| store.wulantilaar.com/cache/public/jGWruk52vyv0lLO5nSJ2tMF5Vau5r8/Z21hbmxleUBudXRyYWJvbHQuY29t | 178.32.67.58 | | 0 B |
URL store.wulantilaar.com/cache/public/jGWruk52vyv0lLO5nSJ2tMF5Vau5r8/Z21hbmxleUBudXRyYWJvbHQuY29t IP178.32.67.58:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /cache/public/jGWruk52vyv0lLO5nSJ2tMF5Vau5r8/Z21hbmxleUBudXRyYWJvbHQuY29t HTTP/1.1
Host: store.wulantilaar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/8.1.26
refresh: 0;url=https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 24 Apr 2024 05:09:38 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html | 104.18.2.35 | | 2.9 kB |
URL pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html IP104.18.2.35:0
File typeHTML document, ASCII text, with very long lines (696) Hash6b3f94f2aee2fdf9246b0b2f97d5ae7d ae8a4f472f3eda0054146d49b4fa862ce8f5c1c2 c4cb895d91a71c309cfaffb68299603c4d9950ff8999948a616fefdabdc7c4c7
GET /XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html HTTP/1.1
Host: pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 05:09:38 GMT
Content-Type: text/html
Content-Length: 2875
Connection: keep-alive
Accept-Ranges: bytes
ETag: "6b3f94f2aee2fdf9246b0b2f97d5ae7d"
Last-Modified: Tue, 23 Apr 2024 18:03:24 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879395136a341bfe-OSL
|
|
| cdn.socket.io/4.6.0/socket.io.min.js | 143.204.55.40 | 200 OK | 41 kB |
URL GET HTTP/2cdn.socket.io/4.6.0/socket.io.min.js IP143.204.55.40:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerAmazon Subjectcdn.socket.io FingerprintBB:7D:4E:26:70:F6:06:2A:12:E9:92:A8:F1:9F:CD:82:0B:BF:48:ED ValiditySun, 22 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash4082d51d32eeaada9f3e88829d6bab93 b186a955934b3ac3e00f7754c8fd5b94b3090189 98c90b3c3a7e268f71a81f10d83cf3504bcff2b59d9c98e71f147d2bef0f60d7
GET /4.6.0/socket.io.min.js HTTP/1.1
Host: cdn.socket.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="socket.io.min.js"
content-encoding: gzip
date: Mon, 15 Jan 2024 16:33:26 GMT
etag: W/"80f5b8c6a9eeac15de93e5a112036a06"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::gsg9m-1705336406533-adf1f7d78a76
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jVG6qkfzfNcaCjugQS_WWaEj2SEBv-qB7Gt0qHpClm8zWTbkf-qpvA==
age: 8598972
X-Firefox-Spdy: h2
|
|
| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | 200 OK | 5.3 kB |
URL GET HTTP/2www.w3schools.com/w3css/4/w3.css IP192.229.133.221:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerDigiCert Inc Subject*.w3schools.com Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 9608
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Wed, 24 Apr 2024 05:09:39 GMT
etag: "0d6fc18b794da1:0+gzip"
last-modified: Mon, 22 Apr 2024 13:15:08 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg | 152.199.23.37 | 200 OK | 790 B |
URL GET HTTP/2aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg IP152.199.23.37:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf7ab697e65b83ce9870a4736085deeec 5ff40bff26b523fbbeaa5228a2aac63e44afaa90 cbb3706e65b35a43bdcfebd23b5479dc0542ca7e23197869b683d12b524472fe
GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2602174
cache-control: public, max-age=31536000
content-md5: 1jQlecEJaGhFO2st5KXLhg==
content-type: image/svg+xml
date: Wed, 24 Apr 2024 05:09:39 GMT
etag: 0x8DB5C3F4AC59B47
last-modified: Wed, 24 May 2023 10:11:51 GMT
server: ECAcc (ska/F6A9)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 2a281429-101e-0042-725a-7edf33000000
x-ms-version: 2009-09-19
content-length: 790
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg | 13.107.213.53 | 200 OK | 1.4 kB |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashee5c8d9fb6248c938fd0dc19370e90bd d01a22720918b781338b5bbf9202b241a5f99ee4 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:39 GMT
content-type: image/svg+xml
content-length: 1435
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4911527F
x-ms-request-id: 4a5dd113-701e-0069-067d-92d4af000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050939Z-16c4f695cc5v5x9nmaqn6db60g0000000710000000001ewc
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg | 13.107.213.53 | 200 OK | 673 B |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashbc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:39 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 24 May 2023 10:11:46 GMT
etag: 0x8DB5C3F47E260FD
x-ms-request-id: 9cd21688-601e-0034-397d-926887000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050939Z-16c4f695cc5v5x9nmaqn6db60g0000000710000000001ewd
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg | 13.107.213.53 | 200 OK | 199 B |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash27a6d18b56f46818420e60a773c36d4e 346ec247500fddc51cc1d85b8f4b9a343f7a48d3 8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904
GET /shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:39 GMT
content-type: image/svg+xml
content-length: 199
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 24 May 2023 10:11:49 GMT
etag: 0x8DB5C3F49C21D98
x-ms-request-id: e356ed44-201e-0064-577d-920bb4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050939Z-16c4f695cc5v5x9nmaqn6db60g0000000710000000001ewe
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg | 13.107.213.53 | 200 OK | 276 B |
URL GET HTTP/2logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint15:1B:3E:26:F4:4A:EE:1C:C2:40:74:BB:BD:AE:20:E4:35:B0:40:40 ValidityWed, 17 Jan 2024 06:03:21 GMT - Sat, 11 Jan 2025 06:03:21 GMT
File typeSVG Scalable Vector Graphics image Hasha9cc2824ef3517b6c4160dcf8ff7d410 8db9aebad84ca6e4225bfdd2458ff3821cc4f064 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:39 GMT
content-type: image/svg+xml
content-length: 276
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 22 Jan 2020 00:38:00 GMT
etag: 0x8D79ED35591CF44
x-ms-request-id: d42dd95b-201e-0074-14bf-94bb96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050939Z-16c4f695cc5knjs61a45dkge5000000006dg000000004y8c
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg | 13.107.213.53 | 200 OK | 2.4 kB |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb59c16ca9bf156438a8a96d45e33db64 4e51b7d3477414b220f688adabd76d3ae6472ee3 a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:39 GMT
content-type: image/svg+xml
content-length: 2407
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 24 May 2023 10:11:49 GMT
etag: 0x8DB5C3F499A9B99
x-ms-request-id: af0ae6e7-901e-000f-527d-926c81000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050939Z-16c4f695cc5v5x9nmaqn6db60g0000000710000000001ewf
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.131 | 200 OK | 2.2 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.131:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:35:26 GMT
expires: Thu, 25 Apr 2024 17:35:26 GMT
cache-control: public, max-age=604800
age: 473654
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeHD | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeHD IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /socket.io/?EIO=4&transport=polling&t=OyEWeHD HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth_uid,session_email
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 05:09:45 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: auth_uid,session_email
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDyG9GJzZoQQyw9kMpCjkWtTOjo5n1oPNgnllLLEPNe4mkUlrSao2XkaAufG5d6%2FKK0t28ATa%2FJw7mE0OV2ufIbByiJNLLObQKRfTq2mVbEsHBNkACTakOUvHdMbeGp5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87939540a8615685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeJm | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeJm IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /socket.io/?EIO=4&transport=polling&t=OyEWeJm HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth_uid,session_email
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 05:09:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: auth_uid,session_email
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPtu02sjhg3Na4tC5iibRhH2jG8W1XjxkH4K8iarKkYVyEBUu5qGHtaU45kOmPsuZr3%2FnhUHWhYC%2BPspMTZnu%2Fxrbv17jt8Dmc0jRM4T9yqVl3eQdm5N%2B4sT9WnD5jNO2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793954189015685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOD&sid=A--jwdWakXxRzlQDABjS | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOD&sid=A--jwdWakXxRzlQDABjS IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /socket.io/?EIO=4&transport=polling&t=OyEWeOD&sid=A--jwdWakXxRzlQDABjS HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: auth_uid,session_email
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 05:09:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: auth_uid,session_email
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koo7yn%2FR0K5ZxX6xilzPga3tgSgIdzbxmGc9UB6%2BEV38oSjb82xslGx9RA03q8emWhQNWzZs4LzIrMyv6tfLWQ80vlJIt9s%2BxGHfyLOBD48ZBso6mFB4EYXLll0vO2mR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395435a295685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOG&sid=A--jwdWakXxRzlQDABjS | 188.114.96.1 | 204 No Content | 0 B |
URL OPTIONS HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOG&sid=A--jwdWakXxRzlQDABjS IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /socket.io/?EIO=4&transport=polling&t=OyEWeOG&sid=A--jwdWakXxRzlQDABjS HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth_uid,session_email
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 05:09:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: auth_uid,session_email
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TuSwaiHrZBpYiyqsERDw8XvUmMk1MfiP4L5sb9muB21TKLJjG%2FPQNAlxodTD%2Bq3VgnU%2F8wnkSzXjhrGpGxaOWf4J3TCrZ8NfjpV7Ix%2F15Ze1CSMxYOmA2Mv9vWmn9tO60Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395436a2d5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=websocket&sid=A--jwdWakXxRzlQDABjS | 188.114.96.1 | | 0 B |
URL twomancake.com/socket.io/?EIO=4&transport=websocket&sid=A--jwdWakXxRzlQDABjS IP188.114.96.1:0
CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=A--jwdWakXxRzlQDABjS HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ans52oQYW9zNOVD3CSMmYg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 05:09:46 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A2pxt7Vv3iN3dssK6YoeD8hDVdA=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3gJ5FIxj91JdHiioJgLAQoeKeiU1YmzVqDPAbBLR4tn4Bd0W5xjs%2BR628nR%2FEjVjnxoq7nRpVy6jumOJiYx38I9fBlGN9ynEvrm0xI%2FsuWYBy%2FChGx3IsK5R819dUMX0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87939543ac555695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeJm | 188.114.96.1 | 200 OK | 108 B |
URL GET HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeJm IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
File typeASCII text, with no line terminators Hashab961b9996fcfc40ef77365013388684 fe2f2e92c9e289a3bfd3ddfccc30421a54166be0 42edb2374c001c7bff3b05e26528d7891cc4dba75cecced5ac0e8c9c13b2e9b4
GET /socket.io/?EIO=4&transport=polling&t=OyEWeJm HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Auth_UID: USER24032024UNIQUE0354032432202420240324540332
Session_Email: gmanley@nutrabolt.com
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:09:46 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlfFFQE0xx49KnqPRKxqNPXMi6oe1ijs0McPGNFGTYZLYEs5WbYnEV1%2B09Qenqqo8oMDe5gjALraDGQOLh62ysOkbI831vsQGPLIau5bok0q%2F0lN%2FI4foKaOgGeHYykcaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395435a255685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQx&sid=g4FwoXV_6hm6f50RABjT | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQx&sid=g4FwoXV_6hm6f50RABjT IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /socket.io/?EIO=4&transport=polling&t=OyEWeQx&sid=g4FwoXV_6hm6f50RABjT HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth_uid,session_email
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 05:09:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: auth_uid,session_email
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OGb5j%2FhZSaDRoXTlX4SpwzGjL8lj4TJA6gFkWvoXRQ2GAPpVLkIdJC9CPKaquWCW5v73l7jlxJPyBnhZAb%2Ffc%2Fx376W1mDyCD%2Ba6cl9J7HP4ir9IvdXCgY4m3KVt3unBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395446ac75685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOG&sid=A--jwdWakXxRzlQDABjS | 188.114.96.1 | 204 No Content | 1 B |
URL OPTIONS HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOG&sid=A--jwdWakXxRzlQDABjS IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
File typevery short file (no magic) Hash1679091c5a880faf6fb5e6087eb1b2dc c1dfd96eea8cc2b62785275bca38ac261256e278 e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
GET /socket.io/?EIO=4&transport=polling&t=OyEWeOG&sid=A--jwdWakXxRzlQDABjS HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Auth_UID: USER24032024UNIQUE0354032432202420240324540332
Session_Email: gmanley@nutrabolt.com
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:09:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjMuOrSLs0U%2BXvXCj7eF8mafj2%2BKf7n02zR1rxgGc6J6IKR1gA09AX96Fh3j9F4S5ISPDglp2k7jU1AcTnO0jjug03TEXpi646xIqUfUBX%2Bg%2BjI2StJ10Ya3MgVeziI0FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395451b4f5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=websocket&sid=g4FwoXV_6hm6f50RABjT | 188.114.97.1 | | 0 B |
URL twomancake.com/socket.io/?EIO=4&transport=websocket&sid=g4FwoXV_6hm6f50RABjT IP188.114.97.1:0
CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=g4FwoXV_6hm6f50RABjT HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a4LZCDrzjt3LDa9m8s3gWQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 05:09:46 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VyevsWCuh/mjIZB46FnKhEG+vgU=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Z5TjoKLcckmm3qmKqiGYPpyu4FWI6ZK5ebPS2S3%2BDUg8umhLBjngo2JKzT%2BIjZUVXoVP6%2F%2F0XxvhCOoZ1gvshUEb6WK5ta4O1D3XEHi8gZmp7unyZ2ttRlG8sIOzfLrxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87939545892d5690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQx&sid=g4FwoXV_6hm6f50RABjT | 188.114.96.1 | 200 OK | 1 B |
URL GET HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQx&sid=g4FwoXV_6hm6f50RABjT IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
File typevery short file (no magic) Hash1679091c5a880faf6fb5e6087eb1b2dc c1dfd96eea8cc2b62785275bca38ac261256e278 e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
GET /socket.io/?EIO=4&transport=polling&t=OyEWeQx&sid=g4FwoXV_6hm6f50RABjT HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Auth_UID: USER24032024UNIQUE0354032432202420240324540332
Session_Email: gmanley@nutrabolt.com
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:09:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dtVnXDnwLM%2BKyD%2FuzLrnfGxm%2F7xAKXfSwl4JaPsKtnSeiRH7S8KlSo1c4qrkEdn5mdBLklhXRBKIqSFsND5Y2fVcI%2BqZMGkyU%2FLvpApb1M1dLjSQL4BmBZgOkMw%2B7lCpEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395462c295685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeHD | 188.114.96.1 | 200 OK | 5.7 kB |
URL GET HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeHD IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
File typeASCII text, with no line terminators Hash95564c40c793f3ef720d0a6a59580071 31c61d7552182daee8110622cba8344e81ca0d33 9b78eafd4175c79f9cc49464d733557230daa51b9ca57d24b2da565ef733a1a5
GET /socket.io/?EIO=4&transport=polling&t=OyEWeHD HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Auth_UID: USER24032024UNIQUE0354032432202420240324540332
Session_Email: gmanley@nutrabolt.com
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:09:46 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b0wcnKDv%2BO1bkw8g03rGmRv3daFYeV2bugWUapYCW%2BHQwDfy0aB3NVB%2FZ7dOWpacSQPe8rGkRoVj%2F3FNYvt25%2BScELmiTyq5SV5Zn1lITmVM1zSksyCG1TJRMtri9C3gRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793954269815685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aadcdn.msftauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/bannerlogo?ts=637874577486802283 | 13.107.213.53 | 200 OK | 5.8 kB |
URL GET HTTP/2aadcdn.msftauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/bannerlogo?ts=637874577486802283 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT
File typePNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced Hash63390043f1446f7c8a43020e5a26a1e8 778f3cb7f430f2bf6ef066d9bbc2a631a16384ae d99d7b2aa36b8a7d6a48ce320b7fd70ddfb2ec4be8e46c917780c0beb5325b65
GET /dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/bannerlogo?ts=637874577486802283 HTTP/1.1
Host: aadcdn.msftauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:52 GMT
content-type: image/*
content-length: 5796
cache-control: public, max-age=86400
last-modified: Fri, 06 May 2022 18:15:49 GMT
etag: 0x8DA2F8C72AD9B42
x-ms-request-id: ca0cdd56-301e-0011-55ae-959de7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050952Z-16c4f695cc5ft4zlnxfvtduaen00000006tg000000000974
x-fd-int-roxy-purgeid: 50755578
x-cache: TCP_HIT
x-cache-info: L1_T2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOD&sid=A--jwdWakXxRzlQDABjS | 188.114.96.1 | 200 OK | 296 kB |
URL POST HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeOD&sid=A--jwdWakXxRzlQDABjS IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
File typeASCII text, with no line terminators Size296 kB (295455 bytes) Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /socket.io/?EIO=4&transport=polling&t=OyEWeOD&sid=A--jwdWakXxRzlQDABjS HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Auth_UID: USER24032024UNIQUE0354032432202420240324540332
Session_Email: gmanley@nutrabolt.com
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:09:46 GMT
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmkTe1bLXXSQ6zqkX07fjyOZ14%2BLnJTkgbl21zjiqd7Z%2FT6bm1dW%2BVYz%2BqXRntIDyC6lknatQXG1apgyJ2qv7iu%2BiJmm4Ry8mGFER3jvTcICNyMfWx2KIhQEMw8pGukwVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395443a985685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aadcdn.msauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/illustration?ts=636761849936325480 | 152.199.21.175 | 200 OK | 295 kB |
URL GET HTTP/2aadcdn.msauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/illustration?ts=636761849936325480 IP152.199.21.175:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1745x1055, components 3 Size295 kB (295449 bytes) Hash20c6ce601801af86a062c2175b078170 6c45cef941443c74ab3a2ceaa20fa64e501586c6 4cf4b7a9003b2acb813685a8ee306cd4898dd43c93e3e0e7a50f83b43c991d6c
GET /dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/illustration?ts=636761849936325480 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
content-md5: IMbOYBgBr4agYsIXWweBcA==
content-type: image/*
date: Wed, 24 Apr 2024 05:09:52 GMT
etag: 0x8D63B8760813F21
last-modified: Fri, 26 Oct 2018 21:09:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c71c2829-501e-0001-0805-961c3e000000
x-ms-version: 2009-09-19
content-length: 295449
X-Firefox-Spdy: h2
|
|
| pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html | 104.18.2.35 | 200 OK | 2.9 kB |
URL User Request GET HTTP/1.1pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with very long lines (2946), with no line terminators Hashf402060fdd904ca4398f09dbe7e85b33 65a6738be48b8f0be7623f88df7c77e3bc5dd40c 996807760dd5b7ead09d5cbb83ccffbcb83a063a9d5daf0b7ad545978cfbe1b7
GET /XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html HTTP/1.1
Host: pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 05:09:38 GMT
Content-Type: text/html
Content-Length: 2875
Connection: keep-alive
Accept-Ranges: bytes
ETag: "6b3f94f2aee2fdf9246b0b2f97d5ae7d"
Last-Modified: Tue, 23 Apr 2024 18:03:24 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879395136a341bfe-OSL
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQu&sid=g4FwoXV_6hm6f50RABjT | 188.114.96.1 | 204 No Content | 0 B |
URL OPTIONS HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQu&sid=g4FwoXV_6hm6f50RABjT IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /socket.io/?EIO=4&transport=polling&t=OyEWeQu&sid=g4FwoXV_6hm6f50RABjT HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: auth_uid,session_email
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 05:09:46 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: auth_uid,session_email
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rS8Cqe2JmA9CGkfwzMogmXEeXjnmDhltX9kvk%2BlLL0sDDeechR54a90ziJkhIObPSNtFl2JitHIqhoJi%2BFO8XcXXNZZMR8Xd1LiycLWdMzeXQOSO8gvD7NciU0RHkfZ63w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395446abf5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=websocket&sid=g4FwoXV_6hm6f50RABjT | 188.114.97.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1twomancake.com/socket.io/?EIO=4&transport=websocket&sid=g4FwoXV_6hm6f50RABjT IP188.114.97.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=g4FwoXV_6hm6f50RABjT HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a4LZCDrzjt3LDa9m8s3gWQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 05:09:46 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VyevsWCuh/mjIZB46FnKhEG+vgU=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Z5TjoKLcckmm3qmKqiGYPpyu4FWI6ZK5ebPS2S3%2BDUg8umhLBjngo2JKzT%2BIjZUVXoVP6%2F%2F0XxvhCOoZ1gvshUEb6WK5ta4O1D3XEHi8gZmp7unyZ2ttRlG8sIOzfLrxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87939545892d5690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQu&sid=g4FwoXV_6hm6f50RABjT | 188.114.96.1 | 200 OK | 2 B |
URL POST HTTP/3twomancake.com/socket.io/?EIO=4&transport=polling&t=OyEWeQu&sid=g4FwoXV_6hm6f50RABjT IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /socket.io/?EIO=4&transport=polling&t=OyEWeQu&sid=g4FwoXV_6hm6f50RABjT HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Auth_UID: USER24032024UNIQUE0354032432202420240324540332
Session_Email: gmanley@nutrabolt.com
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:09:46 GMT
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpUnSQllKrGWCWGNxNk1lK8fmHLaXmdGYwIh4S%2BV5iZswlt28iTkTJK%2FTLMXxVLmi3Fkhnm5%2FvFiruWH9kab3TgBEjETD3NA2pwf14JyKrae061mIfs40vkC%2BcWulzm%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879395459b915685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| twomancake.com/jsnom.js | 188.114.96.1 | 200 OK | 202 kB |
IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Size202 kB (202322 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jsnom.js HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:39 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Tue, 02 Apr 2024 06:43:58 GMT
etag: W/"31652-18e9d8cde06"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JS8kDAmIP9RbWR01ds2JlLsRyWpc98Ej0%2BRr9EpSsEm0v8o42tBX7ve4j4DoNhCfcb%2Bpn0OdZvPRo4fNPRmK2xUBuB24dFv8gDxUFvIox0QCjX2JqNAXn6Ii86UYhNU66A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87939515bceeb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/illustration?ts=636761849936325480 | 13.107.213.53 | 200 OK | 295 kB |
URL GET HTTP/2aadcdn.msftauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/illustration?ts=636761849936325480 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1745x1055, components 3 Size295 kB (295449 bytes) Hash20c6ce601801af86a062c2175b078170 6c45cef941443c74ab3a2ceaa20fa64e501586c6 4cf4b7a9003b2acb813685a8ee306cd4898dd43c93e3e0e7a50f83b43c991d6c
GET /dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/illustration?ts=636761849936325480 HTTP/1.1
Host: aadcdn.msftauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:09:52 GMT
content-type: image/*
content-length: 295449
cache-control: public, max-age=86400
last-modified: Fri, 26 Oct 2018 21:09:54 GMT
etag: 0x8D63B8760813F21
x-ms-request-id: 500cb740-301e-005c-06ae-95520b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T050952Z-16c4f695cc5ft4zlnxfvtduaen00000006tg000000000973
x-fd-int-roxy-purgeid: 50755578
x-cache: TCP_HIT
x-cache-info: L1_T2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/favicon.ico | 104.18.2.35 | 404 Not Found | 27 kB |
URL GET HTTP/1.1pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/favicon.ico IP104.18.2.35:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with very long lines (611) Hashdf3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
GET /favicon.ico HTTP/1.1
Host: pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 05:09:39 GMT
Content-Type: text/html
Content-Length: 27242
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87939516bc2a1bfe-OSL
|
|
| twomancake.com/socket.io/?EIO=4&transport=websocket&sid=A--jwdWakXxRzlQDABjS | 188.114.96.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1twomancake.com/socket.io/?EIO=4&transport=websocket&sid=A--jwdWakXxRzlQDABjS IP188.114.96.1:443
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerLet's Encrypt Subjecttwomancake.com FingerprintAF:27:60:8A:CD:A9:93:0A:E2:7C:B9:F0:B3:9B:B4:E4:C1:DD:3D:1C ValidityTue, 09 Apr 2024 04:59:30 GMT - Mon, 08 Jul 2024 04:59:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=A--jwdWakXxRzlQDABjS HTTP/1.1
Host: twomancake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ans52oQYW9zNOVD3CSMmYg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 05:09:46 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A2pxt7Vv3iN3dssK6YoeD8hDVdA=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3gJ5FIxj91JdHiioJgLAQoeKeiU1YmzVqDPAbBLR4tn4Bd0W5xjs%2BR628nR%2FEjVjnxoq7nRpVy6jumOJiYx38I9fBlGN9ynEvrm0xI%2FsuWYBy%2FChGx3IsK5R819dUMX0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87939543ac555695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aadcdn.msauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/bannerlogo?ts=637874577486802283 | 0.0.0.0 | | 0 B |
URL GET aadcdn.msauthimages.net/dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/bannerlogo?ts=637874577486802283 IP0.0.0.0:0
Requested byhttps://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/XSD34qjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682uuprWTDWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682DWQLedDqjE4Myn%2526m%253Dilk.p0ypaGTJbLL%2526b%253DO4ECJ6p0xWACZ682.html#gmanley@nutrabolt.com CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dbd5a2dd-fwhuzdmetw-5xhnbqn60mhtyq0vqdx7g4p85qsxkyaa/logintenantbranding/0/bannerlogo?ts=637874577486802283 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-9cba10d444bf44eea4f1504b0b173c03.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|