF9s0nxK-yUfBaAUgheKjLQ6KwCMoixrppYpzOdbr39iZtp1G14qROszd_qCYvh_QGQx2Qa1NZi5E3diGSWbgUjfjtF6khNhNQxyZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v0gFfTyOLRiwQ&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukM9EGt2BuSY6dMS3Fphj6SOGQC9dDh_SZpF7-6xQY3BPj4nA3ArmfBrSWWBbJth49B0KBelcUuVng&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=JqqHJF0zZfk&rr=1&abtg=0
IP 108.168.193.189:0
GET /adServe/domainClick?ai=LyBVgUe5lplgdyiN53G4w4iXD7klJ1soTN51QfSABfb5V1c6EPCUBHQZJmTz01hKSQ2vqeL6yY8OGVIq7SQHtx_OFPQCjhnAH-x-IPcASFnqtVa-2GiiP3Gw-sO1_rUq1R9o9SZG6I6v-KwP6NPP-OWD5KNHTUkwhWEgv8CbnYyFVeGWQDnkQRltjPnnWR7AE3etKt5ABP6K2RVFz-dUO3kCNH_7FwTEcPsWYYAHXuuIiL9Dueu6NG9ZRcugIsLmQGyX6TAX9PihRfh7j5gJJsPygQ54GEcnI_6xtxDi9X5Kgbz0VF_-WH_9b8ky2I1b9jtsDaOMRPTF2zLY09swJV2k4XVJzHJXhtG8JWcgjAVM3nVB9IAF9s0nxK-yUfBaAUgheKjLQ6KwCMoixrppYpzOdbr39iZtp1G14qROszd_qCYvh_QGQx2Qa1NZi5E3diGSWbgUjfjtF6khNhNQxyZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v0gFfTyOLRiwQ&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukM9EGt2BuSY6dMS3Fphj6SOGQC9dDh_SZpF7-6xQY3BPj4nA3ArmfBrSWWBbJth49B0KBelcUuVng&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=JqqHJF0zZfk&rr=1&abtg=0 HTTP/1.1
Host: p185689.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c1.getapplicationmy.info/
Connection: keep-alive
Cookie: rhid=82432261743
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:16:10 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=82432261743; Max-Age=15552000; Expires=Tue, 23-May-2023 15:16:10 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_1312958_off_756152_aff_13719_cid_185689-GETAPPLICATIONMY.INFO_ts_1669302970; Max-Age=3600; Expires=Thu, 24-Nov-2022 16:16:10 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2