Report - mwebnice.com/7191/846/2/?subid=bnicdwefgtrfergth

Report Overview

Submitted URL
mwebnice.com/7191/846/2/?subid=bnicdwefgtrfergth
IP
172.67.146.245
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-29 03:26:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.158
cbtb.clickbank.net	103233	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	1.5 kB	34.218.83.87
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	21 kB	142.250.74.174
prod.cbstatic.net	108120	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	9.9 kB	143.204.55.88
go.maxweb.com	389866	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	491 B	566 B	172.66.40.143
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.3 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	709 B	142.250.150.155
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
mwebnice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	722 B	104.21.10.231
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.215.94.42
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	998 B	58 kB	216.58.207.195
agrowtrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	528 B	1.6 kB	172.67.216.211
ancestralgrow.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	533 B	1.9 kB	104.21.55.179
hop.clickbank.net	71951	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	850 B	34.218.122.96
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	13 kB	142.250.74.35
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	44 kB	142.250.74.168
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	25 kB	142.250.74.10
storage.googleapis.com	420	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.7 kB	5.0 MB	142.250.74.176
seal-boise.bbb.org	116015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	4.8 kB	82.102.27.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	mwebnice.com/7191/846/2/?subid=bnicdwefgtrfergth	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	ancestralgrow.com/report?hop=mweb1&subid=846	1.4 kB	2023-03-11	2023-03-17
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:28:47 Last Seen2023-03-17 12:36:32 Times Seen1 Hash 478815f55f21ebf68b2aa778e931c567 246b9073954eb5e8cd2440eaf22da176c0a13a7b da5e81ee0abc76368eadd47decc13efd2055deef61cf3eea12736674709855d8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-62785402-76&l=dataLayer&cx=c	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-62785402-76&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:12:08 Last Seen2023-03-11 22:12:08 Times Seen1 Hash 61002e59dc08d45a5338518616b31ffa b14d69c7bb0ee22aac640b708531817a70db3f8a 7352cb13fed2928ed48f1fafafa1fcffc1ed5a4cba1d7506e7e3be2f6b3b254c Loading...

	ancestralgrow.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846	54 B	2023-03-07	2023-03-26
Pretty URL ancestralgrow.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846 IP 104.21.55.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:10 Last Seen2023-03-26 00:30:48 Times Seen2 Hash a364e894afda428215f17e6f9d5552fd 8ac2adbc1ff3cf67c3351b74301c1ce21b42810c 328f2e635f1270d2a1f9de0ec033be5f9de4e0960828bd636c9b864cbf90ff58 Loading...

	ancestralgrow.com/report?hop=mweb1&subid=846	264 B	2023-03-11	2023-03-17
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:28:47 Last Seen2023-03-17 12:36:32 Times Seen1 Hash 0121d9bd82a7d13b0f80cd093867366b 5c58a4b9557787192232d0e5b87862d3f7551a0e aa5041243e8745b3029065da3a6421e3320394301bca54751189f0a2a42d39b4 Loading...

	ancestralgrow.com/report?hop=mweb1&subid=846	186 B	2023-03-11	2023-03-11
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:12:08 Last Seen2023-03-11 22:12:08 Times Seen1 Hash cd0bda8783e8ebc64574a798d4f83569 45dd0b64cdf7108938f11a702a2ff254a121c4c6 0118703dd9d321348e134a730c3aae12cbfc6e8d8007e46d7d665b246eefff2f Loading...

	www.googletagmanager.com/gtag/js?id=UA-62785402-83	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-62785402-83 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:12:08 Last Seen2023-03-11 22:12:08 Times Seen1 Hash a8d5b60c0da122c40f099c9d0fcc2332 9f40f23ecba179a52ad8f19645d803faf1b5cf1b 06f673ac7722b1eb052654cc531e96db4718942beb455e2d9a927761cfe8c70f Loading...

	cbtb.clickbank.net/?vendor=bmpagrow	934 B	2023-03-07	2024-04-27
Pretty URL cbtb.clickbank.net/?vendor=bmpagrow IP 34.218.83.87 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:35 Last Seen2024-04-27 01:40:11 Times Seen607 Hash 749c0fb0f006f7d4ddcd76fba550e264 940476750ad5d0f7858cce3470a3534be850f98a bc4f846a058e02aa5fd315d0c535a227636ca4a74ed38a5a84d4d5e675ffec72 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-27 02:03:36 Times Seen1536 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 03:07:25 Times Seen37109699 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ancestralgrow.com/report?hop=mweb1&subid=846	8.9 kB	2023-03-11	2023-03-17
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:28:47 Last Seen2023-03-17 12:36:32 Times Seen1 Hash 879cc1ec4cbae48e27d35e2d4e69d5f1 7f772613dc24dee1c24482736a069191b3bfd6af 109d90a3105ffa3fa1a933b5b4a6eabc59051839f75fbee0cdbdb16da568186b Loading...

	ancestralgrow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-27
Pretty URL ancestralgrow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 03:07:22 Times Seen55099 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	ancestralgrow.com/report?hop=mweb1&subid=846	38 B	2023-03-07	2023-08-15
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:10 Last Seen2023-08-15 15:40:00 Times Seen12 Hash f833638750618bd0f678165ad20ebe1f 135704ebc103ebddb1bb106af29751e91d1bdd69 325b25d423e6b3dc963fb90b5c8f75ef0f3ae0aeb263c368efcb499bee9700cf Loading...

	ancestralgrow.com/report?hop=mweb1&subid=846	123 B	2023-03-07	2024-04-26
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:49 Last Seen2024-04-26 00:06:24 Times Seen155 Hash 94a21db198d4787fbde3937e35f7e723 3f4d33998b91829d0ca10e3dfa2aa6d3ed3f6d81 b695d702c7ba78e1bf7c137315cd1e5e27137ef76c6e668c490a70357c72ae95 Loading...

	ancestralgrow.com/js/app.js?id=fa9f28eee3a198ba53aa	593 kB	2023-03-09	2024-01-09
Pretty URL ancestralgrow.com/js/app.js?id=fa9f28eee3a198ba53aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 18:00:53 Last Seen2024-01-09 19:59:27 Times Seen30 Hash fa9f28eee3a198ba53aaf6b33b25c61c 585ae23b9cbc51c767480875e620cdd134c1b7a2 1a067559b32433af9452dc679bb13c11eae1f730a4df18b339da0604d5577c21 Loading...

	ancestralgrow.com/report?hop=mweb1&subid=846	76 B	2023-03-07	2024-04-26
Pretty URL ancestralgrow.com/report?hop=mweb1&subid=846 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-26 00:06:23 Times Seen322 Hash da2574023fc8d9de9b9df869f0b537c9 9fb79799b5bad947928d93231e84af8701175d3e cca49e226807edb5c972b7d6044f6e646a9a65f9770823cb15b6ba83f0724d9d Loading...

HTTP Transactions (85)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4176
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 03:26:25 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4216
Cache-Control: max-age=116112
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:25 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:41:37 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2837
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 03:26:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 03:17:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 514
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jULEHlgXDZGqZqpnDnZ4obEWD2L/DGJht5HGrWF2MAcgwYGVCAssdfPJTpPxl1WsAr4n/taw00c=
x-amz-request-id: EHBV42W59YDPNY7N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 02:45:16 GMT
age: 2469
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

mwebnice.com/7191/846/2/?subid=bnicdwefgtrfergth

104.21.10.231

302 Found

0 B

URL HTTP/1.1
mwebnice.com/7191/846/2/?subid=bnicdwefgtrfergth
IP
104.21.10.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /7191/846/2/?subid=bnicdwefgtrfergth HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 03:26:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=3600, private
pragma: no-cache
location: https://agrowtrk.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846
expires: Tue, 29 Nov 2022 04:26:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77183de23d0cb506-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:26:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ace13bc61132bd647c7b9a0623f8194e
80c29c8554aa563cfd4123825bce44e37470fd1f
bdd56d4f4ed7c0baecad63cc5835420091c4db26b02f731d81e4fdb8db2cbedc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:26 GMT
Server: ECS (amb/6B9D)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ace13bc61132bd647c7b9a0623f8194e
80c29c8554aa563cfd4123825bce44e37470fd1f
bdd56d4f4ed7c0baecad63cc5835420091c4db26b02f731d81e4fdb8db2cbedc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:26 GMT
Last-Modified: Tue, 29 Nov 2022 03:26:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2ff96cc5d6da92bcca01dd5ce6a1e7cb
4bf4d582a3c0015808d40b7c40d6e07011e60192
e5dd8b5e11e38c5f6237bf1adb432b95bdd9d9fd84c870b48d080f8dc150853e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126251
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:26 GMT
Etag: "6384c60d-118"
Expires: Wed, 30 Nov 2022 14:30:37 GMT
Last-Modified: Mon, 28 Nov 2022 14:30:37 GMT
Server: nginx
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 03:11:13 GMT
cache-control: public,max-age=3600
age: 913
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2ff96cc5d6da92bcca01dd5ce6a1e7cb
4bf4d582a3c0015808d40b7c40d6e07011e60192
e5dd8b5e11e38c5f6237bf1adb432b95bdd9d9fd84c870b48d080f8dc150853e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=126251
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:26 GMT
Etag: "6384c60d-118"
Expires: Wed, 30 Nov 2022 14:30:37 GMT
Last-Modified: Mon, 28 Nov 2022 14:30:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5574
Cache-Control: max-age=112403
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:26 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:39:49 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.215.94.42

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.94.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 46v07iN9/5uA39E4sOn0jA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bkCp2EdlfpIvKNAk9g51sH/IKqk=

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9d8c74dd4c30722d72899e208fdd796e
3cb9927815a1417a31430e84a96b754a7354803a
30f244c6d6bf5e8ce68d797fe308c0da6cca259a2f4cfa8db531709628e1fd25

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154983
Date: Tue, 29 Nov 2022 03:26:27 GMT
Etag: "63852024-1d7"
Expires: Wed, 30 Nov 2022 22:29:30 GMT
Last-Modified: Mon, 28 Nov 2022 20:55:00 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iyNbPawvtdzAB2F7W7sGr5PKMCQfyeKvtMN3O38UV9KytSxiCyNdnQ==
Age: 5670

hop.clickbank.net/?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846

34.218.122.96

307 Temporary Redirect

0 B

URL HTTP/2
hop.clickbank.net/?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846
IP
34.218.122.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846 HTTP/1.1
Host: hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: p=Rqv09oeSAr_fwNh8n-CIpX3BXJXAhSs5liLsZX0Ux0q2LoCuLErSh7vv2ZKzm_sIPzslR3KeSDFqjeEDtMLHPWkq7GH5zavT6VO8oHWSoK16FYd_c4DAUvAd1_9IMeysRvleDzixE2F-ZZEmZY2xTIJ0WVgNufWbwwa9R6uXGHHdaOR_5928ZrtgZVcKH9P-JB1C4dF2r-tjYben1DpvD3k5_P-Hx231TIHYK398HW1WxRGEeGCrsmQedsrdI3XAikV4uPyQYuEzsh9_EEMbchM_Lqq5Pw-PQZI30D7MIpko8NXHA2OAQBut8l_nRE_zw1p64LlqAAkXmlgbaTxhxtIs9Q0_ZTyDN1lMKh2RKp_MmUvZYs5eKe9420tHelY06njVkSJDzE_jAcKtt6MAlnB_FrzGbvgN83uiLvIOUULTTzHh8HW3hBDwLLwSQC-Po3Zivg%3D%3D; q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Tue, 29 Nov 2022 03:26:27 GMT
content-length: 0
location: https://ancestralgrow.com/report?hop=mweb1&subid=846
set-cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Wed, 29 Nov 2023 03:26:27 GMT
p=cYLBdjmHCjK3a-QeWeAZyYR6mRO9yuerzC2xVfImaVXTtNe8JdPb86C7rV1DKqL15um5L0d6ZOjEX-ZUGMS1EHwmcisqGffdLPyWmg0dlPitXyehdgSFWwsMOD2GUVqD4M_gKpQjRxIyg-XiVtHK_IY_v1jYwKcIZdjjycwkKTCj3_2NG0jXNjtLCldPrPzN7O9m7m5XdGHnH6YEcl9OacM4cApKL2QrwcyW6BYkeApb6O6d; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Sun, 28 May 2023 03:26:27 GMT
server-timing: traceparent;desc="00-e4d2b347a69d8698a47da5ae731ec87d-2f4de86238d21d95-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-62785402-83

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-62785402-83
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43681 bytes)
Hash
a545420272a8f91f6e6a3d92d6336fb7
9f00c26fd4263da93c7ecdc38c141c35ec8d3db8
4cb7ddfc046ffc8c30e8545272910abe86b1ef2ad63b0d1b7bbd67350257298e

HTTP Headers

GET /gtag/js?id=UA-62785402-83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 03:26:27 GMT
expires: Tue, 29 Nov 2022 03:26:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@400

142.250.74.10

200 OK

983 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
983 B (983 bytes)
Hash
ee3f4bff88c8e823e59c6ea95561e3b8
414616d97a57d56dbe105d517a7abb461b0dac2e
b76d9ac3edef1c18f91c74be5f3e2d07467971b851e90cbbe05c7a5493612d2d

HTTP Headers

GET /css2?family=Roboto:wght@400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 03:26:27 GMT
date: Tue, 29 Nov 2022 03:26:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ancestralgrow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 384369
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.195

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data
Size
25 kB (25036 bytes)
Hash
9dd150fb7229e143e0f71ba1fe8c8f63
664abfc4941054600213dda51a3d6f0d05b3c312
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ancestralgrow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 23:09:43 GMT
expires: Sat, 25 Nov 2023 23:09:43 GMT
cache-control: public, max-age=31536000
age: 274605
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 03:26:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 03:26:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 03:26:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 03:26:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6716 bytes)
Hash
73001f7390ae3a80bbbaa9d9bacbe488
f0410522b6dad8ebcbc2a64ff2193bafcfdc862e
49c02723bab596584abe2dd3dcb11c660538516587911ee033dd0e6e8ea5889f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6716
x-amzn-requestid: 51e9f59e-558e-4bb4-8db5-741e0272f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV3cHHwqIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63856c4d-48ecac9a4da2995b41abec49;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 02:19:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1qxn5KqRfOJpUJWSblkCo1wwwAkdJrW1JJ8unESfiuDCs-EZlwRKeg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:25:43 GMT
age: 3645
etag: "f0410522b6dad8ebcbc2a64ff2193bafcfdc862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 20374
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4871 bytes)
Hash
a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:56:43 GMT
age: 66585
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7549 bytes)
Hash
415b1b1d5a29fc17b4114bb3df1d1c22
600859401c885cc2cdd1f199cccc198eb41d6a04
abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ds96jURZ0epaXMg2oTUETRQCpHwlVJrl5hTqvpUAWEGVa5rbDve1FA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:42 GMT
age: 20386
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:16:47 GMT
age: 83381
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8921 bytes)
Hash
823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 20373
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ee8546602caebf6428f5ee0847dca78e
7c780bf9b6346c5375594fa78a1667e1c54f13fa
863495af20a78bb0045b263166826a9735f57ecc896b573f2fec9a88fae79e75

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118597
Date: Tue, 29 Nov 2022 03:26:28 GMT
Etag: "63849906-1d7"
Expires: Wed, 30 Nov 2022 12:23:05 GMT
Last-Modified: Mon, 28 Nov 2022 11:18:30 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EU7TfwXdCRzZRudh_KRRldrisqsxGZM1bE3Hm0w4YeinRpblM_by-Q==
Age: 3875

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fdc4a0fbf87cacc54702616d5dc98c07
c31c1ae57d797df9d78e7981b852fd7178c9f0a0
ff36f88332e5266f84f2b22c31d245740b018ef2016517bc4d59b41082b619b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142453
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Etag: "63850559-117"
Expires: Wed, 30 Nov 2022 19:00:41 GMT
Last-Modified: Mon, 28 Nov 2022 19:00:41 GMT
Server: nginx
Content-Length: 279

cbtb.clickbank.net/?vendor=bmpagrow

34.218.83.87

200 OK

934 B

URL HTTP/2
cbtb.clickbank.net/?vendor=bmpagrow
IP
34.218.83.87:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (934), with no line terminators
Size
934 B (934 bytes)
Hash
749c0fb0f006f7d4ddcd76fba550e264
940476750ad5d0f7858cce3470a3534be850f98a
bc4f846a058e02aa5fd315d0c535a227636ca4a74ed38a5a84d4d5e675ffec72

HTTP Headers

GET /?vendor=bmpagrow HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:26:28 GMT
content-type: text/javascript;charset=UTF-8
content-length: 934
set-cookie: AWSALB=fpkSUHNM2TWvofuo82AUfiZQuS4TY9xLO94jooXWPDNNyiJECKdUOimvsQ5ia8o9v1eK+sY+8I4Mcbenr0xN7mSxlZ82HQD2DeV4mFgboW7v0XG84GMBd2fszisw; Expires=Tue, 06 Dec 2022 03:26:28 GMT; Path=/
AWSALBCORS=fpkSUHNM2TWvofuo82AUfiZQuS4TY9xLO94jooXWPDNNyiJECKdUOimvsQ5ia8o9v1eK+sY+8I4Mcbenr0xN7mSxlZ82HQD2DeV4mFgboW7v0XG84GMBd2fszisw; Expires=Tue, 06 Dec 2022 03:26:28 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1df77f524209fea8c09e67e74f419e03
d322b73ee73677e4d135ce81a1c44a10b0d587aa
73957a6e99d45b80ea5cad7185084aa04803bee0009991e8413e32033067a4a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 02:41:08 GMT
expires: Tue, 29 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 2720
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1df77f524209fea8c09e67e74f419e03
d322b73ee73677e4d135ce81a1c44a10b0d587aa
73957a6e99d45b80ea5cad7185084aa04803bee0009991e8413e32033067a4a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ac22060e3f2079a2832a8a4bd7dafa7f
c440478bda76d671c5ad17ec7f52fbc6d2d99846
853be9bec838e1a3b7c8283d890ba2d4350d3f7f75aecfc1febf9b99e813d1c4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ac22060e3f2079a2832a8a4bd7dafa7f
c440478bda76d671c5ad17ec7f52fbc6d2d99846
853be9bec838e1a3b7c8283d890ba2d4350d3f7f75aecfc1febf9b99e813d1c4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1df77f524209fea8c09e67e74f419e03
d322b73ee73677e4d135ce81a1c44a10b0d587aa
73957a6e99d45b80ea5cad7185084aa04803bee0009991e8413e32033067a4a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800

142.250.74.10

200 OK

21 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
21 kB (21301 bytes)
Hash
0e96a6e7dc73e2f9e8a22650d44c00c6
f547638a5e3e837b2e4fab4797b2fc190037cb19
7e62b9d4a7f8b817d458dd1031ebc39ecdb0b6fffbccddc6087b9a51c3a38cb6

HTTP Headers

GET /css2?family=Oswald:wght@400;500;600;700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 03:26:27 GMT
date: Tue, 29 Nov 2022 03:26:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-6.jpg

142.250.74.176

200 OK

86 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-6.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 1200x628, components 3\012- data
Size
86 kB (85596 bytes)
Hash
dafbb16e28507b9ad7be208673b9e97b
0d58f751ccf0af6490c7808d8687b9aefe69971b
08be9a0e9559666aaafb3241760a33da3acfc1d229a68a616f6fab3b116a7d62

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-6.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduPjKf2PxSQwyaFNNReNV2XN8KI0_nn3tgofujKVU8Rni5kg7fDKFuvgLz32W9HDyjlV6XXDRNzmd0crdTxMFCQwQ
x-goog-generation: 1653637603473576
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 85596
x-goog-hash: crc32c=Flzvzg==, md5=2vuxbihQe5rXviCGc7npew==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 85596
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:43 GMT
etag: "dafbb16e28507b9ad7be208673b9e97b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-5.jpg

142.250.74.176

200 OK

43 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-5.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 154x154, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 748x1000, components 3\012- data
Size
43 kB (42818 bytes)
Hash
26be5a67d531f501537d29d7f7e87671
96c442fe397cb88728cf0df8ebf8e0b20230486d
649d0232ab61de996efd6ae3b73eaa0de1c3a6cb7998e56a82a198b8473808c8

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-5.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvjjU8JRLGyZN3huHmWI7DUqXwET9_ER-wWW3oInv-jwYSgpEl5uwmhxOMRkFhqMcyfYuE_6qUN4RtqxexuaKoeng
x-goog-generation: 1653637601893014
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 42818
x-goog-hash: crc32c=JKQRfw==, md5=Jr5aZ9Ux9QFTfSnX9+h2cQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 42818
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:41 GMT
etag: "26be5a67d531f501537d29d7f7e87671"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/images/products/prod10/4-bottles.png

142.250.74.176

200 OK

162 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/images/products/prod10/4-bottles.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
162 kB (162386 bytes)
Hash
919545ba931e96add670aff8ad6eacad
ad3088bf2317a7a477639748e146157726c8d58c
a7d1e853a53ba02f2b3a7eb7eaf9f0f613ab2285cc389c17025f3154ec6677d7

HTTP Headers

GET /offerimages/ancestral-grow/images/products/prod10/4-bottles.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsEsHZQtLzshjWergbJnM3wUXid_SAGRHo4epzO1DlcE7ttS6mSXj4fi3ds0w5k6e99-zLQq6MVogTRDxkxDe6vEQ
x-goog-generation: 1653637610719535
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161731
x-goog-hash: crc32c=CZ2tKQ==, md5=6pxm+fgWHsbDPfsGWgpiLg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 161731
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:50 GMT
etag: "ea9c66f9f8161ec6c33dfb065a0a622e"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/images/custom/shortcut-icon.png

142.250.74.176

403 Forbidden

298 B

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/images/custom/shortcut-icon.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Size
298 B (298 bytes)
Hash
3861a3795095fe81fcb8382d2b9066bd
2cef2af9a35d636c3af48902c20891ec49a8e791
b19463cb9b847bdfc7dbf8133d9702d0a0ecc4175335c4a75db211e0196f84b3

HTTP Headers

GET /offerimages/ancestral-grow/images/custom/shortcut-icon.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
x-guploader-uploadid: ADPycduwDrZo0dTWiPy9tIbKpYpS_8UAsACBApkQRmQtOTEpnaxs5Ew-9BPFVt8xumP7MN13Wdr88QTioOVWfBTldQ27gw
content-type: application/xml; charset=UTF-8
content-length: 298
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: private, max-age=0
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/250-testimonial-image.jpg

142.250.74.176

200 OK

64 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/250-testimonial-image.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
Targa image data - Mono 70 x 257 x 1 +18960 +18758 "\220"\012- data
Size
64 kB (64010 bytes)
Hash
8ef1b66e5fdd111aa16f6d91b0c25100
1584fec54770a523d877496e22492f7ab7583aaa
a8f8eed2bb3f0e704cd2a9b364cc53021802796e5d6f2703410043e258dc65f1

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/testimonials/250-testimonial-image.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvH3u29-6_4uCaO_2anfxMPfeVebJtfuAdgkJCjl0JN8PN0VUGQFVC08htSaS0u7qXcUzw-Yhd1i_rPnq64fcKRMw
x-goog-generation: 1653637592614828
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 64007
x-goog-hash: crc32c=/98XmQ==, md5=zWfW+zjabtIal/F76qa0VA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 64007
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:32 GMT
etag: "cd67d6fb38da6ed21a97f17beaa6b454"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-3.jpg

142.250.74.176

200 OK

138 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-3.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 1280x960, components 3\012- data
Size
138 kB (137563 bytes)
Hash
88aa2030b5b5eace6a0c50f7870a3ade
93632328f5b163a605443d035675faf51c3f3c03
6f1d19ed14eb7d08d9c0444798d363e94259c38fa9aedca87fadff753d9cbfd7

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-3.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtVtq2eOaWZfQwF1TnIlTPDJrTS7mZ-TqyekSMJHotA0D7we5tAKKp0NuIMMkoanYHBNfQCAFCv6BQObskj_d95aQ
x-goog-generation: 1653637598693578
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 137563
x-goog-hash: crc32c=BOAi4g==, md5=iKogMLW16s5qDFD3hwo63g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 137563
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:38 GMT
etag: "88aa2030b5b5eace6a0c50f7870a3ade"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1df77f524209fea8c09e67e74f419e03
d322b73ee73677e4d135ce81a1c44a10b0d587aa
73957a6e99d45b80ea5cad7185084aa04803bee0009991e8413e32033067a4a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-1.jpg

142.250.74.176

200 OK

34 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-1.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 602x756, components 3\012- data
Size
34 kB (34052 bytes)
Hash
70f3a85aa2266a59dd4b2e2cd9b7b83f
0b9b0a24326eb9b67fb6dff639182aa53161c9f7
dc39094c6a2f4a2b334038396c229ee06c4355503baafc7cfe1ebf0835f47a94

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-1.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdu8coR4TLMgebiIPZ2m7dWad-R8_yljB-5CaB1nBfYkdORx3t0MDo0Rnbp6F-kzG3S64CnR5EXCYp9PqYJ8p2f4xQ
x-goog-generation: 1653637595100028
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 34052
x-goog-hash: crc32c=CIcpyA==, md5=cPOoWqImalndSy4s2be4Pw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 34052
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:35 GMT
etag: "70f3a85aa2266a59dd4b2e2cd9b7b83f"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/252-testimonial-image.jpg

142.250.74.176

200 OK

18 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/252-testimonial-image.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 709x473, components 3\012- data
Size
18 kB (17978 bytes)
Hash
9b0f8ab9083778f3c3da1e4e3316849b
52233bc19e2e2cfb7a240a790ce1d5a157eb90bd
0f41b1e6b1be0dc87de4ba0aa52290edd03aa23a95004d00872c79f432ea9a1f

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/testimonials/252-testimonial-image.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtWJ00Qc6PfDIlMfyhMJEZAfUoAMNDCbtTOhZvwTeOqS-YRkrAqxq6kE36GRhNpP9b9lJuJAKrq8IbNvU3umNG8Vg
x-goog-generation: 1653637594266537
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17978
x-goog-hash: crc32c=XmDyKA==, md5=mw+KuQg3ePPD2h5OMxaEmw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 17978
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:34 GMT
etag: "9b0f8ab9083778f3c3da1e4e3316849b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/225-225-testimonial-image.png

142.250.74.176

200 OK

1.1 MB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/225-225-testimonial-image.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 922 x 1247, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 MB (1147185 bytes)
Hash
7f500a78633a9e15e4ffc45a1ebe8d2f
77d295e7db866924a190b55714e49d220d2622a9
36335d7d1c9899c9f0e7ec5cbf7f20d53aafecb77573978ef4b765227b680700

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/testimonials/225-225-testimonial-image.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduf8O3lo7PPyLCEh56v0HpDHdA5hr_6369ZszzdddIBvC_8pwCIY63g1RSUD3lua498O8SO8KNoHLEQYtHe1JeioA
x-goog-generation: 1653637582652911
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1147185
x-goog-hash: crc32c=ASkh+Q==, md5=f1AKeGM6nhXk/8RaHr6NLw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1147185
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:22 GMT
etag: "7f500a78633a9e15e4ffc45a1ebe8d2f"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/images/custom/exit-popup.png

142.250.74.176

200 OK

1.2 MB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/images/custom/exit-popup.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 1138 x 602, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 MB (1173850 bytes)
Hash
712bbddf699c83c1e919a75be593dc79
1cda9d3e5ed7ffc1c4980f5753a0383308f21881
69fe422bf888f8921020dae64947320d8ada98d052258155cf255982e9b01783

HTTP Headers

GET /offerimages/ancestral-grow/images/custom/exit-popup.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdswfW_GfPaH4ytdeRB0yiTvG9_BOACznml7LDP9_Nc-EIul8TRNw8fzQybYrvHYNMH_WfYjKrog_k9vWdbTwkqxGQ
x-goog-generation: 1666795787369605
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1173850
x-goog-hash: crc32c=sAR62Q==, md5=cSu932mcg8HpGadb5ZPceQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1173850
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Wed, 26 Oct 2022 14:49:47 GMT
etag: "712bbddf699c83c1e919a75be593dc79"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png

82.102.27.18

200 OK

4.4 kB

URL HTTP/2
seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
IP
82.102.27.18:0
ASN
#9009 M247 Ltd

File type
PNG image data, 153 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4399 bytes)
Hash
42a4815e9fb471355c0a33ddb6ea3a7b
24a041d270002950032594ba96b73b64d136cba8
c395ae275bcdcd7e732807c3bafcea511fd13d0774f4a2e17d2dec7b6598d681

HTTP Headers

GET /seals/blue-seal-153-100-clickbank-5004291.png HTTP/1.1
Host: seal-boise.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: keycdn-engine
date: Tue, 29 Nov 2022 03:26:29 GMT
content-type: image/png
content-length: 4399
cache-control: max-age=14400
expires: Tue, 29 Nov 2022 07:26:29 GMT
last-modified: Mon, 28 Nov 2022 23:29:30 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-83&cid=22811312.1669692388&jid=1305780753&gjid=1832348115&_gid=35065394.1669692388&_u=4GBAAUAAAAAAACAAI~&z=666205984

142.250.150.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-83&cid=22811312.1669692388&jid=1305780753&gjid=1832348115&_gid=35065394.1669692388&_u=4GBAAUAAAAAAACAAI~&z=666205984
IP
142.250.150.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-83&cid=22811312.1669692388&jid=1305780753&gjid=1832348115&_gid=35065394.1669692388&_u=4GBAAUAAAAAAACAAI~&z=666205984 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ancestralgrow.com
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://ancestralgrow.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 03:26:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:26:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-8.jpg

142.250.74.176

200 OK

22 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-8.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 600x400, components 3\012- data
Size
22 kB (21498 bytes)
Hash
78d3d04c34040e43f3d86c58c891c508
145ff4c7a56332ac5d92e2b4f23d3223a41b85c2
08dd8af1a9b4b6e59d4a063fc0335157f09dd91e69d913b6a852a4d9728ee28d

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-8.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsJWzHMWpfRPOrCl2xW25HHx7_x5l-PcXuXqV28efUMxk-vszUomx6IJcNJfTAWxI_G0cMokIy-wUTZJLb8LBVFOw
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:45 GMT
etag: "78d3d04c34040e43f3d86c58c891c508"
x-goog-generation: 1653637605181792
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21498
content-type: image/jpeg
x-goog-hash: crc32c=rkH0FQ==, md5=eNPQTDQEDkPz2GxYyJHFCA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21498
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/images/products/prod2/2-bottles.png

142.250.74.176

200 OK

105 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/images/products/prod2/2-bottles.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 588 x 600, 8-bit colormap, non-interlaced\012- data
Size
105 kB (105371 bytes)
Hash
ca3382657f35750c389f519fb10c9426
b992be4abebb9dffc208eb218308c982c25573a1
8bae57cf0b14ef6a2ca714fa9689320f229564898c1d6fd067d0a8eb4cf12555

HTTP Headers

GET /offerimages/ancestral-grow/images/products/prod2/2-bottles.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtLSTPB5MMb_B9j4m28raZWco1MB0GDOlwdYE49XoQxtAiEhUghwpw549akGVNyk3LDTwibaqOpSgcqOrzmMc3g3w
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:52 GMT
etag: "ca3382657f35750c389f519fb10c9426"
x-goog-generation: 1653637612324611
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 105371
content-type: image/png
x-goog-hash: crc32c=cBJDvg==, md5=yjOCZX81dQw4n1GfsQyUJg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 105371
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/images/products/prod1/1-bottle.png

142.250.74.176

200 OK

68 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/images/products/prod1/1-bottle.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 397 x 600, 8-bit colormap, non-interlaced\012- data
Size
68 kB (68198 bytes)
Hash
0aec09af8a84ae920de19e2f241c6acf
e1b8dc3cded7596665b33b521e78fdb1f845622a
f3921446b040b91865504f08f619ee06e31f29ed61b6b7ec8985a365fce77645

HTTP Headers

GET /offerimages/ancestral-grow/images/products/prod1/1-bottle.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsIMltTodn8p4tqSNhwUoBZYgSuIOG76AtD4zh1XAZCzs6Ne5KtOr4rFq0p7R4PqfTxuybE44WLosiNcHgFtKQMAg
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:49 GMT
etag: "0aec09af8a84ae920de19e2f241c6acf"
x-goog-generation: 1653637609960162
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 68198
content-type: image/png
x-goog-hash: crc32c=6/kQuw==, md5=CuwJr4qErpIN4Z4vJBxqzw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 68198
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/i18n/app-strings-en.json

143.204.55.88

200 OK

9 B

URL HTTP/2
prod.cbstatic.net/dist/i18n/app-strings-en.json
IP
143.204.55.88:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
cdfca8b09e61ae7324e48f01984c9b34
874b413675711909229ca228efea613383d6a9a4
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

HTTP Headers

GET /dist/i18n/app-strings-en.json HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ancestralgrow.com
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 9
date: Tue, 29 Nov 2022 03:26:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
etag: "cdfca8b09e61ae7324e48f01984c9b34"
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i-8qoNyYZUwir-_EDpdXjS1K2VLqvYc-pbJ-Yz9OtGODvoK8xcQcKg==
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/images/products/prod3/4-bottles.png

142.250.74.176

200 OK

162 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/images/products/prod3/4-bottles.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 923 x 600, 8-bit colormap, non-interlaced\012- data
Size
162 kB (161731 bytes)
Hash
ea9c66f9f8161ec6c33dfb065a0a622e
62569292e6b8e92d479a4f347147e816cfa0046b
ed453a12d4b7d9d1e9dffe965d747f623860e12b78ffabb14cca7edd70fd8f6a

HTTP Headers

GET /offerimages/ancestral-grow/images/products/prod3/4-bottles.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt6V637XRZ34hBD9jEtlziIYFo4deFHlIJJNcL5im_O8gqRg_a6O7Sl0WuAJJYdmSQem2TcE8TofVpkOfee3rlkGQ
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:53 GMT
etag: "ea9c66f9f8161ec6c33dfb065a0a622e"
x-goog-generation: 1653637613107331
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161731
content-type: image/png
x-goog-hash: crc32c=CZ2tKQ==, md5=6pxm+fgWHsbDPfsGWgpiLg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 161731
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/251-testimonial-image.jpg

142.250.74.176

200 OK

58 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/251-testimonial-image.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 921x1227, components 3\012- data
Size
58 kB (58534 bytes)
Hash
a6b26615a8102c8be61a0f3c97510598
b61d44b9e52ccd2c17a56d283597cdbacba42e14
388da64c4a909eb77e9f9a68556a3e425c43dd23948e0fce5e1b7fc2543640dd

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/testimonials/251-testimonial-image.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtNZ4FHToyvoXVcWSiNb-nC4PuZ-4r4vCfWnMZ-YIh9a-Yz7ps3oFCYwTBs6RENLdyZNcS3slw7V2nbOtvjeqPNKA
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:33 GMT
etag: "a6b26615a8102c8be61a0f3c97510598"
x-goog-generation: 1653637593405090
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 58534
content-type: image/jpeg
x-goog-hash: crc32c=LMypCQ==, md5=prJmFagQLIvmGg88l1EFmA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 58534
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-2.jpg

142.250.74.176

200 OK

37 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-2.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 450x600, components 3\012- data
Size
37 kB (37044 bytes)
Hash
be81195f702cf9c866b6b413e3e6b08d
7eefd8ceb5321a1f98ffb2950fdc6594736497ab
aad1e6a66294b5d38e12b34bbdcc932d58f9599afaf22333b02a8c1c9a787c05

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-2.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsIfrrh3EhuMcPmnGLR-06KgjjbBdbGTFh5CU3RWkoZuOrWLSXNNPCt_36EDmaZvSpguYjVkg_4aBZm9h8Ho1aeTg
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:36 GMT
etag: "be81195f702cf9c866b6b413e3e6b08d"
x-goog-generation: 1653637596721997
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37044
content-type: image/jpeg
x-goog-hash: crc32c=Fr4uIw==, md5=voEZX3As+chmtrQT4+awjQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 37044
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/227-227-testimonial-image.png

142.250.74.176

200 OK

209 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/227-227-testimonial-image.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 709 x 473, 8-bit/color RGBA, non-interlaced\012- data
Size
209 kB (209307 bytes)
Hash
521403c4ecda7b71a23ba11541734a29
5b665b12f295ecfe30cc1422df4d58b2e72b9516
e094389ca7f5f239d2bda03711e113862de24e6bca15a3197298b2f1ae72932b

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/testimonials/227-227-testimonial-image.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsuZSI5VOxQAKi4UIyX0IDU2tn4BcdDEACQBZicFyyxBc9m6BC4Yx3lguMA8CxDoleCm-JM5u2e-ynIoF_astygYw
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:24 GMT
etag: "521403c4ecda7b71a23ba11541734a29"
x-goog-generation: 1653637584414537
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 209307
content-type: image/png
x-goog-hash: crc32c=mVuj7g==, md5=UhQDxOzae3GiO6EVQXNKKQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 209307
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png

143.204.55.88

200 OK

3.5 kB

URL HTTP/2
prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
IP
143.204.55.88:0
ASN
#16509 AMAZON-02

File type
PNG image data, 472 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3472 bytes)
Hash
47cdefc96f75be3d978d4b444737b00e
c9d8540c17ed48b72be610bb5795120e4d560d6f
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

HTTP Headers

GET /dist/assets/logo-header-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3472
date: Tue, 29 Nov 2022 03:26:30 GMT
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
etag: "47cdefc96f75be3d978d4b444737b00e"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W-VBesYF7MdMPr01qGgq2DeoBBbXbUtLyjl4gTSzl-K_u4XRXFRy8A==
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-4.jpg

142.250.74.176

200 OK

56 kB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-4.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 750x1000, components 3\012- data
Size
56 kB (55980 bytes)
Hash
46759e51b123d42b628306ddb9f087e0
e921f88361c73d2e13a5125b5de2cf99387ca74d
c45c488925e40a01218a0080b2ec58180f24841afdcb0f25b3992bc1109d91e8

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-4.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduyTMfPYKVP0HzRU9bSCVrxz5XdtfivcNyLS85zGSJBhxcbXdqVN7VH2E5uQaGT3vCrqggMn14ddeHUg_4n-uSDmg
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:40 GMT
etag: "46759e51b123d42b628306ddb9f087e0"
x-goog-generation: 1653637600322357
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55980
content-type: image/jpeg
x-goog-hash: crc32c=Q+PvOA==, md5=RnWeUbEj1CtigwbdufCH4A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 55980
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/226-226-testimonial-image.png

142.250.74.176

200 OK

1.4 MB

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/testimonials/226-226-testimonial-image.png
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type
PNG image data, 921 x 1227, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 MB (1406746 bytes)
Hash
401a9f5f4fda222b8d20d9b48fad110a
d3b067b2b70aa7398cb7ecd4a95a30a8b8d178ee
a8c5f40afaf2d86848f9815103cf4dd1bb7906781f5352b5808740659a076f2b

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/testimonials/226-226-testimonial-image.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvri9WdL_bX14g4DhQQL0Qlr9Crq_tTEBc5CHtoe_9vxOfSfWyiRMihCe2qitlXDmwzkr-MvCcjtmS9kPQd3oBgMw
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:23 GMT
etag: "401a9f5f4fda222b8d20d9b48fad110a"
x-goog-generation: 1653637583461574
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1406746
content-type: image/png
x-goog-hash: crc32c=r+vOvg==, md5=QBqfX0/aIiuNINm0j60RCg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1406746
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png

143.204.55.88

200 OK

4.3 kB

URL HTTP/2
prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
IP
143.204.55.88:0
ASN
#16509 AMAZON-02

File type
PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4341 bytes)
Hash
c06ae1ecaaf7e0610c68af117658a7e0
337cc86d38734fd76333c063366ec36e7a7d343a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

HTTP Headers

GET /dist/assets/logo-tab-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4341
date: Tue, 29 Nov 2022 03:26:30 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ke2MUPtx_BHZCxShOXl59u5L00DvkDKpf1N24hH6SQi_6TKQH5D9jg==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 03:26:27 GMT
date: Tue, 29 Nov 2022 03:26:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-7.jpg

142.250.74.176

200 OK

0 B

URL HTTP/2
storage.googleapis.com/offerimages/ancestral-grow/custom/images/transcript/46-image-7.jpg
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /offerimages/ancestral-grow/custom/images/transcript/46-image-7.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtGaooACzgaaVkmHk8EAq5kY9hATc1AodniZ37XWscRV0QYhV6Eq3mP48jfvwv-8N9kq0H0SFDtjzGVL-AlFoIzPg
x-goog-generation: 1653637604364768
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 23524
x-goog-hash: crc32c=n8U2eQ==, md5=pXgYLxb4LN73vvRfotyBuA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 23524
server: UploadServer
date: Tue, 29 Nov 2022 03:26:28 GMT
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: public, max-age=3600
last-modified: Fri, 27 May 2022 07:46:44 GMT
etag: "a578182f16f82cdef7bef45fa2dc81b8"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

agrowtrk.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846

172.67.216.211

302 Found

0 B

URL HTTP/2
agrowtrk.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846
IP
172.67.216.211:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846 HTTP/1.1
Host: agrowtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 29 Nov 2022 03:26:26 GMT
content-type: text/html; charset=UTF-8
location: https://ancestralgrow.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846
cache-control: no-cache, private
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IlkvZkZPMnJOZFllNXNmQURjM0xuNXc9PSIsInZhbHVlIjoicjYvdkVvejRTaVYwR2tDTndwc09xRm1yTHNOTHdZbFpqdEhORDhiNk05cWxhallMaytvMHFOOWlKU0haWjVDRnkwdzduR3Nwd1VhL01XbTI3amw4ZGdWNEJjbGtEb3ArNnppUk1USmd0NjZuMGNXY21TZXJxZ0c1Tk16YXBKa2oiLCJtYWMiOiJiN2UxYzcyZTcxNGI0OGNkYWM4NjAxYjkzNDVlNjU1NjU4ZDE2OTIyZTc5MWJiMTAzMTA0YTRhZmE2MzgyYTNlIiwidGFnIjoiIn0%3D; expires=Tue, 29-Nov-2022 05:26:26 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjZqb0ZQTUlNdkVibmFVcldYT0VmRXc9PSIsInZhbHVlIjoiVVJjWU5kSFFIZUl5NWl1UURMUndsMjZjUlQwUFByNHczYm1HK2w4RGF4QzJ2L2ZvTmpMVHBhcGEvSmtaWHBVd2o3bE1PUE9XR01DV3hJdzBiQnRQbkxVbnc2b1JkY3hZWEJnM00vM0ZXOFVDTnJyc0c2dWVRcWR4TW85SERMZjYiLCJtYWMiOiI0NmE4YWYzOGFiYWYzODFhNGZhMzJiM2M5YjM4ZGFkYmNmNGRhNDNhZDI3YTM0ZGJiMjJjYzRiM2Q0ZjU3Y2UyIiwidGFnIjoiIn0%3D; expires=Tue, 29-Nov-2022 05:26:26 GMT; Max-Age=7200; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZykLiKgEg%2Fo%2FfWPIPxTX3Q7JLzMibgRLTJOwasZGLrUuDDrgbnIS7XkZn0P0n6nkjXcpJFmBzPuvFcHN%2FGQi7wSICcs4ezU8iTGgVEeeoIynQJU8q9WPiEfMhlwVvzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77183de569010b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ancestralgrow.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846

104.21.55.179

200 OK

0 B

URL HTTP/2
ancestralgrow.com/t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846
IP
104.21.55.179:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t?vendor=bmpagrow&affiliate=mweb1&cbpage=pv&tid=7191_sessid20221129032636581&subid=846 HTTP/1.1
Host: ancestralgrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:26:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IjFKY1Z0MXZWdTloMzIvRUQ3bWVpU2c9PSIsInZhbHVlIjoicCtuMnpCZ1ZIazZ6U2JyNVlOd3NKc2hRdjJ0ZVhnTEtYa21ia1prbTgyZVdNa3VRY1luajlIYzNpaFBqWHpuMiIsIm1hYyI6ImIyNzQ2MmNjNGYwY2NjMGUzMjZkY2Y1MmJjNDQwYWNjNGMzYWRiOGRiMDYxZTFmZDE4N2U2ODkzNTk4YzhjMzYifQ%3D%3D; expires=Fri, 09-Dec-2022 03:26:26 GMT; Max-Age=864000; path=/; samesite=lax
_=eyJpdiI6Im1SUm9nUDFwUEYvL3NzazBVeFpTK2c9PSIsInZhbHVlIjoic1JsM2RQN2NsejlDWUJacFQ1NDltcnRPTG9QQ2l2MkJVVWNRbXRBejBuWkVucUxHSlB6WXFXcnMrcktGeEtBayIsIm1hYyI6ImZiYTdhODQxOWJhMWUyNDIxNjc2ODlmMDE0NmY2MWNkMjI0ODNiMjc3ZjlhZmUzZGRiMWFjNjFjMDI0ZWQ5NWIifQ%3D%3D; expires=Fri, 09-Dec-2022 03:26:26 GMT; Max-Age=864000; path=/; httponly; samesite=lax
referrer=eyJpdiI6InlqWUY5S082aEZGZHdpa1ZuSmVSL0E9PSIsInZhbHVlIjoiM2RGTStibEZwRTdabExiWnJKYU1sUT09IiwibWFjIjoiNDQyODhiNmQxNmI4ZmNjYTIzNTc1NTdmMzVjMTIxNzQzMDM1ZDdjZWY0MmFhNzNmNGY5OWEyYTBlNWQyMTg1YSJ9; expires=Sun, 04-Dec-2022 03:26:26 GMT; Max-Age=432000; path=/; httponly; samesite=lax
cbt=eyJpdiI6IjlKZ1VNK3J2MFR0bjUrTlBTUnJvVEE9PSIsInZhbHVlIjoiSUpCbEJXOWpJbkRYd0dFeW9xdUYxQT09IiwibWFjIjoiOTAzYjhmOWU2NzRiYTU3YTU0NjNiMTliYzNlNjYzNzAzOTNhMGZlNmQxZTAyMGM3ODU5MTA2M2ZkZDhiMDkxOCJ9; expires=Sun, 28-Nov-2027 03:26:26 GMT; Max-Age=157680000; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KkAvEmOBBpF%2F6CNkKnAq7yAbw9zhqxOuBkKsVvQ%2B%2F1Wf0Oo4HJ7S1MHibZ2ye1Ojv0x2e%2FtHPa4R2vl990e6FJy9HgR0e6ALiOHU3OfdD3Q%2Fa%2BVl2cEOnZn%2FW8XamfwkB%2F0Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77183de6faac0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

storage.googleapis.com/offervideos/ancestral-grow/B1YjUL6baJk.mp4

142.250.74.176

206 Partial Content

0 B

URL HTTP/2
storage.googleapis.com/offervideos/ancestral-grow/B1YjUL6baJk.mp4
IP
142.250.74.176:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /offervideos/ancestral-grow/B1YjUL6baJk.mp4 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
x-guploader-uploadid: ADPycdufcF5Xk-PWHeQOYf0mC1OJWrycZU2ShkgqDa3pIcFr6JikTbVJP4c3_-z_fcXyn3rEp2HpdOd4Nh2aRPiVhDngMg
expires: Tue, 29 Nov 2022 04:26:28 GMT
date: Tue, 29 Nov 2022 03:26:28 GMT
cache-control: public, max-age=3600
last-modified: Tue, 10 May 2022 15:03:22 GMT
etag: "2360e7f30e835850c9c47061a2035645"
x-goog-generation: 1652195002623245
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 152397719
content-type: video/mp4
x-goog-hash: crc32c=vbcB8g==, md5=I2Dn8w6DWFDJxHBhogNWRQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-range: bytes 0-152397718/152397719
content-length: 152397719
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go.maxweb.com/conversion/iframe/?a=7191&token=f5967ae73319238af1ab6ec9cb614ad7

172.66.40.143

200 OK

0 B

URL HTTP/2
go.maxweb.com/conversion/iframe/?a=7191&token=f5967ae73319238af1ab6ec9cb614ad7
IP
172.66.40.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversion/iframe/?a=7191&token=f5967ae73319238af1ab6ec9cb614ad7 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:26:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 29 Nov 2022 04:26:28 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77183df29a84b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Sacramento

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Sacramento
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Sacramento HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 03:26:27 GMT
date: Tue, 29 Nov 2022 03:26:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/injectable.js

143.204.55.88

200 OK

0 B

URL HTTP/2
prod.cbstatic.net/dist/injectable.js
IP
143.204.55.88:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/injectable.js HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ancestralgrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 29 Nov 2022 03:26:29 GMT
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9RfFZMnPawOx8yLOH97rEyJsX05rj_zPJuFqvl_5Txsfy2RteSOVQA==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations