r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16803
Expires: Sat, 26 Nov 2022 12:32:02 GMT
Date: Sat, 26 Nov 2022 07:51:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:51:59 GMT
Last-Modified: Sat, 26 Nov 2022 07:14:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
xr.email.eurekafitlife.com/126a734754e/c9c56d9f544/f8db5874b4e/fec244017b9/5634db3d27f/3cdf65eef85/7edeb9633a7/88ab6ee948a/a21b7949977/d5e17c7f60a/da25986acbf/e3071b760af/82e631e8aed/4a88befec00/5ace28eb24a/d82a0319b16/56085b16583/6264b9b7004/5eaf09852e6/c1aab0e1790/d7454e8ecf2/f69cc817150/75745323c1e/88c13b21f58/0d3c9942f3e/a444ccc578b/a18635101ed/0380159d775/81cd6634923/ac7e5d4dbf0/0efa8b3e04f/36a11c2b843/3c060bfe111/a2b0a3e96fe/2eed0d73d4e/18e0ee932ae/56bf3813ea7/749d0758ad5/84d50d58d21/aee02321b39/9babd953e93/dd8206dc26f/1f652f4bcdfd
45.152.197.111303 See Other 118 B URL HTTP/1.1 xr.email.eurekafitlife.com/126a734754e/c9c56d9f544/f8db5874b4e/fec244017b9/5634db3d27f/3cdf65eef85/7edeb9633a7/88ab6ee948a/a21b7949977/d5e17c7f60a/da25986acbf/e3071b760af/82e631e8aed/4a88befec00/5ace28eb24a/d82a0319b16/56085b16583/6264b9b7004/5eaf09852e6/c1aab0e1790/d7454e8ecf2/f69cc817150/75745323c1e/88c13b21f58/0d3c9942f3e/a444ccc578b/a18635101ed/0380159d775/81cd6634923/ac7e5d4dbf0/0efa8b3e04f/36a11c2b843/3c060bfe111/a2b0a3e96fe/2eed0d73d4e/18e0ee932ae/56bf3813ea7/749d0758ad5/84d50d58d21/aee02321b39/9babd953e93/dd8206dc26f/1f652f4bcdfd
IP 45.152.197.111:0
File type HTML document, ASCII text
Hash cab11055c0d46146e4c658a098f80a05
8753f79f342485619421f9928bfc2748d6f3d0a5
088346b1193019a90f99845bb80d9959135be2ecadac1d3f911b899dbd68f35b
GET /126a734754e/c9c56d9f544/f8db5874b4e/fec244017b9/5634db3d27f/3cdf65eef85/7edeb9633a7/88ab6ee948a/a21b7949977/d5e17c7f60a/da25986acbf/e3071b760af/82e631e8aed/4a88befec00/5ace28eb24a/d82a0319b16/56085b16583/6264b9b7004/5eaf09852e6/c1aab0e1790/d7454e8ecf2/f69cc817150/75745323c1e/88c13b21f58/0d3c9942f3e/a444ccc578b/a18635101ed/0380159d775/81cd6634923/ac7e5d4dbf0/0efa8b3e04f/36a11c2b843/3c060bfe111/a2b0a3e96fe/2eed0d73d4e/18e0ee932ae/56bf3813ea7/749d0758ad5/84d50d58d21/aee02321b39/9babd953e93/dd8206dc26f/1f652f4bcdfd HTTP/1.1
Host: xr.email.eurekafitlife.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Server: nginx/1.18.0
Date: Sat, 26 Nov 2022 07:51:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 118
Connection: keep-alive
Location: https://www.eurekafitlifemedia.com/FNX4R/FGXLG1/?uid=133&source_id=SLCry&sub2=Fteam
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8103
Expires: Sat, 26 Nov 2022 10:07:02 GMT
Date: Sat, 26 Nov 2022 07:51:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 07:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1966
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XrJLvLqc57NfxS2vDEe49bwZ4z0kSCUqEkXloxxJ9i2nIrlphQOA0w3okD+ajtwfsE21k7NOnHg=
x-amz-request-id: 83J00SP1ZAHCQX7V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 07:41:07 GMT
age: 652
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd2157425e78dcd72287ddce6920c806
9f769ccceb15f643649aed00e7204e59892535fd
14ea6e6f7cbd3e1daaa09b32a32b7fbe59d93613d801f33945c5f6dd53e63584
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "14EA6E6F7CBD3E1DAAA09B32A32B7FBE59D93613D801F33945C5F6DD53E63584"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21495
Expires: Sat, 26 Nov 2022 13:50:14 GMT
Date: Sat, 26 Nov 2022 07:51:59 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 07:51:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd2157425e78dcd72287ddce6920c806
9f769ccceb15f643649aed00e7204e59892535fd
14ea6e6f7cbd3e1daaa09b32a32b7fbe59d93613d801f33945c5f6dd53e63584
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "14EA6E6F7CBD3E1DAAA09B32A32B7FBE59D93613D801F33945C5F6DD53E63584"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21495
Expires: Sat, 26 Nov 2022 13:50:14 GMT
Date: Sat, 26 Nov 2022 07:51:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 07:08:54 GMT
cache-control: public,max-age=3600
age: 2585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5511
Cache-Control: max-age=96403
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:51:59 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:38:42 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash dd86f74f70857f4c57092a6969efa22f
523156349f85fd9110e7430985b86940d52e2756
3749606c88a4a7096c98073f459f16f6d8cdfde94a0ece5f8a97aafd98b3b348
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 07:51:59 GMT
Last-Modified: Sat, 26 Nov 2022 06:59:04 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X_95SEP36tFnv33mEu7pTLmXR3UNnfpO8QCsh4iKeayXMfS_VFv1NQ==
Age: 3175
hop.clickbank.net/?affiliate=infusionh&vendor=slimcrysta&op=vsl&tid=e42e3f6e29954d979a501a3b3db1d458
44.236.111.27307 Temporary Redirect 0 B URL HTTP/2 hop.clickbank.net/?affiliate=infusionh&vendor=slimcrysta&op=vsl&tid=e42e3f6e29954d979a501a3b3db1d458
IP 44.236.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?affiliate=infusionh&vendor=slimcrysta&op=vsl&tid=e42e3f6e29954d979a501a3b3db1d458 HTTP/1.1
Host: hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: p=Rqv09oeSAr_fwNh8n-CIpX3BXJXAhSs5liLsZX0Ux0q2LoCuLErSh7vv2ZKzm_sIPzslR3KeSDFqjeEDtMLHPWkq7GH5zavT6VO8oHWSoK16FYd_c4DAUvAd1_9IMeysRvleDzixE2F-ZZEmZY2xTIJ0WVgNufWbwwa9R6uXGHHdaOR_5928ZrtgZVcKH9P-JB1C4dF2r-tjYben1DpvD3k5_P-Hx231TIHYK398HW1WxRGEeGCrsmQedsrdI3XAikV4uPyQYuEzsh9_EEMbchM_Lqq5Pw-PQZI30D7MIpko8NXHA2OAQBut8l_nRE_zw1p64LlqAAkXmlgbaTxhxtIs9Q0_ZTyDN1lMKh2RKp_MmUvZYs5eKe9420tHelY06njVkSJDzE_jAcKtt6MAlnB_FrzGbvgN83uiLvIOUULTTzHh8HW3hBDwLLwSQC-Po3Zivg%3D%3D; q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Sat, 26 Nov 2022 07:51:59 GMT
content-length: 0
location: https://slimcrystal.com/?hop=infusionh&op=vsl
set-cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Sun, 26 Nov 2023 07:51:59 GMT
p=l_0kWv2aam_isb4YfCh0DImXfr0JDFg16zN4Z_rJZn6LJ-nA-2-ABoezZVHl5CFJW7Md_yqLV2_4ncRtdIIshFQipBQBFSjjY9UW-6KwcGoXIMjJ4pamf4ezJjg5uEpks_4JAczZl-Q9ZgA_q1xvyZZi26HjmeC_rOO56qGh6-jE8Was879sLPRQUNDF49Q88FPS5opQIvPaoTGslAe57fyLFNUGvkKQ9A1HlLo_UvvaA0zBEOnep-tjvnYGkJqc46agOA%3D%3D; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Thu, 25 May 2023 07:51:59 GMT
server-timing: traceparent;desc="00-8550bc6144958900b807f06e0c61a290-1db0bdd42035136b-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 36KDb6zZtLCH+r8WexWa1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iOoMLdUWWOu7+dvkM9A2T0PUJV0=
ocsp.pki.goog/s/gts1p5/D-mPYq-3FOA
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/D-mPYq-3FOA
IP 142.250.74.3:0
Hash 953e740dff4bbb9f795d8c1eeee5cc80
935c6b778374e3f75f3a509de8130b31cbb20026
39706cecfff886aef823a219fea7861c8cc7410ed2e4b3ebc5f014258fc97494
POST /s/gts1p5/D-mPYq-3FOA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/D-mPYq-3FOA
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/D-mPYq-3FOA
IP 142.250.74.3:0
Hash 953e740dff4bbb9f795d8c1eeee5cc80
935c6b778374e3f75f3a509de8130b31cbb20026
39706cecfff886aef823a219fea7861c8cc7410ed2e4b3ebc5f014258fc97494
POST /s/gts1p5/D-mPYq-3FOA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/ay5hwrqsXbk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ay5hwrqsXbk
IP 142.250.74.3:0
Hash 32e728705ac4a0b1e3678c5276e55cf9
1d91e8fa1505fc085e12ade347d5ef7b60931f3a
e957e49962761e33ce0dfc0b440a489ad8abeba40cb19a86b4419946cd77a8d1
POST /s/gts1d4/ay5hwrqsXbk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
34.107.203.240200 OK 15 kB URL HTTP/2 static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP 34.107.203.240:0
File type ASCII text, with very long lines (58749)
Hash f42272a0f636e716204c0bec503ba28c
2dfd630f7b31d442fb25aca978b26c0efe377481
3ede591eca234ade8e54d107d4b391129bdedff614876fd513ab94aaa0b7e7d4
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: 17b2cafb76897323b42cdb43a7fbed20
content-encoding: gzip
server: Google Frontend
via: 1.1 google
date: Wed, 09 Nov 2022 08:22:07 GMT
expires: Thu, 09 Nov 2023 08:22:07 GMT
cache-control: public, max-age=31536000
etag: "rvb96Q"
content-type: text/css
content-length: 14628
age: 1466993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10901425749
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10901425749
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e43eab927ae62551c0966febd39af14c
1e3cc1825b1e9d0e070d57da66eb6fbcdffb82c6
edd329b399c7e6104b88b9cce07087871b9a33096496b6dd17a61d80dcf59f8a
GET /gtag/js?id=AW-10901425749 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 07:52:00 GMT
expires: Sat, 26 Nov 2022 07:52:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-645944073
142.250.74.168200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-645944073
IP 142.250.74.168:0
File type ASCII text, with very long lines (2917)
Hash 00bb976f390d7db0ab268c72eb05776f
9a7589621586e5460f0bbb2d11c711f891da1ef2
840c3589c6213533b0a51dad1bfc70823b4fe84e4661c1976b49ec9f7efa84e2
GET /gtag/js?id=AW-645944073 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 07:52:00 GMT
expires: Sat, 26 Nov 2022 07:52:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash f10c495e5d7408d89ba9b876512ec5ec
e95cffe3d8a1f8c121458ee6c8f3f9b9be67396e
f0c21b5559fa6d472a633bbc907fbd778a492e0828144d2f832108fed285dfdf
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 07:52:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:16:33 GMT
Expires: Sat, 26 Nov 2022 21:16:33 GMT
ETag: "e95cffe3d8a1f8c121458ee6c8f3f9b9be67396e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/s/gts1d4/ay5hwrqsXbk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ay5hwrqsXbk
IP 142.250.74.3:0
Hash 32e728705ac4a0b1e3678c5276e55cf9
1d91e8fa1505fc085e12ade347d5ef7b60931f3a
e957e49962761e33ce0dfc0b440a489ad8abeba40cb19a86b4419946cd77a8d1
POST /s/gts1d4/ay5hwrqsXbk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js
104.17.25.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (58823)
Hash 862e774816525509d8b88f3f21174dcb
afdc27eac7b24332916978b1aeea648019026601
cc7743974a19a6d642e2ed50fa235d4c40e142c030ceb5d8f64a4c43504f8ed1
GET /ajax/libs/moment.js/2.26.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 16963
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ec4d334-e5ee"
last-modified: Wed, 20 May 2020 06:50:28 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12492408
expires: Thu, 16 Nov 2023 07:52:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gdToNd7hkwx5d3tpugRMPYHlapaq0glVwXZ1vZSuTqDZl8iggxIMBTQhIV%2FbTvNfVqaEBWUcTQHDKRGcryPFtvProu0DfwcUtBTZmcDIH9Kd7gwTG4bmrxlRv%2BRCWWUeV%2BOAV94"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77010acd6d130b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 13d477ebf9ebd8a80e30d0907f7b58b3
9f008b8a5bdac94385632a1ef3edba117e869834
dc127aad6b14d38a286d9a8856fdb8ef36dda94ccaed356fcb6d1241babdb932
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 07:52:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:50:21 GMT
Expires: Sat, 26 Nov 2022 21:50:21 GMT
ETag: "9f008b8a5bdac94385632a1ef3edba117e869834"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
js.center.io/center.js
142.250.74.83200 OK 5.4 kB IP 142.250.74.83:0
File type ASCII text, with very long lines (566)
Hash 276609e3cfacad7622ab02bcd80a5f75
26fbc873773aada776b4cb2120a63130754f79ee
2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: 71994555c03bef885869f7676353e9db
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Sat, 26 Nov 2022 07:49:35 GMT
expires: Sat, 26 Nov 2022 07:54:35 GMT
cache-control: public, max-age=300
age: 145
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
js.center.io/identify.html
142.250.74.83200 OK 2.0 kB URL HTTP/2 js.center.io/identify.html
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Hash c16ca7cb44a55621b5a53b8d3066ef99
9d19d037b0f6c1c12aa6cc3e378e13093272b0d3
9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 03c80acea56b9bd9c2ac92271baad765
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Sat, 26 Nov 2022 07:48:18 GMT
expires: Sat, 26 Nov 2022 07:53:18 GMT
cache-control: public, max-age=300
age: 223
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash f10c495e5d7408d89ba9b876512ec5ec
e95cffe3d8a1f8c121458ee6c8f3f9b9be67396e
f0c21b5559fa6d472a633bbc907fbd778a492e0828144d2f832108fed285dfdf
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 07:52:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:16:33 GMT
Expires: Sat, 26 Nov 2022 21:16:33 GMT
ETag: "e95cffe3d8a1f8c121458ee6c8f3f9b9be67396e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3054
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 07:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3054
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 07:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3054
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 07:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3054
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 07:52:01 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a652adf1f0a925735886f0c7e05e266c
82dd6b88b7334eb4058a2240999dda1eb486bfb9
c01da64b55ade683d880f64505c3d6b1e7fcf92df73030de9a3c2717725dded2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98786
Date: Sat, 26 Nov 2022 07:52:01 GMT
Etag: "6380a483-1d7"
Expires: Sun, 27 Nov 2022 11:18:27 GMT
Last-Modified: Fri, 25 Nov 2022 11:18:27 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oorWqRWub_GYp0wahrMQcsFkeJtqZqWBi8BJNBnv3gDEk58tj5jy0Q==
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 36201
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 14183
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f470fab0957e148a9c58dfeedc72463
2f88534696701cfdaf7e2aa78f6d4b8766a2b77f
c2c5617f8fbf3860578a9bcf821dea13e3225ccd02774f29f4bf022e4abd9ff9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11186
x-amzn-requestid: 67dbfbd2-ba7f-4540-8d2c-5c2c4de21cae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUf7HGdIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813465-36b0d8fc4bdb5faf328bd99d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:21 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vFbudY9zvK4DwTVXff4-nDPTFtYqktJb4n9wrLx4zL4nsz_bc6U4qA==
via: 1.1 7b00c3fd9220034414107b03e53b1b8e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:28 GMT
age: 35313
etag: "2f88534696701cfdaf7e2aa78f6d4b8766a2b77f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 19938
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30fddcf4-c88b-41c3-90f7-a4530639de73.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30fddcf4-c88b-41c3-90f7-a4530639de73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e0c5064718601e80b7bfc931120ff70
741e5e48c4fb170efee9b611be5638d999a09bd2
d0b1537f43277e7f59152e6272d4f3888ab4618fa7fe0e4b24e2f851dbf0f4cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30fddcf4-c88b-41c3-90f7-a4530639de73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7025
x-amzn-requestid: 2c9cd3bc-80d4-4578-a0aa-4f1ff7f19d30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNYGwaIAMFU8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-0c66a293144f894f001ae0cf;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: r2feThcq6D5u1ptiBnSuA5ZC00_W8moa4pb6xSxxeIEMbgoPtQdUyQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:51:02 GMT
age: 36059
etag: "741e5e48c4fb170efee9b611be5638d999a09bd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whO__FB0B2ywDP_p63eQ044RXbT207sX1i87I6nPAFUB85nSYc0Cuw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 36355
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 66cb6570e84238dd7d3f8f1f09a9a7d2
2f60b3acdd8ee3c61956a0821db5129c7014408d
7fdfce45e5675969437e2867edd9f798f6539d9d739bacbf20b187eb389eedce
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 07:52:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:03:49 GMT
Expires: Sat, 26 Nov 2022 21:03:49 GMT
ETag: "2f60b3acdd8ee3c61956a0821db5129c7014408d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cbtb.clickbank.net/?vendor=slimcrysta
34.218.83.87200 OK 942 B URL HTTP/2 cbtb.clickbank.net/?vendor=slimcrysta
IP 34.218.83.87:0
File type ASCII text, with very long lines (942), with no line terminators
Hash 8b0141f7ca626083801c7c3de45997ca
a2969f752bf6b5cc3333f8af23d157671a034f66
152019e7e912b8d039de736f5ca51e317fd7eb29d1afb92c948b0ca1e2fde2b8
GET /?vendor=slimcrysta HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:01 GMT
content-type: text/javascript;charset=UTF-8
content-length: 942
set-cookie: AWSALB=0mg8Jvf0LLkEPF8N6Gtmo4r6ohxai3gNMUWZD5bNxtkDprmbTfEB1AC6/1xP32LY5NfUV63GYfJLG7QLEFS2DTda34EyLRx7zKUNJeV3tEDrSutlkW0zmbnXh51z; Expires=Sat, 03 Dec 2022 07:52:01 GMT; Path=/
AWSALBCORS=0mg8Jvf0LLkEPF8N6Gtmo4r6ohxai3gNMUWZD5bNxtkDprmbTfEB1AC6/1xP32LY5NfUV63GYfJLG7QLEFS2DTda34EyLRx7zKUNJeV3tEDrSutlkW0zmbnXh51z; Expires=Sat, 03 Dec 2022 07:52:01 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3f1ce47ae8e50472caaf665990b8236
cac3096a9f6a0c9e1bf1bacad3293da933426dbe
5a7bd1cc8ab5c2c1903ee9162c5eefac34f4d9a85e5261e9fc796fe352d933bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Last-Modified: Sat, 26 Nov 2022 06:20:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3f1ce47ae8e50472caaf665990b8236
cac3096a9f6a0c9e1bf1bacad3293da933426dbe
5a7bd1cc8ab5c2c1903ee9162c5eefac34f4d9a85e5261e9fc796fe352d933bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Last-Modified: Sat, 26 Nov 2022 06:20:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3f1ce47ae8e50472caaf665990b8236
cac3096a9f6a0c9e1bf1bacad3293da933426dbe
5a7bd1cc8ab5c2c1903ee9162c5eefac34f4d9a85e5261e9fc796fe352d933bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=123006
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Etag: "6380edd6-117"
Expires: Sun, 27 Nov 2022 18:02:07 GMT
Last-Modified: Fri, 25 Nov 2022 16:31:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=3VemY48gJunzW3JHqSMsr2&v=&e=&st=&lc=en-US&pid=AMqA5Xc4viGAJmSGWCRhnT-default-prop&uid=WjW5n4BTTy4hd5FMR9Atyu&sid=dyHJ4bfmU6FHwu3576Jate&cid=lp-3VemY48gJunzW3JHqSMsr2&uri=https%3A%2F%2Fslimcrystal.com%2Fvsl&rf=&rx=1280&ry=939&tz=%2B00%3A00
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=3VemY48gJunzW3JHqSMsr2&v=&e=&st=&lc=en-US&pid=AMqA5Xc4viGAJmSGWCRhnT-default-prop&uid=WjW5n4BTTy4hd5FMR9Atyu&sid=dyHJ4bfmU6FHwu3576Jate&cid=lp-3VemY48gJunzW3JHqSMsr2&uri=https%3A%2F%2Fslimcrystal.com%2Fvsl&rf=&rx=1280&ry=939&tz=%2B00%3A00
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=3VemY48gJunzW3JHqSMsr2&v=&e=&st=&lc=en-US&pid=AMqA5Xc4viGAJmSGWCRhnT-default-prop&uid=WjW5n4BTTy4hd5FMR9Atyu&sid=dyHJ4bfmU6FHwu3576Jate&cid=lp-3VemY48gJunzW3JHqSMsr2&uri=https%3A%2F%2Fslimcrystal.com%2Fvsl&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
Server: Stargate
access-control-max-age: 600
access-control-allow-origin: https://slimcrystal.com
access-control-allow-credentials: true
Date: Sat, 26 Nov 2022 07:52:01 GMT
x-request-id: 05c9v9umtsrmmib716jg
set-cookie: view.AMqA5Xc4viGAJmSGWCRhnT-default-prop.3VemY48gJunzW3JHqSMsr2=1669449121000; Domain=api.leadpages.io; expires=Sun, 27 Nov 2022 07:52:01 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
X-Forwarded-For: 91.90.42.154
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 445f850c2b314b85b46901e4ae7f51d1
5ae163e8d74327c5380b790e9020288e954cdae5
bae373b2b340c66c3dcb45285530c07b8e821e0824e30fe5e829fe6e59e0dce3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161448
Date: Sat, 26 Nov 2022 07:52:01 GMT
Etag: "63818e16-1d7"
Expires: Mon, 28 Nov 2022 04:42:49 GMT
Last-Modified: Sat, 26 Nov 2022 03:55:02 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JwFdH8omdjm-oAq3GsiXmVPaOJrD0qJuy_KVXFkkFQFAm-jk-FQl3w==
Age: 2867
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 312100
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 217073
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/video/618776684?h=51805eacce
162.159.138.60200 OK 6.2 kB URL HTTP/1.1 player.vimeo.com/video/618776684?h=51805eacce
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20244), with no line terminators
Hash d7e140aefe7eb87a1584693023a3b15f
ae0b81aacc471db8dbb3e8062415771eb4535500
bae5e32463e3fb60cdaa41082ef008ce1a37d65fe05e3cc9da3e292b960b3dc4
GET /video/618776684?h=51805eacce HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 07:52:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sat, 26 Nov 2022 08:01:34 GMT
x-host: player-57c7694bdc-rhkgc
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-57c7694bdc-rhkgc
Age: 0
X-Served-By: cache-bma1640-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669449122.510625,VS0,VE118
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=GNjizpJ8wHXyb5yQ614G1OX.s2Okb1gnDWKBSwkZoGI-1669449121-0-Af4N2J06r7fF9aZNoi4TtMRCjJLbbBG1WmpxvDWUQlfB28lZq5r7lyUt+X1kVuZEHhSLoKMLMnFsVAYUKj0UKXY=; path=/; expires=Sat, 26-Nov-22 08:22:01 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 77010ad15e1eb506-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 313ee9b8e553d0b05d929ed3d6ba7570
33a4c6b0674da4df4376ca54b53714562b25ba4f
677397a05296676f01a5a5942a317a83f9445b47f90ea28f3d2f70cf10ababc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126521
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:01 GMT
Etag: "638110da-117"
Expires: Sun, 27 Nov 2022 19:00:42 GMT
Last-Modified: Fri, 25 Nov 2022 19:00:42 GMT
Server: nginx
Content-Length: 279
f.vimeocdn.com/p/4.14.1/css/player.css
151.101.86.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.14.1/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 4acf7af3b78cc35650da87ee77464c29
abe870c3258849b8286439c8e06b7b885a1f1ac3
ed7715a1dab6ae7896cca6ae124ce68f61b8a502a7f468001142fdf9a81a3626
GET /p/4.14.1/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:01 GMT
age: 306809
x-served-by: cache-iad-kiad7000129-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 71381
x-timer: S1669449122.723458,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20726
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05.jpg?mw=80&q=85
151.101.86.109200 OK 1.6 kB URL HTTP/2 i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 44c5ae72c99c7d625ab37018c7449368
68f187faabb2e388c7487aa7f1a10f2c2bdfa925
36be892f37e89b933c89cd12ec8365985377db47ab13ff782d68eb5706d50d88
GET /video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 44c5ae72c99c7d625ab37018c7449368
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-l03g
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:01 GMT
age: 1610946
x-served-by: cache-dfw-kdfw8210094-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1540, 1
x-timer: S1669449122.737751,VS0,VE1
content-length: 1639
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.14.1/js/player.module.js
151.101.86.109200 OK 117 kB URL HTTP/2 f.vimeocdn.com/p/4.14.1/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 117 kB (116762 bytes)
Hash 93b123a49355679299f45758f7c7ead7
5edf4cf812084390b321b37e824196e0a5351243
2310a3197f869d02d56fbeabd61c29c842e0c22e4bcc8c528c17beb1a348042b
GET /p/4.14.1/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:01 GMT
age: 306810
x-served-by: cache-iad-kjyo7100101-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 59961
x-timer: S1669449122.771352,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116762
X-Firefox-Spdy: h2
player.vimeo.com/video/647253107?h=db3e20d96e
162.159.138.60200 OK 17 kB URL HTTP/1.1 player.vimeo.com/video/647253107?h=db3e20d96e
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (50618), with no line terminators
Hash 4717624f69fe1505beffe332623bc773
3c1c23535906cb554d1d8cf919bca509779eabaf
a65aab3bc6c8a135ca8416e0a2c02e16ef10523b6a9613bcd2039621369f493e
GET /video/647253107?h=db3e20d96e HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 07:52:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sat, 26 Nov 2022 08:02:01 GMT
x-host: player-57c7694bdc-ms82g
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-7
x-backend-proxy: playproxy8
x-bapp-server: player-57c7694bdc-ms82g
Age: 0
X-Served-By: cache-bma1648-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669449122.511342,VS0,VE308
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=h8tYIwIuSnjvmLbe4ycnhYq_PY7ll8sI2OaPTEeDYRk-1669449121-0-ASXVzl0I7F9MdqCGXB1c6RNTDxbEJHTGOhQ/07YlfSz33gLKPoWgVTe9al2P90LLpKmnkzAhSl7LNyjp5FgBZxI=; path=/; expires=Sat, 26-Nov-22 08:22:01 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 77010ad15a731c0a-OSL
Content-Encoding: gzip
seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
82.102.27.18200 OK 4.4 kB URL HTTP/2 seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
IP 82.102.27.18:0
File type PNG image data, 153 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dababd863b5b44a2859605b87ff1209
4c9ea1d3b7e8cb8395c53b8954f20cc0ab8cd119
a0a318021ab8bf25eff2cc700404551649d7f2825384fa7b35c65c8108609e77
GET /seals/blue-seal-153-100-clickbank-5004291.png HTTP/1.1
Host: seal-boise.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 26 Nov 2022 07:52:01 GMT
content-type: image/png
content-length: 4377
cache-control: max-age=14400
expires: Sat, 26 Nov 2022 11:52:01 GMT
last-modified: Sat, 26 Nov 2022 03:27:24 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
143.204.55.88200 OK 4.3 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
IP 143.204.55.88:0
File type PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash c06ae1ecaaf7e0610c68af117658a7e0
337cc86d38734fd76333c063366ec36e7a7d343a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
GET /dist/assets/logo-tab-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4341
date: Sat, 26 Nov 2022 07:51:36 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jI1ZTxdcXfoEMQ5DSCO468RfoC7HHSyvgPUNAWNogcsywAcgVP66xA==
age: 26
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/player-dash-mse.min.js?hash=zqjrcqyt
151.139.128.10200 OK 588 kB URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/player-dash-mse.min.js?hash=zqjrcqyt
IP 151.139.128.10:0
Size 588 kB (587913 bytes)
Hash 594bc167e58909be5dfd5515cb40b1c8
d04a30589edfee9540119d8f806e0381c627fc39
ab8bf61a74c48c94c0ee31c9edcf85386ff48f74d6a61d73fdfd850f71314c98
GET /embeds/J51TWYBN/Edo8pIoz2E0zOOkv/player-dash-mse.min.js?hash=zqjrcqyt HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:01 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 11:11:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
etag: "b928111c5d5fbb1af419e842efedf721"
server: UploadServer
x-guploader-uploadid: ADPycdtBYwAuEJM-3hQI-QAUZL6XyaPoG2BktrD-dIQTEJjkTiQPPDazwcxGTzEOYN4hjmAemYg24VUjMP-tFEJLTALXBg
x-goog-generation: 1665141072993958
x-goog-hash: crc32c=ngdOZg==, md5=uSgRHF1fuxr0GehC7+33IQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 502474
x-cdn: 4
content-encoding: gzip
x-hw: 1669449121.cds226.sk1.hn,1669449121.cds226.sk1.hc,1669449121.cds248.sk1.c,1669449121.cds226.sk1.sl
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/i18n/app-strings-en.json
143.204.55.88200 OK 9 B URL HTTP/2 prod.cbstatic.net/dist/i18n/app-strings-en.json
IP 143.204.55.88:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cdfca8b09e61ae7324e48f01984c9b34
874b413675711909229ca228efea613383d6a9a4
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
GET /dist/i18n/app-strings-en.json HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 9
date: Sat, 26 Nov 2022 07:52:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
etag: "cdfca8b09e61ae7324e48f01984c9b34"
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K5WE6Fg4hzNHFuUzckD_UfiR6LbuWIWbiv02u7rxQpNFHHdXcHVBWA==
X-Firefox-Spdy: h2
player.vimeo.com/video/618776372?h=c7c22c9f8a
162.159.138.60200 OK 6.0 kB URL HTTP/1.1 player.vimeo.com/video/618776372?h=c7c22c9f8a
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18829), with no line terminators
Hash 125a4ea4d6b88bb24d0920b8530600c9
dc2a39391ee075866a21f72e2152624628f6cc53
c65902bd872cbea37b637733a30b165dd916226c9757078e5e38ac012cc7198a
GET /video/618776372?h=c7c22c9f8a HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 07:52:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sat, 26 Nov 2022 07:58:26 GMT
x-host: player-57c7694bdc-xbkhq
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-8
x-backend-proxy: playproxy9
x-bapp-server: player-57c7694bdc-xbkhq
Age: 0
X-Served-By: cache-bma1627-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669449121.497201,VS0,VE438
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=93_1LDRvsWuEQ0o7WUI7B.CjA0w1zMXt2bfXxSCGr3A-1669449121-0-AWIEM4hjc0ezqsAMjaFZILW+9c+eM/KembKBHnQSPjPUFPxWZTsWZkuf6A7h78XEpQtk3skR/TR1PI1HcKc4C+c=; path=/; expires=Sat, 26-Nov-22 08:22:01 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 77010ad13940b527-OSL
Content-Encoding: gzip
f.vimeocdn.com/p/4.14.1/js/vendor.module.js
151.101.86.109200 OK 116 kB URL HTTP/2 f.vimeocdn.com/p/4.14.1/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Size 116 kB (116187 bytes)
Hash 30972a3e9883ce81e7bb54ca377da88f
19077360603241f1fb218c44027d7d1437770d8d
10fb36a7c941c7565c0cb906cfeafc288aeaca33c293bbf3d1353f418eeb7d8f
GET /p/4.14.1/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
age: 306810
x-served-by: cache-iad-kjyo7100028-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 73514
x-timer: S1669449122.101273,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116187
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w16
142.250.74.33200 OK 335 B URL HTTP/2 lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x9, components 3\012- data
Hash 538c07eebc163c4b619b4f8e513e440e
b49f6112cec424d571f8cf3c1ad98f4732d854c7
82eb31993198ab11e3f063f2fa7349c4d2315522e7946ed0be5c477ecd9a3a6c
GET /-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 335
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:29:59 GMT
expires: Sun, 06 Nov 2022 06:47:42 GMT
cache-control: public, max-age=86400, no-transform
age: 1323
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/0t9HIE7OHP69Ob2YjWdzht34hQkVKEoYetjUNe-zLKYlAy-I39njty74sDeK32TZrLE2SWd5LfHyLZLPAFf8GmsG4w2yhQrpisVb=w16
142.250.74.33200 OK 419 B URL HTTP/2 lh3.googleusercontent.com/0t9HIE7OHP69Ob2YjWdzht34hQkVKEoYetjUNe-zLKYlAy-I39njty74sDeK32TZrLE2SWd5LfHyLZLPAFf8GmsG4w2yhQrpisVb=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x10, components 3\012- data
Hash 4b1adba926abf23b09d9554d3663f630
22c0596485c9b4da950537fe5785bcc5a4e3014e
53ffedc9d58bbab67909271b53315fd37dee3a15c4e87802913bf35810b7aa2c
GET /0t9HIE7OHP69Ob2YjWdzht34hQkVKEoYetjUNe-zLKYlAy-I39njty74sDeK32TZrLE2SWd5LfHyLZLPAFf8GmsG4w2yhQrpisVb=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 419
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:30:00 GMT
expires: Sun, 06 Nov 2022 06:47:42 GMT
cache-control: public, max-age=86400, no-transform
age: 1322
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/RgMU17yCZ2UTKpirJs8mPKo5nMTiW3dXqP913HKi_gb3j2PPaK8c65QfNEaB3rvpBXkB6XyYDish1R8alNTCwA3NaI2_kfRYWwpM=w16
142.250.74.33200 OK 3.6 kB URL HTTP/2 lh3.googleusercontent.com/RgMU17yCZ2UTKpirJs8mPKo5nMTiW3dXqP913HKi_gb3j2PPaK8c65QfNEaB3rvpBXkB6XyYDish1R8alNTCwA3NaI2_kfRYWwpM=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x9, components 3\012- data
Hash f7d82febde94748d3f17522b84160e24
b382c50355edc290b2a5b77602bd95daa4a2ebed
0812c17cfbca4de5d123f5a075d4e768a1b147e1defb193549ec3ace2f3627d1
GET /RgMU17yCZ2UTKpirJs8mPKo5nMTiW3dXqP913HKi_gb3j2PPaK8c65QfNEaB3rvpBXkB6XyYDish1R8alNTCwA3NaI2_kfRYWwpM=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3595
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:51:35 GMT
expires: Sat, 19 Nov 2022 08:25:45 GMT
cache-control: public, max-age=86400, no-transform
age: 27
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/x2BVhiGNZH1GCUXrB7Pju0uYhNAvLO5YM2kjVv4pIYv0UqcyYrF_GtSm8yMcmwMhQVZKbQvJ9qdYJnozGm12JYjzO_J7kmz6LCI=w16
142.250.74.33200 OK 443 B URL HTTP/2 lh3.googleusercontent.com/x2BVhiGNZH1GCUXrB7Pju0uYhNAvLO5YM2kjVv4pIYv0UqcyYrF_GtSm8yMcmwMhQVZKbQvJ9qdYJnozGm12JYjzO_J7kmz6LCI=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x14, components 3\012- data
Hash 7b994da19641dd540d1e53f5d2eef47b
39a0a3742476b988c1d992da8f8259f4ffed92cd
88df2d0b1df1058223bf38bfd5f88670dc563f4d749e99a7828ae6067fbdf31e
GET /x2BVhiGNZH1GCUXrB7Pju0uYhNAvLO5YM2kjVv4pIYv0UqcyYrF_GtSm8yMcmwMhQVZKbQvJ9qdYJnozGm12JYjzO_J7kmz6LCI=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 443
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:29:59 GMT
expires: Fri, 11 Nov 2022 12:41:39 GMT
cache-control: public, max-age=86400, no-transform
age: 1323
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/rdm9g_M1IuMzi3Yys8LWtTS1cohePS51HGhnbVKXLqJ7i5XdJ-tu4jiJOMvLtLFRcEVuSJlc4BxpWFoX1cR_wfDgdYaJ4DhaHg=w16
142.250.74.33200 OK 474 B URL HTTP/2 lh3.googleusercontent.com/rdm9g_M1IuMzi3Yys8LWtTS1cohePS51HGhnbVKXLqJ7i5XdJ-tu4jiJOMvLtLFRcEVuSJlc4BxpWFoX1cR_wfDgdYaJ4DhaHg=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x13, components 3\012- data
Hash 915c56553b6bd1237a3f8d096d3d98e5
9aba501dee47efa7c6ac0e2b4ae545f7c20ae145
d7d0499da9d7f86db028a84b9515be45c1cca512200a3e119a9cfe4409f9337f
GET /rdm9g_M1IuMzi3Yys8LWtTS1cohePS51HGhnbVKXLqJ7i5XdJ-tu4jiJOMvLtLFRcEVuSJlc4BxpWFoX1cR_wfDgdYaJ4DhaHg=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 474
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:29:59 GMT
expires: Sun, 06 Nov 2022 06:47:42 GMT
cache-control: public, max-age=86400, no-transform
age: 1323
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9.jpg?mw=80&q=85
151.101.86.109200 OK 1.7 kB URL HTTP/2 i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x37, components 3\012- data
Hash 9d1349763522973851db4bc425ec591a
7b3a0cdecae38e7380b7a1fb1103193b860b628d
97531786f8ea720d003150fbc4f8beecdf0132b06d7bdf33bddf29113f1bf846
GET /video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 9d1349763522973851db4bc425ec591a
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-6wqs
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
age: 928093
x-served-by: cache-dfw-kdfw8210031-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 14, 1
x-timer: S1669449122.211500,VS0,VE1
content-length: 1690
X-Firefox-Spdy: h2
lh3.googleusercontent.com/ljfQZ8EYi5TACtI92SBlSA51CL4ugLOQoKGPUB4q4KSdVoBcm76mveJYCy3Fo7aQj9cIEs3a9FA9rjhQn38Bknpn_wW4Pphdp-s=w16
142.250.74.33200 OK 951 B URL HTTP/2 lh3.googleusercontent.com/ljfQZ8EYi5TACtI92SBlSA51CL4ugLOQoKGPUB4q4KSdVoBcm76mveJYCy3Fo7aQj9cIEs3a9FA9rjhQn38Bknpn_wW4Pphdp-s=w16
IP 142.250.74.33:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 86e36652f148fe88c1c327bf18baa3d1
47547729f358a8444bf5222d24f962952114e7ea
c5140fa21bf583db84a55e3b1512a27d5fe864073be0fc61b572f0a56ebd17f4
GET /ljfQZ8EYi5TACtI92SBlSA51CL4ugLOQoKGPUB4q4KSdVoBcm76mveJYCy3Fo7aQj9cIEs3a9FA9rjhQn38Bknpn_wW4Pphdp-s=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 951
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:51:35 GMT
expires: Sun, 27 Nov 2022 03:18:55 GMT
cache-control: public, max-age=86400, no-transform
age: 27
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/K7kinBes30FDzGamXV_9-gmSOpxdJ5s3h38KJ6un1uulCU7Fdtwv2imdYUlsjppnenNik6vEU2goEI-StZSBe8_FomSurESudBI=w16
142.250.74.33200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/K7kinBes30FDzGamXV_9-gmSOpxdJ5s3h38KJ6un1uulCU7Fdtwv2imdYUlsjppnenNik6vEU2goEI-StZSBe8_FomSurESudBI=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x20, components 3\012- data
Hash c177d67fa204a015de390bb54c4673a6
5cc4d09b12b1480b29bc696a8e180a9d2fffd1c0
76badb85155c8e3d20a9cfd890815765e8067a7cf350fe7896afcb6f58d3a193
GET /K7kinBes30FDzGamXV_9-gmSOpxdJ5s3h38KJ6un1uulCU7Fdtwv2imdYUlsjppnenNik6vEU2goEI-StZSBe8_FomSurESudBI=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3767
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:29:59 GMT
expires: Sun, 06 Nov 2022 06:47:42 GMT
cache-control: public, max-age=86400, no-transform
age: 1323
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/JjvqHjEulJg6nccPdkwGmjFWBUZdynZXiSyp7qgkCod56iBRrOWjqKviji-5SdtVG-vtJ8pHvH9M6ROfzp7K1ZHjNIDvQefqDIs=w16
142.250.74.33200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/JjvqHjEulJg6nccPdkwGmjFWBUZdynZXiSyp7qgkCod56iBRrOWjqKviji-5SdtVG-vtJ8pHvH9M6ROfzp7K1ZHjNIDvQefqDIs=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x20, components 3\012- data
Hash 25bc76a2e6dca33253ec0b69f871b885
d3b9698720de13cc73f6eb34ebe8546998fd6136
9c14e923780ada8b817933572fbc85794a6bff340dc915878c4b26992ca0775c
GET /JjvqHjEulJg6nccPdkwGmjFWBUZdynZXiSyp7qgkCod56iBRrOWjqKviji-5SdtVG-vtJ8pHvH9M6ROfzp7K1ZHjNIDvQefqDIs=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3759
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:29:59 GMT
expires: Sun, 06 Nov 2022 06:47:42 GMT
cache-control: public, max-age=86400, no-transform
age: 1323
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1484887/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1484887/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58483)
Hash d48410ef540e7675a6ed8976e8d3cac4
8ae93f4d27420ec85a8f1782cdb37f8b8b43a317
575e799d893353e61ec982266525d73b75a4d98c746c3d543863c5292f81a41d
GET /libtrc/unip/1484887/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z84W5rWIhzPrSW7gvaCqlaKiDrGy02tnSM3+NKENmYMpKzJ28PuBnjZ+zJH0qkHLdczZIKkfgP4=
x-amz-request-id: N3TA7E1XD48H0170
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 11:23:34 GMT
etag: "3768f0994acf15e29e2fb986a003dd85"
x-amz-version-id: Y4LksqUw_U5YrFG6gZGT_tDMQnKuD5m_
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
via: 1.1 varnish
age: 26
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669449122.242120,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 55
content-length: 17943
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780.jpg?mw=80&q=85
151.101.86.109200 OK 1.3 kB URL HTTP/2 i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 74c5294890686cdc359655ae8724f349
55be140180e664ab3af00a334357f8ee88f89222
ccd1df36434ca443eb8f1d66ce73e54a86e0cb1a3bab81bdba2afe0555b04641
GET /video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 74c5294890686cdc359655ae8724f349
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-9tdf
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
age: 179453
x-served-by: cache-dfw-kdfw8210122-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1254, 1
x-timer: S1669449122.266058,VS0,VE1
content-length: 1269
X-Firefox-Spdy: h2
lh3.googleusercontent.com/Nsq9pdE28j1wiZhThJfNbUUNOAKY9d0y21ez41ztAHt2x1R4zbrQHob1so0mdSykpb1caf_4vd-gf7t7RwtJzyJQq7rGDU2g2iw=w16
142.250.74.33200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/Nsq9pdE28j1wiZhThJfNbUUNOAKY9d0y21ez41ztAHt2x1R4zbrQHob1so0mdSykpb1caf_4vd-gf7t7RwtJzyJQq7rGDU2g2iw=w16
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x20, components 3\012- data
Hash c53093e3ae735deecb8de8e4ca835916
bd53ca0d1d0099032225d76ff069726868814e66
c0f958615bcf6c9351b2cb51b92ecf1e7c00c4fd7524d82a264af5c84ed4b8ba
GET /Nsq9pdE28j1wiZhThJfNbUUNOAKY9d0y21ez41ztAHt2x1R4zbrQHob1so0mdSykpb1caf_4vd-gf7t7RwtJzyJQq7rGDU2g2iw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3781
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:29:59 GMT
expires: Sun, 06 Nov 2022 06:47:42 GMT
cache-control: public, max-age=86400, no-transform
age: 1323
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ZKou5Px5dquVcJHbxpS7aXc1+u4Hl4KZ6aei5qiGVbLK+aqYgjnSMca48AEXCSfRonYEwJA0J3wEKG6CwUQNjw==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 26 Nov 2022 07:52:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w1268
142.250.74.33200 OK 23 kB URL HTTP/2 lh3.googleusercontent.com/-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w1268
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1268x713, components 3\012- data
Hash 9d4f5c8754f0a673d63d6ae0602ec0e5
1aab35880376b54d74f0759e9da24896483d5eb4
1e75e296e01aa8d8a3e8c0f4a5a1366e8abfa1d6cf613ecc2cf425339e6a7804
GET /-sihJWAzO8RelCwVYJLRddGxiIlwekR-OqkzBuM-larRorsG-qWvVGrWlodTPUofoMo6LDWRneS1j-oz3EEcxz0=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 22683
x-xss-protection: 0
date: Sat, 26 Nov 2022 07:51:35 GMT
expires: Sun, 27 Nov 2022 07:51:35 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 27
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1669449120932&cv=11&fst=1669449120932&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.130200 OK 922 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1669449120932&cv=11&fst=1669449120932&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1963), with no line terminators
Hash 83314b1b4cd1fbd0e85a27857b62ccf8
fa2ba493258e2f194a81659b12a7f87e0d9e35f2
d5c7949ac874e24154d32da77ceaec4df367db3c301b93a5771ee41481bfa3b5
GET /pagead/viewthroughconversion/645944073/?random=1669449120932&cv=11&fst=1669449120932&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 922
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 08:07:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10901425749/?random=1669449120907&cv=11&fst=1669449120907&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.130200 OK 924 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10901425749/?random=1669449120907&cv=11&fst=1669449120907&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1969), with no line terminators
Hash 735b772b3590d63d82e129d4e7e66a6c
d9efc66a25530af0086f0d9d6a2130a12ceb43e1
b71d2fc545079fd5a7390bd01fe04fb708d45934da3a2d3d3885a03c8326283c
GET /pagead/viewthroughconversion/10901425749/?random=1669449120907&cv=11&fst=1669449120907&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 924
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 08:07:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.130200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 08:07:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.130200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&fmt=3&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 08:07:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 407ca8387c360d434a53812c03688310
90e74fa4928adcf8ae410f2eea7956b6ae7f687b
5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5383
Cache-Control: max-age=168998
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Etag: "6381a1c1-1d7"
Expires: Mon, 28 Nov 2022 06:48:40 GMT
Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
age: 657283
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 65837
x-timer: S1669449122.366219,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05
151.101.86.109200 OK 197 kB URL HTTP/2 i.vimeocdn.com/video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Size 197 kB (197054 bytes)
Hash 1bee7bf9f85ce0bc4ffd349c074d2889
9372aba4ede8ac2498fea794eb7561df59c0ddb7
41acc0e2d090e7f3f5339857b0c1a5f32394d871a8171ba1bc12e88b847af624
GET /video/1260887703-aa9692fd8c0a154d4548b46d68ca62f63d644ce877d6e2d05 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 1bee7bf9f85ce0bc4ffd349c074d2889
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-86r8
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
age: 1612120
x-served-by: cache-dfw-kdfw8210053-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 78, 1
x-timer: S1669449122.382227,VS0,VE1
vary: Accept
content-length: 197054
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10901425749/?random=1669449120907&cv=11&fst=1669446000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2803933497&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10901425749/?random=1669449120907&cv=11&fst=1669446000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2803933497&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10901425749/?random=1669449120907&cv=11&fst=1669446000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2803933497&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/645944073/?random=1669449120932&cv=11&fst=1669446000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=934957740&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/645944073/?random=1669449120932&cv=11&fst=1669446000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=934957740&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/645944073/?random=1669449120932&cv=11&fst=1669446000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=934957740&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1669449120939&cv=11&fst=1669449120939&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=gfV9CJm_q4MDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slimcrystal.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/645944073/?random=1669449120946&cv=11&fst=1669449120946&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&label=lF0sCKvH8IMDEImmgbQC&hn=www.google.com&frm=0&url=https%3A%2F%2Fslimcrystal.com%2Fvsl&tiba=SLIMCRYSTAL%20-%20The%20World%27s%20Only%20Slimming%20Crystal%20Water%20Bottles!>m_ee=1&auid=1906588762.1669449121&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slimcrystal.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 07:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9
151.101.86.109200 OK 113 kB URL HTTP/2 i.vimeocdn.com/video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Size 113 kB (113158 bytes)
Hash 081b2ec8660f830e574494b6fa4af909
83d9c3ef2bdccfca820a4d85be6e6f4784e55292
514ed54eebebfdf03c1791df94b7f53a982007539933c7dbcc8fdbef48ffde84
GET /video/1303265071-9428a18cbbfc0c89ec512161928b5f5d82250de72f891bad9 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 081b2ec8660f830e574494b6fa4af909
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-98nk
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
age: 959856
x-served-by: cache-dfw-kdfw8210131-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 18, 1
x-timer: S1669449123.932992,VS0,VE1
vary: Accept
content-length: 113158
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=483679769569150&ev=Lead&dl=https%3A%2F%2Fslimcrystal.com%2Fvsl&rl=&if=false&ts=1669449122212&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669449122211.1611061026&it=1669449121712&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=483679769569150&ev=Lead&dl=https%3A%2F%2Fslimcrystal.com%2Fvsl&rl=&if=false&ts=1669449122212&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669449122211.1611061026&it=1669449121712&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=483679769569150&ev=Lead&dl=https%3A%2F%2Fslimcrystal.com%2Fvsl&rl=&if=false&ts=1669449122212&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669449122211.1611061026&it=1669449121712&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Nov 2022 07:52:03 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2ca92b7ac3f0aa932e2ffa2f6f5ad340
e563062af2e46ef1293f06bcab4877a083c90697
d8343562ff4385a3db115e28ff9a6ab19489cd4ac189916f68cda6d25f8ffa09
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2ca92b7ac3f0aa932e2ffa2f6f5ad340
e563062af2e46ef1293f06bcab4877a083c90697
d8343562ff4385a3db115e28ff9a6ab19489cd4ac189916f68cda6d25f8ffa09
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780
151.101.86.109200 OK 252 kB URL HTTP/2 i.vimeocdn.com/video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Size 252 kB (252480 bytes)
Hash 40772623d450175a0229045dd3b8d667
94fce2f1de3b74ea5265c994b0c60c340c645009
ded4a1927e88e6fa5b2d982adc4ac9e6b130b35ba1d53844f74014a701166e1b
GET /video/1260887176-3c5aea2aeda068992ea7b956bcd667b52f7d7ccd129bc0780 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 40772623d450175a0229045dd3b8d667
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-p62q
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:03 GMT
age: 2147344
x-served-by: cache-dfw-kdfw8210060-DFW, cache-bma1646-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 146, 1
x-timer: S1669449123.134116,VS0,VE1
vary: Accept
content-length: 252480
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Sat, 26 Nov 2022 07:52:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=69440308c4e8e40b4536b6ab8ff24dbe523db0d61669449121
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=69440308c4e8e40b4536b6ab8ff24dbe523db0d61669449121
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=69440308c4e8e40b4536b6ab8ff24dbe523db0d61669449121 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1422
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Sat, 26 Nov 2022 07:52:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 104 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (64471)
Size 104 kB (104269 bytes)
Hash d3e7c7dc80f09e8b9cd27b301c49e19f
94d8f9714f9c7dd44ceb05e05b250c416c638ca9
d6c2186fc89b8cf245a0aeeac822b549ac33fe6a7ecb2be802f24a516d29e28f
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 3673
x-timer: S1669449123.231088,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2ca92b7ac3f0aa932e2ffa2f6f5ad340
e563062af2e46ef1293f06bcab4877a083c90697
d8343562ff4385a3db115e28ff9a6ab19489cd4ac189916f68cda6d25f8ffa09
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 07:52:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/p/4.14.1/js/sentry.module.js
151.101.86.109200 OK 16 kB URL HTTP/2 f.vimeocdn.com/p/4.14.1/js/sentry.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (59742)
Hash 9ec0706d6b1b8ac5e654fcc4a391da53
33e93a4e906e60093f653f17a391dc21f87e07de
3ef236bbce869243d51f01a182da8e3736ea0a4feb4598becc568d0101f192f6
GET /p/4.14.1/js/sentry.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:03 GMT
age: 306810
x-served-by: cache-iad-kjyo7100034-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 44, 8932
x-timer: S1669449123.289437,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 16229
X-Firefox-Spdy: h2
bam.nr-data.net/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1872&ck=1&ref=https://player.vimeo.com/video/647253107&ap=1&be=703&fe=1754&dc=762&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669449120618,%22n%22:0,%22f%22:1,%22dn%22:7,%22dne%22:8,%22c%22:9,%22s%22:14,%22ce%22:57,%22rq%22:58,%22rp%22:466,%22rpe%22:469,%22dl%22:674,%22di%22:741,%22ds%22:761,%22de%22:762,%22dc%22:1753,%22l%22:1753,%22le%22:1755%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22environment%22:%22production%22,%22js_modules%22:true,%22version_js%22:%224.14.1%22,%22version_backend%22:%221.54.5%22,%22visibility_state%22:%22visible%22,%22vimeo_session%22:%22a24d35e47482154fa494769d0ddd6100965567931669449121%22,%22locale%22:%22en%22,%22product%22:%22vimeo-vod%22,%22video_embed_permission%22:%22public%22,%22video_privacy%22:%22disable%22,%22chromecast_test%22:1,%22chromecast_group%22:false,%22stats_fresnel_test%22:1,%22stats_fresnel_group%22:true,%22llhls_timeout_test%22:1,%22llhls_timeout_group%22:false,%22cmcd_test%22:1,%22cmcd_group%22:false%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1872&ck=1&ref=https://player.vimeo.com/video/647253107&ap=1&be=703&fe=1754&dc=762&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669449120618,%22n%22:0,%22f%22:1,%22dn%22:7,%22dne%22:8,%22c%22:9,%22s%22:14,%22ce%22:57,%22rq%22:58,%22rp%22:466,%22rpe%22:469,%22dl%22:674,%22di%22:741,%22ds%22:761,%22de%22:762,%22dc%22:1753,%22l%22:1753,%22le%22:1755%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22environment%22:%22production%22,%22js_modules%22:true,%22version_js%22:%224.14.1%22,%22version_backend%22:%221.54.5%22,%22visibility_state%22:%22visible%22,%22vimeo_session%22:%22a24d35e47482154fa494769d0ddd6100965567931669449121%22,%22locale%22:%22en%22,%22product%22:%22vimeo-vod%22,%22video_embed_permission%22:%22public%22,%22video_privacy%22:%22disable%22,%22chromecast_test%22:1,%22chromecast_group%22:false,%22stats_fresnel_test%22:1,%22stats_fresnel_group%22:true,%22llhls_timeout_test%22:1,%22llhls_timeout_group%22:false,%22cmcd_test%22:1,%22cmcd_group%22:false%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1872&ck=1&ref=https://player.vimeo.com/video/647253107&ap=1&be=703&fe=1754&dc=762&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669449120618,%22n%22:0,%22f%22:1,%22dn%22:7,%22dne%22:8,%22c%22:9,%22s%22:14,%22ce%22:57,%22rq%22:58,%22rp%22:466,%22rpe%22:469,%22dl%22:674,%22di%22:741,%22ds%22:761,%22de%22:762,%22dc%22:1753,%22l%22:1753,%22le%22:1755%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22environment%22:%22production%22,%22js_modules%22:true,%22version_js%22:%224.14.1%22,%22version_backend%22:%221.54.5%22,%22visibility_state%22:%22visible%22,%22vimeo_session%22:%22a24d35e47482154fa494769d0ddd6100965567931669449121%22,%22locale%22:%22en%22,%22product%22:%22vimeo-vod%22,%22video_embed_permission%22:%22public%22,%22video_privacy%22:%22disable%22,%22chromecast_test%22:1,%22chromecast_group%22:false,%22stats_fresnel_test%22:1,%22stats_fresnel_group%22:true,%22llhls_timeout_test%22:1,%22llhls_timeout_group%22:false,%22cmcd_test%22:1,%22cmcd_group%22:false%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 07:52:03 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77010adce9330b55-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=d04ede5e049def40; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 06932bf119331cbef0dfc2bf6ed702fb
c2e5a966bf0828551e3fe2a85893cf7193851f07
230877a43a8caad697d6c753f16fa4535c44606eecc0a34a8fa52651bca8158d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 07:52:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 20:08:04 GMT
Expires: Sat, 26 Nov 2022 20:08:04 GMT
ETag: "c2e5a966bf0828551e3fe2a85893cf7193851f07"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
analytics-ingress-global.bitmovin.com/licensing
35.190.27.197200 OK 117 B URL HTTP/2 analytics-ingress-global.bitmovin.com/licensing
IP 35.190.27.197:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 102
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: v1.54.0
date: Sat, 26 Nov 2022 07:52:03 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/awesome-log?cid=J51TWYBN
107.178.211.97200 OK 43 B URL HTTP/2 stats.vidalytics.com/awesome-log?cid=J51TWYBN
IP 107.178.211.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=J51TWYBN HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "J51TWYBN/ET2UuX7Sc6bui3gU"
date: Sat, 26 Nov 2022 07:52:04 GMT
x-envoy-upstream-service-time: 13
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/licensing
35.190.27.197200 OK 117 B URL HTTP/2 analytics-ingress-global.bitmovin.com/licensing
IP 35.190.27.197:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 102
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: v1.54.0
date: Sat, 26 Nov 2022 07:52:04 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/awesome-log?cid=J51TWYBN
107.178.211.97304 Not Modified 0 B URL HTTP/2 stats.vidalytics.com/awesome-log?cid=J51TWYBN
IP 107.178.211.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /awesome-log?cid=J51TWYBN HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "J51TWYBN/ET2UuX7Sc6bui3gU"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
etag: "J51TWYBN/ET2UuX7Sc6bui3gU"
date: Sat, 26 Nov 2022 07:52:04 GMT
x-envoy-upstream-service-time: 13
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1247
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.54.0
date: Sat, 26 Nov 2022 07:52:03 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1241
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.54.0
date: Sat, 26 Nov 2022 07:52:04 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,0,191,193,351,202,1025,1077,2899,2900
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,0,191,193,351,202,1025,1077,2899,2900
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,0,191,193,351,202,1025,1077,2899,2900 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
Server: Stargate
x-request-id: 05c9vamgeflqa6j8borg
Date: Sat, 26 Nov 2022 07:52:04 GMT
X-Forwarded-For: 91.90.42.154
licensing.bitmovin.com/licensing
35.227.229.24200 OK 165 B URL HTTP/2 licensing.bitmovin.com/licensing
IP 35.227.229.24:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Sat, 26 Nov 2022 07:52:04 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
licensing.bitmovin.com/licensing
35.227.229.24200 OK 165 B URL HTTP/2 licensing.bitmovin.com/licensing
IP 35.227.229.24:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Sat, 26 Nov 2022 07:52:04 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 06932bf119331cbef0dfc2bf6ed702fb
c2e5a966bf0828551e3fe2a85893cf7193851f07
230877a43a8caad697d6c753f16fa4535c44606eecc0a34a8fa52651bca8158d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 07:52:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 20:08:04 GMT
Expires: Sat, 26 Nov 2022 20:08:04 GMT
ETag: "c2e5a966bf0828551e3fe2a85893cf7193851f07"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
trc-events.taboola.com/1484887/log/3/unip?en=pre_d_eng_tb&tos=3350&scd=42&ssd=1&est=1669449121692&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669449125045&vi=1669449121691&ri=c3fcec8854f9dd2e601d678572f95ae4&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fslimcrystal.com%2Fvsl
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484887/log/3/unip?en=pre_d_eng_tb&tos=3350&scd=42&ssd=1&est=1669449121692&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669449125045&vi=1669449121691&ri=c3fcec8854f9dd2e601d678572f95ae4&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fslimcrystal.com%2Fvsl
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484887/log/3/unip?en=pre_d_eng_tb&tos=3350&scd=42&ssd=1&est=1669449121692&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669449125045&vi=1669449121691&ri=c3fcec8854f9dd2e601d678572f95ae4&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fslimcrystal.com%2Fvsl HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 07:52:05 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://slimcrystal.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=8WzvCKghHMrj9sfWE8JvNS&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=170,48,1,466
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=8WzvCKghHMrj9sfWE8JvNS&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=170,48,1,466
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=8WzvCKghHMrj9sfWE8JvNS&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=170,48,1,466 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
access-control-allow-origin: https://slimcrystal.com
Date: Sat, 26 Nov 2022 07:52:07 GMT
x-request-id: 05c9vbdcqn01kocvdrgg
Server: Stargate
X-Forwarded-For: 91.90.42.154
trc.taboola.com/1484887/trc/3/json?tim=1669449121699&data=%7B%22id%22%3A376%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669449121691%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpinha-cbslimcrystal%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669449121698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A42%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1484887/trc/3/json?tim=1669449121699&data=%7B%22id%22%3A376%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669449121691%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpinha-cbslimcrystal%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669449121698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A42%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1484887/trc/3/json?tim=1669449121699&data=%7B%22id%22%3A376%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669449121691%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpinha-cbslimcrystal%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669449121698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fslimcrystal.com%2Fvsl%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A42%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 07:52:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669449123.534548,VS0,VE99
vary: Accept-Encoding
x-vcl-time-ms: 99
X-Firefox-Spdy: h2
www.eurekafitlifemedia.com/FNX4R/FGXLG1/?uid=133&source_id=SLCry&sub2=Fteam
104.21.94.108302 Found 0 B URL HTTP/2 www.eurekafitlifemedia.com/FNX4R/FGXLG1/?uid=133&source_id=SLCry&sub2=Fteam
IP 104.21.94.108:0
GET /FNX4R/FGXLG1/?uid=133&source_id=SLCry&sub2=Fteam HTTP/1.1
Host: www.eurekafitlifemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 26 Nov 2022 07:51:59 GMT
content-type: text/html; charset=utf-8
location: https://hop.clickbank.net/?affiliate=infusionh&vendor=slimcrysta&op=vsl&tid=e42e3f6e29954d979a501a3b3db1d458
set-cookie: uniqueClick_FGXLG1=4bf8d4d5-6b46-4c63-bacb-e94e763f8738:1669449119; Path=/; Expires=Sun, 27 Nov 2022 07:51:59 GMT; SameSite=None
transaction_id=e42e3f6e29954d979a501a3b3db1d458; Path=/; Expires=Fri, 24 Feb 2023 07:51:59 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 2782149b-9363-4ad6-b082-c5e53132b9e3
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PeV1XArTakv2SlDgxm8a8TncwNfzzX6unaLqL5ibzZxUyd92L%2BagXcbSsLk%2FRMl4ygxjjwHAtpaHMnn1nhHsnJGtQ7j4OWctmvbYAxXbS706o5GoXnK1SDpD9a%2FcP4CCsW%2FzANULxnsLhmXPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77010ac26e13b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
slimcrystal.com/?hop=infusionh&op=vsl
172.67.175.34302 Found 0 B URL HTTP/2 slimcrystal.com/?hop=infusionh&op=vsl
IP 172.67.175.34:0
GET /?hop=infusionh&op=vsl HTTP/1.1
Host: slimcrystal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 26 Nov 2022 07:52:00 GMT
content-type: text/html; charset=UTF-8
location: vsl
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Sat, 26 Nov 2022 07:52:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyRsYDH26wwPPI6G7j7%2B%2BnsujYaEY5y7gEYDZLsUMOzwIMrpdvGpYoOT4nVgDt9qthin%2FzkzHMHNeR9rg%2Fy1aBW6AWqTNJllwptY80bjGMob9GWFDwDvCQ5n7YdkCGoLHW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77010ac87f58b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
slimcrystal.com/vsl
172.67.175.34200 OK 0 B IP 172.67.175.34:0
GET /vsl HTTP/1.1
Host: slimcrystal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:00 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
expires: Sat, 26 Nov 2022 07:52:00 GMT
last-modified: Sat, 26 Nov 2022 04:50:27 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aStFKpd4jpT%2FL7wKHE%2BSAzpp4wFko3R4WU%2FNofCVE98Xw0FJOyf7svZ4347fIk7Ph0BionlVUkdpIqVRkBg4RplZ4e6tFKpRIdzpQS37JXC7%2FcxHtjBnp6hOIkD9qbGsDo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77010acac9a7b4ee-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:300,400,500,700|Roboto:300,400,500,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,500,700|Roboto:300,400,500,700
IP 142.250.74.10:0
GET /css?family=Lato:300,400,500,700|Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 07:52:00 GMT
date: Sat, 26 Nov 2022 07:52:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/loader.min.js
151.139.128.10200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/Edo8pIoz2E0zOOkv/loader.min.js
IP 151.139.128.10:0
GET /embeds/J51TWYBN/Edo8pIoz2E0zOOkv/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:01 GMT
cache-control: no-store, private, max-age=0, s-max-age=0
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 11:11:12 GMT
x-guploader-uploadid: ADPycdu3JCvi8wEE5pmDi-9Ayzl2puwo_xTK7Paq9XOExlSeWb7kbbaZMwLwvx9Kw8B0E1fWbBYeIy7crIds_bnv1XlFQyvOETxY
expires: Sat, 26 Nov 2022 07:52:01 GMT
etag: "31de3b8f73aa7619534bd0b9aeaadb92"
x-goog-generation: 1665141072613189
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10161
x-goog-hash: crc32c=Yqcu8w==, md5=Md47j3OqdhlTS9C5rqrbkg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-cdn-info: loader
x-cdn: 4
content-encoding: gzip
x-hw: 1669449121.cds226.sk1.hn,1669449121.cds226.sk1.hc,1669449121.cds001.sk1.sc,1669449121.cds001.sk1.p,1669449121.cds226.sk1.sl
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/injectable.js
143.204.55.88200 OK 0 B URL HTTP/2 prod.cbstatic.net/dist/injectable.js
IP 143.204.55.88:0
GET /dist/injectable.js HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 07:51:35 GMT
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5-fgqykBlO7e3UQh9flG6HP8Q43PLH4x2zSGW6byg1ZiGkLFLrpyQQ==
age: 27
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=7650&token=7fea23d8dd71c3b45c9df27ce0f56342
172.66.40.143200 OK 0 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=7650&token=7fea23d8dd71c3b45c9df27ce0f56342
IP 172.66.40.143:0
GET /conversion/iframe/?a=7650&token=7fea23d8dd71c3b45c9df27ce0f56342 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 26 Nov 2022 08:52:01 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77010ad2b96b0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.ssmbtrk.com/scripts/sdk/everflow.js
35.227.247.224200 OK 0 B URL HTTP/2 www.ssmbtrk.com/scripts/sdk/everflow.js
IP 35.227.247.224:0
Analyzer Verdict Alert quad9 Sinkholed
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.ssmbtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 07:52:00 GMT
content-type: text/javascript
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: 57a85d17-63cb-45ce-b3d9-83feb579b2c1
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/player-dash-mse.min.js?hash=wwhwcr
151.139.128.10200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/player-dash-mse.min.js?hash=wwhwcr
IP 151.139.128.10:0
GET /embeds/J51TWYBN/vlE5cBmfKA6NJAb7/player-dash-mse.min.js?hash=wwhwcr HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://slimcrystal.com
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:02 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 11:11:16 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
etag: "366c54ead87741762e905031a4bb4d3d"
server: UploadServer
x-guploader-uploadid: ADPycdsthSjWsvL4syeQDj7bYF7wnM_UaPJ-d0N_FOMQua3li4gWDOrPyNDQwV07yHTKoFRI8j6iP0QOd3wydQ9xj-gQA7GSQxM1
x-goog-generation: 1665141076611038
x-goog-hash: crc32c=ijYIxA==, md5=NmxU6th3QXYukFAxpLtNPQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 502471
x-cdn: 4
content-encoding: gzip
x-hw: 1669449122.cds226.sk1.hn,1669449122.cds226.sk1.hc,1669449122.cds235.sk1.c,1669449122.cds226.sk1.sl
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/loader.min.js
151.139.128.10200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/J51TWYBN/vlE5cBmfKA6NJAb7/loader.min.js
IP 151.139.128.10:0
GET /embeds/J51TWYBN/vlE5cBmfKA6NJAb7/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slimcrystal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 07:52:01 GMT
cache-control: no-store, private, max-age=0, s-max-age=0
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 11:11:16 GMT
x-guploader-uploadid: ADPycdu-sFZZc2NbiyUwsdYYsDSfsFFcrEXrS1g74c7T9bdJ5qUCz-z7gYVG6NOv7piaC8ktmEoOGD8-tCKfG2GcMytYW6sHy90n
expires: Sat, 26 Nov 2022 07:52:01 GMT
etag: "c83bbe9719dee3371b61ec7b170bebbb"
x-goog-generation: 1665141076256898
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10158
x-goog-hash: crc32c=EoVvDw==, md5=yDu+lxne4zcbYex7Fwvruw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-cdn-info: loader
x-cdn: 4
content-encoding: gzip
x-hw: 1669449121.cds226.sk1.hn,1669449121.cds226.sk1.hc,1669449121.cds236.sk1.sc,1669449121.cds236.sk1.p,1669449121.cds226.sk1.sl
X-Firefox-Spdy: h2