r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2694
Expires: Thu, 12 Jan 2023 01:27:57 GMT
Date: Thu, 12 Jan 2023 00:43:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10539
Expires: Thu, 12 Jan 2023 03:38:42 GMT
Date: Thu, 12 Jan 2023 00:43:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 23:48:39 GMT
content-type: application/json
age: 3265
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18710
Expires: Thu, 12 Jan 2023 05:54:54 GMT
Date: Thu, 12 Jan 2023 00:43:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IwIWVIe5ZYm/pM49Pw4JTWtGA1cjGJyNz8grhwkWj2qJDEV+R37sg+x+Cx717VgFpfPkehEVXd0=
x-amz-request-id: FDY7YYGHBNJSVM0Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 00:02:16 GMT
age: 2448
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 00:43:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
initialme.anathothonline.us/
81.171.22.5302 Found 11 B URL HTTP/1.1 initialme.anathothonline.us/
IP 81.171.22.5:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET / HTTP/1.1
Host: initialme.anathothonline.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 12 Jan 2023 00:43:03 GMT
location: http://btpnative.com/click?data=SFpwZ2E2TXBSNUk0NjFteEpNVUR6WGlJblRyOFJraEUxeHNwdURYZ3FIdUcwcVFTM21neEE5dThCZFFvdU1zYks5eUxXSEQ3WEV0TmF5dF8xcjBxbm5hSHlYOVhCRWZxTk9MMkl1YUZpSnhhUnBxTllPWjVWV1FrSDR4QWo2SWp4MXRGWkRwVEZCN3ZkdFpPT3BpZE1nMg2&id=96716329-27b1-44e6-8f04-b499f73aa583
server: nginx
set-cookie: sid=1297e5f0-9212-11ed-afce-15a2bb770652; path=/; domain=.anathothonline.us; expires=Tue, 30 Jan 2091 03:57:11 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 00:33:45 GMT
age: 559
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 00:43:04 GMT
Last-Modified: Wed, 11 Jan 2023 23:04:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
btpnative.com/click?data=SFpwZ2E2TXBSNUk0NjFteEpNVUR6WGlJblRyOFJraEUxeHNwdURYZ3FIdUcwcVFTM21neEE5dThCZFFvdU1zYks5eUxXSEQ3WEV0TmF5dF8xcjBxbm5hSHlYOVhCRWZxTk9MMkl1YUZpSnhhUnBxTllPWjVWV1FrSDR4QWo2SWp4MXRGWkRwVEZCN3ZkdFpPT3BpZE1nMg2&id=96716329-27b1-44e6-8f04-b499f73aa583
192.99.158.241200 OK 5.5 kB URL HTTP/1.1 btpnative.com/click?data=SFpwZ2E2TXBSNUk0NjFteEpNVUR6WGlJblRyOFJraEUxeHNwdURYZ3FIdUcwcVFTM21neEE5dThCZFFvdU1zYks5eUxXSEQ3WEV0TmF5dF8xcjBxbm5hSHlYOVhCRWZxTk9MMkl1YUZpSnhhUnBxTllPWjVWV1FrSDR4QWo2SWp4MXRGWkRwVEZCN3ZkdFpPT3BpZE1nMg2&id=96716329-27b1-44e6-8f04-b499f73aa583
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 9f6ae5dada4f43bd1c51324f8f932bae
4b8750d7c157a75d35e86f4fcb1165b29a3116a8
45db765f21b0597ebcfa971ea30c225d7ed1d49d949de93c9af3752fff2548e2
GET /click?data=SFpwZ2E2TXBSNUk0NjFteEpNVUR6WGlJblRyOFJraEUxeHNwdURYZ3FIdUcwcVFTM21neEE5dThCZFFvdU1zYks5eUxXSEQ3WEV0TmF5dF8xcjBxbm5hSHlYOVhCRWZxTk9MMkl1YUZpSnhhUnBxTllPWjVWV1FrSDR4QWo2SWp4MXRGWkRwVEZCN3ZkdFpPT3BpZE1nMg2&id=96716329-27b1-44e6-8f04-b499f73aa583 HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: FCwuqYHZcbhdcuS=FCwuqYHZcbhdcuS; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Thu, 12 Jan 2023 00:43:04 GMT
Content-Length: 5470
btpnative.com/Redirect/
192.99.158.241302 Found 2.0 kB IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1950), with CRLF line terminators
Hash ac1e1e3196e8b2ecacabf1b257a40745
e1c6a18274497820d5707ea1f3568c97bfa8f949
89be242b5db57549e61576719b4717f380e577aa23723c6de113ac447e927d63
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 359
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=SFpwZ2E2TXBSNUk0NjFteEpNVUR6WGlJblRyOFJraEUxeHNwdURYZ3FIdUcwcVFTM21neEE5dThCZFFvdU1zYks5eUxXSEQ3WEV0TmF5dF8xcjBxbm5hSHlYOVhCRWZxTk9MMkl1YUZpSnhhUnBxTllPWjVWV1FrSDR4QWo2SWp4MXRGWkRwVEZCN3ZkdFpPT3BpZE1nMg2&id=96716329-27b1-44e6-8f04-b499f73aa583
Cookie: FCwuqYHZcbhdcuS=FCwuqYHZcbhdcuS
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2McO68NzQ0XN5hTD6jjLDPWw3p4e5TQSjUJNkA4jIt4dLbaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwRp8HHRa2GbQF5TK4rci73vw1lFePp-Fu2nNXGj8N6uVxcCJZkMV_1nSDAsabL7k2CM5ep5-jk9NSXOSX4w84JPrrmRnU19Xvisor02EJPxt2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwAeOQ6C805Hw7Zj0ryQrPq4BNNAF9Gg5M9meY2gp74fHMDopkdC4VvhxTBeshLLoqEXH8dLYd0OJGXw597MPsXBmZlG2bIP1EFNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Thu, 12 Jan 2023 00:43:04 GMT
Content-Length: 2022
push.services.mozilla.com/
52.41.87.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.87.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5AbwPweGsJ2LAAnL/c3JTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0vwpkwFHDJEZj7cZ5sRvm6r8jSY=
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 91b761e376c99ed812c86923806c5ccd
3865c2b7912c7e9c5f553ba20cbb7cfda0123840
4ce20d2e67355141aa91d49a78653fc1c220d1ea3d72cdeed06eb1c633b24f12
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 00:43:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 19:25:42 GMT
Expires: Sun, 15 Jan 2023 19:25:41 GMT
Etag: "3865c2b7912c7e9c5f553ba20cbb7cfda0123840"
Cache-Control: max-age=325955,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7881db1d6af81c02-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2McO68NzQ0XN5hTD6jjLDPWw3p4e5TQSjUJNkA4jIt4dLbaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwRp8HHRa2GbQF5TK4rci73vw1lFePp-Fu2nNXGj8N6uVxcCJZkMV_1nSDAsabL7k2CM5ep5-jk9NSXOSX4w84JPrrmRnU19Xvisor02EJPxt2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwAeOQ6C805Hw7Zj0ryQrPq4BNNAF9Gg5M9meY2gp74fHMDopkdC4VvhxTBeshLLoqEXH8dLYd0OJGXw597MPsXBmZlG2bIP1EFNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk
52.116.53.155302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2McO68NzQ0XN5hTD6jjLDPWw3p4e5TQSjUJNkA4jIt4dLbaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwRp8HHRa2GbQF5TK4rci73vw1lFePp-Fu2nNXGj8N6uVxcCJZkMV_1nSDAsabL7k2CM5ep5-jk9NSXOSX4w84JPrrmRnU19Xvisor02EJPxt2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwAeOQ6C805Hw7Zj0ryQrPq4BNNAF9Gg5M9meY2gp74fHMDopkdC4VvhxTBeshLLoqEXH8dLYd0OJGXw597MPsXBmZlG2bIP1EFNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2McO68NzQ0XN5hTD6jjLDPWw3p4e5TQSjUJNkA4jIt4dLbaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwRp8HHRa2GbQF5TK4rci73vw1lFePp-Fu2nNXGj8N6uVxcCJZkMV_1nSDAsabL7k2CM5ep5-jk9NSXOSX4w84JPrrmRnU19Xvisor02EJPxt2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwAeOQ6C805Hw7Zj0ryQrPq4BNNAF9Gg5M9meY2gp74fHMDopkdC4VvhxTBeshLLoqEXH8dLYd0OJGXw597MPsXBmZlG2bIP1EFNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 12 Jan 2023 00:43:05 GMT
content-length: 0
set-cookie: rhid=82687359380; Max-Age=15552000; Expires=Tue, 11-Jul-2023 00:43:05 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8O8BLfeF4fduDWgJmllTiVFtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6ppc-zOw1lS5Op6I07HX9rnEJinfMS-TNTRoqsF3F3uaW1M1FRIHA22vDpfnGnNN8cd7zUWiMviNA&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0
X-Firefox-Spdy: h2
p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8O8BLfeF4fduDWgJmllTiVFtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6ppc-zOw1lS5Op6I07HX9rnEJinfMS-TNTRoqsF3F3uaW1M1FRIHA22vDpfnGnNN8cd7zUWiMviNA&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0
52.116.53.155302 Found 0 B URL HTTP/2 p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8O8BLfeF4fduDWgJmllTiVFtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6ppc-zOw1lS5Op6I07HX9rnEJinfMS-TNTRoqsF3F3uaW1M1FRIHA22vDpfnGnNN8cd7zUWiMviNA&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8O8BLfeF4fduDWgJmllTiVFtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6ppc-zOw1lS5Op6I07HX9rnEJinfMS-TNTRoqsF3F3uaW1M1FRIHA22vDpfnGnNN8cd7zUWiMviNA&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0 HTTP/1.1
Host: p274639.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=82687359380
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 12 Jan 2023 00:43:05 GMT
content-length: 0
set-cookie: rhid=82687359380; Max-Age=15552000; Expires=Tue, 11-Jul-2023 00:43:05 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274639-581455224-ANATHOTHONLINE.US_ts_1673484185; Max-Age=3600; Expires=Thu, 12-Jan-2023 01:43:05 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2
myfood.ltd/?v=20171031&s1=0
151.139.128.10200 OK 2.9 kB URL HTTP/2 myfood.ltd/?v=20171031&s1=0
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6859), with no line terminators
Hash 029ccb01ef612a9e6748494c60d24b69
d385f7671725be11701998c27571e94b1950f991
7ac429dc45b509b1bed9bdcdc5610868d510d979ce3cc06d48870511bf0425f5
GET /?v=20171031&s1=0 HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 2896
content-type: text/html
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb731-1ad4"
x-sp-metadata: HS256.CKnL/Z0GEocBCiQxZjRmOTc2OS04NzAwLTQ3NjQtOGZmYS01OTdlMDZiMTNjNGEQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkMTFkMmU2ZDItNWNhYS00YWY2LTg1MzEtYmM3M2I5ODBmNWQ2GNAWIhgIAhIUY2RzMjM2LnNrMS5od2Nkbi5uZXQ=.OwCPJDrUAqYbU55GhrgqjY0tSI2Rct7igy0nbKD/s5c=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds236.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/css/style.css
151.139.128.10200 OK 19 kB URL HTTP/2 myfood.ltd/main/css/style.css
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65134), with no line terminators
Hash a95a0c8bd1273406b8c8053fb3527d56
2a461dcfa2c4bf1d22727bfd7c3c2abc85d44343
55b46146d32f4ee365d4ca91d8b3b1c504a062b15bbc1ed60a22ac2d05be1db5
GET /main/css/style.css HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 18933
content-type: text/css
last-modified: Mon, 01 Mar 2021 09:43:15 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb733-1b1ac"
x-sp-metadata: HS256.CKnL/Z0GEocBCiQ2NTNkZTJmNy1iMDU5LTRmZjAtOTk1Yy05MGYzNDM5MmNkMGQQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNjNhNjNjYTAtMzMxNC00MjM3LWE5YTAtNjI3MzM1MjJhNGEyGPWTASIYCAISFGNkczI2MS5zazEuaHdjZG4ubmV0.mMCOF1lm/096atTwXcpalSDGOltQMaCiIfOG+3gIHQo=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds261.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_1.jpg
151.139.128.10200 OK 74 kB URL HTTP/2 myfood.ltd/images/Superfood_1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x420, components 3\012- data
Hash c2c3ec0e55e648c2a85d4499714a9c11
073f2990a52da59a7d3b73583b30be3c2cf45523
b66cf7365382753dc6340bfa2fba89c368ca3b930a0833d8f64c4c34525fc2ec
GET /images/Superfood_1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-length: 74204
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-121dc"
x-sp-metadata: HS256.CKnL/Z0GEocBCiQ5NjJkNGJkNi0wMzYzLTRmMWEtYTRkMC1iMjdkNjAzYmU3MzEQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZjkxYTQ0NTctZDMxYS00NGVmLWFmMDItNGE0NDM2NTJhNGMxGNzDBCIYCAISFGNkczI0Ny5zazEuaHdjZG4ubmV0.JXAC4xY9BZFbTd78B92w9XhbCwwVX6p1H5ZzN31aajI=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds247.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_2.jpg
151.139.128.10200 OK 52 kB URL HTTP/2 myfood.ltd/images/Superfood_2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x341, components 3\012- data
Hash b87af7248a82f58fe2ea5d0c7b030886
1d5a5b9752d7978c68b0d4a1689b3d8e6d322f0a
14da8c39c357dad0441b26d575c0000a9529c76d785680306a3cf51abe4cae81
GET /images/Superfood_2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-length: 51830
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: "603cb731-ca76"
x-sp-metadata: HS256.CKnL/Z0GEocBCiQwOTRmMjM0NS01MmE2LTRhZDctODQzMC00Nzg4MjRlNzM3OGEQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkYjdkMjAyNmMtZmUyYS00MmQ1LWFiZGEtZGQxOWE1MjVlZGNiGPaUAyIYCAISFGNkczIyMC5zazEuaHdjZG4ubmV0.nQG5yp3nfYKdkA1Z1GRKUrn1OIqT5L491MD8JI4+s6o=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds220.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-1.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash 62d0b6a649ac10e72bcb6ea3bbf57564
3e333889b0b66bfc6a32499f4c55878e2102b463
58dddc0a77632d920d096da6c6e2587c5859a4b4dd7af6dcd6eb8009ebc23ba6
GET /images/avatar-1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-length: 11304
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-2c28"
x-sp-metadata: HS256.CKnL/Z0GEocBCiRlZjVkNjYzNC03OWU5LTRkZDgtYjY1Yy1jODExODI3NDA5NzYQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkMjBkODBkZDQtZmZkZC00MTYyLTlkZGUtZDA2ZmRmOGQwYzUxGKhYIhgIAhIUY2RzMjExLnNrMS5od2Nkbi5uZXQ=.WvDv3n1wFBpFsccKVI+yR0Om9Np8bebB7mdAqjypxS4=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds211.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-2.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash dd3881ed1b5b03b1d571edf89e12c466
61ca68c1c2d2ae7d286dfc0540f4ca8b357fdf3d
97b65e41dd547b310e1e860d2ae4717dba1d97bd36c0cd06c35749caa515e207
GET /images/avatar-2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-length: 10665
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-29a9"
x-sp-metadata: HS256.CKnL/Z0GEocBCiQyM2YyNmRkNS1mMGI5LTRmNjAtODZiNi0wMGIwZjBiM2FkYzMQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkYWJjMGI1YjUtMTU4OC00M2JjLWJiZjQtNWRlN2VkNzNiMWE4GKlTIhgIAhIUY2RzMjAyLnNrMS5od2Nkbi5uZXQ=.OOs599XMdGVmVi3L+Eg8FqGd9GHjFUr/h91GIbX5YRc=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds202.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/js/main.js
151.139.128.10200 OK 39 kB URL HTTP/2 myfood.ltd/main/js/main.js
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (60220)
Hash 181e3fa3b1de97ff4efd259bc2a2c8c7
52edf1dc36109cb57bea12689a48442e27f06ad1
ffa8984bea3bf0c0a0cb282e9a5a98b3435e63fb6a26dfe0351979fa9f827c40
GET /main/js/main.js HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:05 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 38656
content-type: application/javascript
last-modified: Mon, 01 Mar 2021 09:43:14 GMT
accept-ranges: bytes
server: nginx
etag: "603cb732-1d57b"
x-sp-metadata: HS256.CKnL/Z0GEocBCiQ0MjJjNDM3MC04NTlhLTQ0NjAtYWEzNC1lMjdhNDE3NDVmM2IQwIKqy8GT/AIaBgiZr/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkOGRlM2NjYmUtZWYwOS00YWI1LTkzMTktODk0YWFjYzJmOGQzGICuAiIYCAISFGNkczIyOC5zazEuaHdjZG4ubmV0.cU3vWal/W77DF8ADfgsNrlG6qp0R64DQzbD/Jn/KXOk=
x-hw: 1673484185.cds246.sk1.hn,1673484185.cds228.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 00:43:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 00:43:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 03:33:02 GMT
expires: Sat, 06 Jan 2024 03:33:02 GMT
cache-control: public, max-age=31536000
age: 508204
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
GET /s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 15:51:33 GMT
expires: Wed, 10 Jan 2024 15:51:33 GMT
cache-control: public, max-age=31536000
age: 118293
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
myfood.ltd/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b671b0407b8abf4ffb9946ee1596d992
79a116ffd13f1888451abd3cb8751cb2140f2fa4
1515616a51664df153b03397585ee45469cb936100992f870419514b17820649
GET /favicon.ico HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 00:43:06 GMT
cache-control: max-age=30
content-length: 1150
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 14:00:16 GMT
accept-ranges: bytes
server: nginx
etag: "5abb9ff0-47e"
x-sp-metadata: HS256.CKrL/Z0GEocBCiQ3ODIyNGMwZi03MjBkLTQzMDEtYWY3Zi1mMDU2MjY1YzVmYzgQwIKqy8GT/AIaBgiar/2dBiIMOTEuOTAuNDIuMTU0KJCJATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkNGU5MDQzZmQtZmYzYy00NmNhLThiZjMtZGRiOTlkMWFlNDMzGP4IIhgIAhIUY2RzMjQwLnNrMS5od2Nkbi5uZXQ=.zz2YpbdAHYdvVg5h7m0HcrHahPD7Q7nU5ZVsLoh/jQs=
x-hw: 1673484186.cds246.sk1.hn,1673484186.cds240.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 00:43:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Thu, 12 Jan 2023 02:35:01 GMT
Date: Thu, 12 Jan 2023 00:43:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Thu, 12 Jan 2023 02:35:01 GMT
Date: Thu, 12 Jan 2023 00:43:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Thu, 12 Jan 2023 02:35:01 GMT
Date: Thu, 12 Jan 2023 00:43:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Thu, 12 Jan 2023 02:35:01 GMT
Date: Thu, 12 Jan 2023 00:43:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 13:56:11 GMT
age: 38815
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fd0e53-ba82-4c9e-80b5-a81462d60dcd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fd0e53-ba82-4c9e-80b5-a81462d60dcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8356e95181dbd657fa14e3c502704f30
cf052aee06d74da968cd2c7bad46fef32b5f8456
bfb897dbf5136c95862408dd3051172f3a1ff8ffa07b299b62c733786087526b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fd0e53-ba82-4c9e-80b5-a81462d60dcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11115
x-amzn-requestid: e939f491-63f1-41f1-b0cc-7b0468442bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDBESsIAMFzxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-62dd2ab95dce70172b92d587;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bacPEr4bCKZt2d8F5c-QEh3_Wpo3da1Bdh0F6KCFOWa5PudMt_Bsnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:14:57 GMT
age: 8889
etag: "cf052aee06d74da968cd2c7bad46fef32b5f8456"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3827565b-0aea-4783-8036-edcf552d7427.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3827565b-0aea-4783-8036-edcf552d7427.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c6730c9fc73d829a0aa5583ea6cb28e
100e42d0224854635006b019a72cf68605e160f8
d29dee0111a6f8e75b0d0855fbfaaf72ff10417789154310729550ce74f06949
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3827565b-0aea-4783-8036-edcf552d7427.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8281
x-amzn-requestid: 9b572c46-926c-448d-a3ba-9b0eb18b31d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ-cETQIAMFfQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6c2-65bb767e6828f36b003713b6;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9QCI6kDZixcIm-2G9IJNVvjiXnofOPqIQOBoG96jEGvJVGzCwHizkg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 03:51:38 GMT
age: 75088
etag: "100e42d0224854635006b019a72cf68605e160f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd1ba6f4-d345-45e7-b455-36db43f093e0.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd1ba6f4-d345-45e7-b455-36db43f093e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cbd3c0548b3197ade6f1b882e158e38
855e93b3086773afef5dfd59eb0c422bd2cdea30
cc5ca2083dbea427d87bed4d9c97c52a8416696626ff4ee5926ccd928ac2ccbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd1ba6f4-d345-45e7-b455-36db43f093e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7685
x-amzn-requestid: ae85fbdf-d614-4d78-b077-ebe1ce79997d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9qFRHoAMFtIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-3686c1ce7981614c13dcb053;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: udD2cyNkxSDqYjK3AgQtS0F6dAbfmi8eu1MLUjPCNLuq7trErGfGMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 03:51:38 GMT
age: 75088
etag: "855e93b3086773afef5dfd59eb0c422bd2cdea30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2bf2cbc-5cae-492e-b72d-2c40354e5cc6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2bf2cbc-5cae-492e-b72d-2c40354e5cc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46b598855671ae378c0b16846d30d414
2a82f935fe3238bbce8c19d1876d51be10102e29
d4ea106e9b213226983471f941dd3f1ae5f9370c04c1541db296447615f9a7d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2bf2cbc-5cae-492e-b72d-2c40354e5cc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7966
x-amzn-requestid: db635bf8-1718-40d5-923b-261a38890e3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egaGGHQIoAMFcxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6f3-12139ec571976ee70120817d;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:09:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gUOkADY5O8ASAQ_X5cOOGLY-DAMLqLgT3p_Wwi7WD3aTU1lGaPSceA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 23:45:51 GMT
age: 3435
etag: "2a82f935fe3238bbce8c19d1876d51be10102e29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aba4f1d-271e-4b79-98f7-43de51b7ad0a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aba4f1d-271e-4b79-98f7-43de51b7ad0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad081dde940db54efae11670f6ef7f22
19ee066c613137d4a00e3c6360f65c194655c147
c07916225ab72e332c693838bad5d650fdf320aadbe01ba7edeb00ac47a5a1d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aba4f1d-271e-4b79-98f7-43de51b7ad0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6945
x-amzn-requestid: 35e952b5-357e-4537-9705-aba35cfa6706
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egaGAGjoIAMF9cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6f3-0e8d1d8a571d4fc52258dfb8;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:09:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z64eltIV9-Ya-SoVh48PuE2YZKAYYhuG7TOQxQRF5hRWBzdjM_L_yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 04:44:47 GMT
age: 71899
etag: "19ee066c613137d4a00e3c6360f65c194655c147"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2