r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8975
Expires: Sun, 04 Dec 2022 01:33:26 GMT
Date: Sat, 03 Dec 2022 23:03:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3115
Cache-Control: max-age=130756
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:03:51 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:23:07 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 22:18:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2733
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14581
Expires: Sun, 04 Dec 2022 03:06:52 GMT
Date: Sat, 03 Dec 2022 23:03:51 GMT
Connection: keep-alive
birtatsut.com/xvu/corrosion-experiment-weight-loss-method-pdf
66.96.161.132200 OK 15 kB URL HTTP/1.1 birtatsut.com/xvu/corrosion-experiment-weight-loss-method-pdf
IP 66.96.161.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (25856)
Hash 451ce19474015f8062d7d512f3fc1fea
3acd950a1ac335dd6785197a96e0c689fece3203
f28bec1b68d9b80ba4c02233939af69e116a332f30f90f4b278b23be940715fe
GET /xvu/corrosion-experiment-weight-loss-method-pdf HTTP/1.1
Host: birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 15104
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.4.10
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Generated: t=1670108631290146
X-Endurance-Cache-Level: 2
Age: 0
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: C2XNSHj0pJTSFzOg8EmRHC7pbTEND5LNPwaQdfnROXRz6Ogv8KRk171ZW/lp0pu91Kfh5DYecEY=
x-amz-request-id: CKSWQTC4Y4BVWFZQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 22:47:18 GMT
age: 993
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:03:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext
IP 142.250.74.106:0
Hash be4c0493c6026539d521e8870cecade1
6da5c22d1fde60b3236412327ea906a333bfd0cc
9ce33649fbfea6cccf7ebffb27a97c596e9b7da49fd42c9d027875e4c49db7c8
GET /css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 23:03:51 GMT
date: Sat, 03 Dec 2022 23:03:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22d149ac0bf8a3fc3db08d4f340968f6
f20aa28aad50f15b4ada303bb91da37038432d20
14cef64d187e633f12c2a60dad1904e93d05c42e999ee9e4de64addcef8ca94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14CEF64D187E633F12C2A60DAD1904E93D05C42E999EE9E4DE64ADDCEF8CA94B"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Sun, 04 Dec 2022 05:03:14 GMT
Date: Sat, 03 Dec 2022 23:03:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash abda293c675b70a2f21eaedfb76d1436
8c6ff652afb6371e0cb9ed63387b91ac791b4d27
ff6ba1f3243db565be9a5245577d9d5e3aee1c23bffb731245f6674e132f3f62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6BA1F3243DB565BE9A5245577D9D5E3AEE1C23BFFB731245F6674E132F3F62"
Last-Modified: Fri, 02 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sun, 04 Dec 2022 05:02:54 GMT
Date: Sat, 03 Dec 2022 23:03:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22d149ac0bf8a3fc3db08d4f340968f6
f20aa28aad50f15b4ada303bb91da37038432d20
14cef64d187e633f12c2a60dad1904e93d05c42e999ee9e4de64addcef8ca94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14CEF64D187E633F12C2A60DAD1904E93D05C42E999EE9E4DE64ADDCEF8CA94B"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 05:03:52 GMT
Date: Sat, 03 Dec 2022 23:03:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22d149ac0bf8a3fc3db08d4f340968f6
f20aa28aad50f15b4ada303bb91da37038432d20
14cef64d187e633f12c2a60dad1904e93d05c42e999ee9e4de64addcef8ca94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14CEF64D187E633F12C2A60DAD1904E93D05C42E999EE9E4DE64ADDCEF8CA94B"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21520
Expires: Sun, 04 Dec 2022 05:02:32 GMT
Date: Sat, 03 Dec 2022 23:03:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22d149ac0bf8a3fc3db08d4f340968f6
f20aa28aad50f15b4ada303bb91da37038432d20
14cef64d187e633f12c2a60dad1904e93d05c42e999ee9e4de64addcef8ca94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14CEF64D187E633F12C2A60DAD1904E93D05C42E999EE9E4DE64ADDCEF8CA94B"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Sun, 04 Dec 2022 05:03:35 GMT
Date: Sat, 03 Dec 2022 23:03:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 3294
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.birtatsut.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
66.96.161.132200 OK 4.6 kB URL HTTP/1.1 www.birtatsut.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 66.96.161.132:0
File type ASCII text, with very long lines (9959)
Hash 778312051cdf3c25c9d5e8d12945b8d8
74e988f60bb50d8bfdc547c4397a684947da76af
5cf6f6e5000a92a94cb832c73ef8f511b103ccce79d56029cd5be5f27fc34416
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 4621
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 26 Oct 2022 00:15:32 GMT
ETag: "3134-5ebe4ec43877b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632103242
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-content/themes/twentyfifteen/js/skip-link-focus-fix.js?ver=20141010
66.96.161.132200 OK 445 B URL HTTP/1.1 www.birtatsut.com/wp-content/themes/twentyfifteen/js/skip-link-focus-fix.js?ver=20141010
IP 66.96.161.132:0
Hash e0ba9e2214f9bd5260223ed05a3f7b3e
64fcba18103bb87a27ed50447f675fbc19ebdf08
e364f0ec3f498066567784e4936e5e01a241199b87aaf0ddfef9bbae87ef8cb0
GET /wp-content/themes/twentyfifteen/js/skip-link-focus-fix.js?ver=20141010 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 445
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 15 Oct 2014 05:49:20 GMT
ETag: "2d7-5056fb1707800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632109614
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-content/themes/twentyfifteen/style.css?ver=4.9.3
66.96.161.132200 OK 14 kB URL HTTP/1.1 www.birtatsut.com/wp-content/themes/twentyfifteen/style.css?ver=4.9.3
IP 66.96.161.132:0
File type ASCII text, with very long lines (403)
Hash 9eab0b0c450ff10ee1aa5e6fd777fd3d
3a85639848e740370223edf29dad277729859ce7
44ae31d32b135b32cde54049099b00202e043c39c18c12b3039bfe2d03f41b0f
GET /wp-content/themes/twentyfifteen/style.css?ver=4.9.3 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: text/css
Content-Length: 14097
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 01 Nov 2017 22:43:48 GMT
ETag: "17e24-55cf39ad4d100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Sun, 04 Dec 2022 05:03:52 GMT
X-Generated: t=1670108632106180
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.3
66.96.161.132200 OK 4.2 kB URL HTTP/1.1 www.birtatsut.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.3
IP 66.96.161.132:0
File type ASCII text, with very long lines (8813)
Hash 4239951e4c33743d03224b6ec12aeb21
e160d4fafdda0b50982eac8104a1111e7278881e
8af6aac97e8ee0b46954cb8c3ff1cf4176b4716d7f973f63d15a9e9b7c427c22
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.3 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 4211
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 05 Feb 2018 22:16:43 GMT
ETag: "2dc9-5647e6abe4544-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632123532
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-includes/js/comment-reply.min.js?ver=4.9.3
66.96.161.132200 OK 589 B URL HTTP/1.1 www.birtatsut.com/wp-includes/js/comment-reply.min.js?ver=4.9.3
IP 66.96.161.132:0
File type ASCII text, with very long lines (1078), with no line terminators
Hash 758a8d85f5e231ed27925940ff07a66e
d2474fc7829e253cc08a43bec5a60f07bd925d12
f2233a526acca18657a60b6071f85fcdd69273253fb32632baed2bad08212436
GET /wp-includes/js/comment-reply.min.js?ver=4.9.3 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 589
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 18 Nov 2015 19:15:28 GMT
ETag: "436-524d577143400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632213821
X-Endurance-Cache-Level: 2
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3128
Cache-Control: max-age=125707
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:03:52 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:58:59 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.birtatsut.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
66.96.161.132200 OK 34 kB URL HTTP/1.1 www.birtatsut.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 66.96.161.132:0
File type ASCII text, with very long lines (32077)
Hash d417f4d673009b01654915bbf1f4f872
f432ea8e89e5f4ef50e506019899e539a068f415
24560d81ded58e8befabf32ff51f5b6ae6f21eead0a5f87c255e3b47b988d1cc
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 33766
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 23 May 2016 09:00:30 GMT
ETag: "17ba0-5337eac1c8780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632103679
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
66.96.161.132200 OK 16 kB URL HTTP/1.1 www.birtatsut.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
IP 66.96.161.132:0
File type ASCII text, with very long lines (18732)
Hash dd0f53262702f111ddf86f20d1f605d1
a073021fe1aed82f104e7da84fa70bf8815a7d2b
7292e6d1bfe7ed6ee6bb7e9d5cd0483dae1d629955f6efae5c431e928422d1a4
GET /wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: text/css
Content-Length: 16441
Connection: keep-alive
Server: Apache/2
Last-Modified: Tue, 16 Jan 2018 18:37:03 GMT
ETag: "6e6a-562e90460ed02-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Sun, 04 Dec 2022 05:03:52 GMT
X-Generated: t=1670108632109339
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-includes/js/wp-embed.min.js?ver=4.9.3
66.96.161.132200 OK 751 B URL HTTP/1.1 www.birtatsut.com/wp-includes/js/wp-embed.min.js?ver=4.9.3
IP 66.96.161.132:0
File type ASCII text, with very long lines (1398), with no line terminators
Hash 7542039ce963ffd18ad4fb7be13bd2be
8385e433e8e65739fc27b6bd16b1a7ae71b11084
a70bca1336a4ac7592ce631cbb22c9ebb01d60461d221ac7a46f91a4ccfd1255
GET /wp-includes/js/wp-embed.min.js?ver=4.9.3 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 751
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 23 Nov 2016 13:38:34 GMT
ETag: "576-541f8015b2a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632235369
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-content/themes/twentyfifteen/js/functions.js?ver=20150330
66.96.161.132200 OK 1.9 kB URL HTTP/1.1 www.birtatsut.com/wp-content/themes/twentyfifteen/js/functions.js?ver=20150330
IP 66.96.161.132:0
Hash fa57059efb6fb51cb9f73b8edaacea5e
fce3fdf37ed32d7ecff2a6e51190b3d03db3e8ed
0831fea53dbd01fd918ffdfb55b55a0afd39ecd4afb76faae56eba01420914bc
GET /wp-content/themes/twentyfifteen/js/functions.js?ver=20150330 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 1858
Connection: keep-alive
Server: Apache/2
Last-Modified: Tue, 15 Mar 2016 21:33:28 GMT
ETag: "1720-52e1d25e13a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632249946
X-Endurance-Cache-Level: 2
Age: 0
www.birtatsut.com/wp-content/plugins/akismet/_inc/form.js?ver=4.0.2
66.96.161.132200 OK 318 B URL HTTP/1.1 www.birtatsut.com/wp-content/plugins/akismet/_inc/form.js?ver=4.0.2
IP 66.96.161.132:0
Hash 9981fd8493ac6b5c99634815c9aef030
15e922eda1c62a37bce0aea182535530889a044e
66780daa2edc073e9067f4b12f75d41c58bea33d1455d788b72b0e1853cca132
GET /wp-content/plugins/akismet/_inc/form.js?ver=4.0.2 HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: application/x-javascript
Content-Length: 318
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 05 Jan 2018 07:32:03 GMT
ETag: "2bc-5620271db6bc5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=10800
Expires: Sun, 04 Dec 2022 02:03:52 GMT
X-Generated: t=1670108632253298
X-Endurance-Cache-Level: 2
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:03:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:03:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://birtatsut.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:35 GMT
expires: Wed, 29 Nov 2023 15:42:35 GMT
cache-control: public, max-age=31536000
age: 372077
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://birtatsut.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:34 GMT
expires: Wed, 29 Nov 2023 15:42:34 GMT
cache-control: public, max-age=31536000
age: 372078
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.birtatsut.com/wp-content/uploads/2018/01/cropped-birtat-sut-logo.jpg
66.96.161.132200 OK 11 kB URL HTTP/1.1 www.birtatsut.com/wp-content/uploads/2018/01/cropped-birtat-sut-logo.jpg
IP 66.96.161.132:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 248x248, components 3\012- data
Hash f7fd2e98a80b14f7739f40129f5fc55b
34050ff3b36413cd7ca516d422d6c97b33acf0c1
c8a9ee79fd26f3fad01030b55bdf8a97aac4aaea1771165dfa5b1d0a2c040ee8
GET /wp-content/uploads/2018/01/cropped-birtat-sut-logo.jpg HTTP/1.1
Host: www.birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: image/jpeg
Content-Length: 11408
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 05 Jan 2018 10:05:08 GMT
ETag: "2c90-56204955d8b43"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Sun, 04 Dec 2022 05:03:52 GMT
Vary: User-Agent
X-Generated: t=1670108632355923
X-Endurance-Cache-Level: 2
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:03:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LU6MYkS/c3rle3A95IhWqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nSFi+yExtU5Ve+47MJXWJBn4MtI=
birtatsut.com/favicon.ico
66.96.161.132200 OK 0 B URL HTTP/1.1 birtatsut.com/favicon.ico
IP 66.96.161.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: birtatsut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://birtatsut.com/xvu/corrosion-experiment-weight-loss-method-pdf
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:03:52 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: Apache/2
Cache-Control: max-age=86400
Age: 21158
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10074
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10074
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10074
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:03:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:16:04 GMT
age: 56869
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdd9e42d71307b201929c3a38c745c6
8d3a7f830e57e936a1da8a001f3e78108b20c038
6e1063a755d64c8102867cd9b347eb83fca2c69af558f111abc46f523a8294da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4377
x-amzn-requestid: 33abcd00-02ec-47ba-9302-312453291913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb29cG53IAMFkGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d1ef-317a802f0f84d73949236b9f;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:58:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6rq82k7xO6aUJRsx-cb9j-_qk4p9L1WmMIoYyxAxXq6LQ1FlF_kdA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:56:23 GMT
age: 54450
etag: "8d3a7f830e57e936a1da8a001f3e78108b20c038"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 56230
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f76ad58139e6d5bf4402d442ed662f3c
0100b4fdd66d254d48395da715dfd6d760ae6cf6
1c1199744e75a69f9eedfec6ecdcc11e67b735f66fc50c8a0c2d60c40920532c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7454
x-amzn-requestid: b8250832-ecd8-499b-b292-5110afe2cd84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltkWEMroAMFatw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2e8-6d91fc504703cdd5128e5746;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: goB4ZvabzzX-P9dBf2Zl0g85FkbvKgHEb0S_K78yJwvnTSEX0mx2Qw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 23:00:32 GMT
age: 201
etag: "0100b4fdd66d254d48395da715dfd6d760ae6cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69411fa7c0f94e7179c2cf84b716e427
188edc080e8a683c3fdc2968ee1e6aae114d75d2
713514c9afaa1953e3387aa1d1b6203fe6387e007f9fb5347558b77dd72425e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: 1c11b153-5494-4656-ad96-33bc541f93f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgaEAGmooAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a3b3-1984a9194065807d36f29532;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xNjdYH9Rb0Sunnv8GTfNikc6WvQogmZP0qUM8BmhGe4h8ETPaZDH9w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:16:04 GMT
age: 56869
etag: "188edc080e8a683c3fdc2968ee1e6aae114d75d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b0065d160e7dbd17cf58f2c837b45a7
0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f
833c0a39ed1d9dcfa4a22f201d06d085e5131121810e98d5e79dd6f84e8fe436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4782
x-amzn-requestid: 98b5d5ca-7590-4756-9b92-3fb327ecc97b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsANG8koAMF_Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-546b61a82a8b952f664346b9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ncXSPf1et6vSgEBmWwY_PperGXmgJGEx0hlLr0lhN6XHi0RLRr6WCA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:05 GMT
age: 4608
etag: "0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
new.weatherplllatform.com/pick.js?v=2.11.2
91.211.91.114200 OK 1.4 kB URL HTTP/2 new.weatherplllatform.com/pick.js?v=2.11.2
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2337), with CRLF line terminators
Hash ccb218004705cc29a752489e7b154778
9b2e6ffd765b8eaa72b4fcbe7110d53f1a3ded9c
fea5e79f9acac2666bf947bc1c40992dccb3939f413661dd91129988516e85df
Analyzer Verdict Alert fortinet Malware
GET /pick.js?v=2.11.2 HTTP/1.1
Host: new.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://birtatsut.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:03:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 27 Oct 2022 17:28:29 GMT
vary: Accept-Encoding
etag: W/"635abfbd-921"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c6023b145490ceb400e224f346425fbe
05368f219ad97d65de8ca6ded2d47b7c94eb684f
47feaf856cdf0f35f82edb63e36145f93fceacb736506e15c9d4654a8bbf5c58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47FEAF856CDF0F35F82EDB63E36145F93FCEACB736506E15C9D4654A8BBF5C58"
Last-Modified: Thu, 01 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11671
Expires: Sun, 04 Dec 2022 02:18:25 GMT
Date: Sat, 03 Dec 2022 23:03:54 GMT
Connection: keep-alive
greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
185.177.94.152200 OK 18 kB URL HTTP/2 greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7734)
Hash a2736339a4833cc562fa684056b8e343
7afba8cfeb224a04cbfe70fdebdbf8444b176d55
c834a54660ff72e12b6dbffd70309659d8ea5b74c9525c3261d0edf4e62e4c3a
Analyzer Verdict Alert fortinet Phishing
GET /go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18 HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:03:54 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=928d8e54-f841-4b2b-b60b-8e9e780ae4c3; expires=Mon, 02-Jan-2023 23:03:54 GMT; Max-Age=2592000; path=/; domain=greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
greenskymotions.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 greenskymotions.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
Cookie: uuid=928d8e54-f841-4b2b-b60b-8e9e780ae4c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 23:03:55 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec6250b75b2cd4542131fb86b4fd0ff7
c8090ccaab39c0cd7c5fdce4d8ce37d3294fef15
e6fef94bb48da714d8b7b376f9914bb1989379058b09baa175b1194f6311ac47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6FEF94BB48DA714D8B7B376F9914BB1989379058B09BAA175B1194F6311AC47"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3406
Expires: Sun, 04 Dec 2022 00:00:41 GMT
Date: Sat, 03 Dec 2022 23:03:55 GMT
Connection: keep-alive
broworker4s.com/sw/bro.js
212.129.18.219200 OK 55 kB URL HTTP/2 broworker4s.com/sw/bro.js
IP 212.129.18.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (29334)
Hash fc153d776f101ca17c8a3843d67a10df
a0783a29844240b4c7fde8c4e53995db19c31ead
a79aa86bd60547987db4e7ba5f488162b391bebce21df40cacc12493d5c9949a
GET /sw/bro.js HTTP/1.1
Host: broworker4s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:03:55 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 03 Dec 2023 23:03:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.greenskymotions.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 0.greenskymotions.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18
Cookie: uuid=928d8e54-f841-4b2b-b60b-8e9e780ae4c3; uuid=928d8e54-f841-4b2b-b60b-8e9e780ae4c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 23:03:56 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9c55875d8dd29368d02fc1247585a53a
e7150a6b965ede7d949e27897f237377408b4b2f
fddaf1af56a15aff74402d16dc3a9146a9bb7ac93f07a4cb7127a7f205a302d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FDDAF1AF56A15AFF74402D16DC3A9146A9BB7AC93F07A4CB7127A7F205A302D4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2487
Expires: Sat, 03 Dec 2022 23:45:24 GMT
Date: Sat, 03 Dec 2022 23:03:57 GMT
Connection: keep-alive
di4.biz/favicon.ico
185.177.92.179204 No Content 0 B IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=haytemzrmi5dcnrqgixtcmjrhe3c6nbpmy2tezlemi2dklzrgixtcnrxgaytaobwgm3a&p=b&sub1=&sub2=dfastspeed18&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=c86dc69e-41a0-463f-8a49-812f5638519f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 23:03:57 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
broworker4s.com/sw/bro.js
212.129.18.219200 OK 0 B URL HTTP/2 broworker4s.com/sw/bro.js
IP 212.129.18.219:0
GET /sw/bro.js HTTP/1.1
Host: broworker4s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:03:57 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 03 Dec 2023 23:03:57 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2