Overview

URL fair.fairfaxfamilyhealthcare.com/ga/click/2-48000618-161-1044-2020-1517-1843017c95-te4f4defa8
IP95.111.245.92
ASNContabo GmbH
Location Germany
Report completed2022-09-27 18:02:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 fair.fairfaxfamilyhealthcare.com/ga/click/2-48000618-161-1044-2020-1517-184 (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS js.sentry-cdn.com (2) 5259 2018-07-13 11:42:06 UTC 2022-09-27 13:22:49 UTC 151.101.2.217
mnemonic passive DNS cdn-3.convertexperiments.com (1) 15759 2017-01-30 01:52:20 UTC 2022-09-27 10:32:16 UTC 23.61.213.66
mnemonic passive DNS bioptimizers.com (1) 73666 2016-01-05 19:03:44 UTC 2022-09-27 12:18:01 UTC 172.66.40.189
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-27 04:53:25 UTC 151.101.85.229
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 14:55:40 UTC 143.204.55.36
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-27 12:08:14 UTC 93.184.220.29
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-27 12:49:17 UTC 104.18.11.207
mnemonic passive DNS ajax.googleapis.com (1) 12905 2015-02-02 18:56:09 UTC 2022-09-27 17:09:53 UTC 142.250.74.10
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-27 05:00:30 UTC 104.18.20.226
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.76.226
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 52.38.227.80
mnemonic passive DNS js.sentry-cdn.com (2) 5259 2018-07-13 11:42:06 UTC 2022-09-27 13:22:49 UTC 151.101.130.217
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.25.14
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.49
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-09-27 05:36:01 UTC 23.36.76.226
mnemonic passive DNS mwebnice.com (1) 0 2022-02-18 00:05:35 UTC 2022-09-27 14:13:52 UTC 172.67.146.245 Unknown ranking
mnemonic passive DNS cb.bioptimizers.com (2) 0 2022-06-07 08:25:23 UTC 2022-09-25 12:17:23 UTC 172.66.43.67 Domain (bioptimizers.com) ranked at: 73666
mnemonic passive DNS fast.wistia.com (2) 5153 2012-07-04 00:34:57 UTC 2022-09-27 05:55:05 UTC 151.101.86.110
mnemonic passive DNS magbreakthrough.com (2) 0 2020-03-27 18:30:26 UTC 2022-09-24 12:19:23 UTC 172.67.175.160 Unknown ranking
mnemonic passive DNS fair.fairfaxfamilyhealthcare.com (1) 0 2022-09-09 16:01:28 UTC 2022-09-27 15:39:10 UTC 95.111.245.92 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS 66f04c87p0by2q04mfqmvilokc.hop.clickbank.net (1) 0 2022-08-15 02:50:46 UTC 2022-09-23 22:52:10 UTC 44.240.181.170 Domain (clickbank.net) ranked at: 34186
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:52:54 UTC 142.250.74.72
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 12:39:40 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.111.245.92

Date UQ / IDS / BL URL IP
2022-10-01 05:03:32 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-28 16:36:21 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-28 16:13:20 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-27 23:39:17 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-27 18:39:16 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92

Last 5 reports on ASN: Contabo GmbH

Date UQ / IDS / BL URL IP
2022-11-29 20:36:39 +0000
0 - 0 - 1 lyulink.com/PYESFOUNDATION-2022 176.126.87.179
2022-11-29 20:32:25 +0000
0 - 0 - 4 1.xawerxz1.tk/jefanya-store/ 178.18.253.41
2022-11-29 19:28:00 +0000
50 - 0 - 37 www.us-hsdjks.com/us/secure/order/us/ 213.136.93.164
2022-11-29 18:48:30 +0000
0 - 0 - 1 mw1trk.va.meetquickviz.com/index.php/campaign (...) 75.119.141.56
2022-11-29 18:07:23 +0000
0 - 0 - 2 hello.studioqv.com/index.php/campaigns/nh856h (...) 75.119.141.56

Last 5 reports on domain: fairfaxfamilyhealthcare.com

Date UQ / IDS / BL URL IP
2022-10-01 05:03:32 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-28 16:36:21 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-28 16:13:20 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-27 23:39:17 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92
2022-09-27 18:39:16 +0000
0 - 0 - 1 fair.fairfaxfamilyhealthcare.com/ga/click/2-4 (...) 95.111.245.92

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-29 04:38:56 +0000
0 - 0 - 1 henoticpipi.com/gokfmmupxmej/45553 23.109.87.100
2022-11-25 22:17:28 +0000
0 - 0 - 2 6d417.diary.lojjh.com/ 82.180.154.113
2022-11-17 13:35:56 +0000
0 - 0 - 1 www.sacisesen.tihcxr.top/jp.php 192.161.176.64
2022-11-17 13:33:21 +0000
0 - 0 - 1 www.saciseocn.xzjciy.top/jp.php 192.161.176.64
2022-11-15 20:25:19 +0000
0 - 0 - 1 www.sasiseoen.xzjciy.top/jp.php 192.161.176.64


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (46)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 17:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gw7jMC2I7gJzGMUIFWpQihVCCBqf3lb9Ps1MLEkGdDcMh2cG6kTv2Q==
Age: 2798


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7846
Expires: Tue, 27 Sep 2022 20:12:54 GMT
Date: Tue, 27 Sep 2022 18:02:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ad-zuBW0D0imx399gL-B8MuJpA_eHp_TBOIfalUMWqU-cIj-wv2EvQ==
age: 31075
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 18:02:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 17:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 17:50:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Yuy1qmaYCGWRilP9GGfxTuKmafBEUoOVEEtkBPMLFgaT4ThHesmWuw==
Age: 3082


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3354
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:08 GMT
Last-Modified: Tue, 27 Sep 2022 17:06:14 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0717xr7MK1pd0S0VD5ECLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.227.80
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HVoXR9fOxhhuEatNequsBt2sB4A=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3608
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 18:02:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3608
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 18:02:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3608
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 18:02:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 60923
etag: "1a26007f761e439db575fb80fb403031260aecf4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9070
x-amzn-requestid: 1c562fb5-901f-4bb3-9809-fc7ba0f4a44f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCS0xHYXIAMF67w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb51-3ec67f346c3acefa25bbb891;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sS_p9YqHno_U_bhNMo_8sS8BgkpWr-zuFH_eJ-tWLIqDhMqigYrVBQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:05:33 GMT
age: 71797
etag: "c16a6f018bd80c6390b7a07f4e6698db7bfd28b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9070
Md5:    988b0c94c41a21c736b330c3256d0a3c
Sha1:   c16a6f018bd80c6390b7a07f4e6698db7bfd28b0
Sha256: 3034912f83810b3999ffa90f5eeaf0f45773c592cfd3cf2bfb794ea1b150158c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 73383
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 59060
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 73393
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:00 GMT
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
age: 73390
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /ga/click/2-48000618-161-1044-2020-1517-1843017c95-te4f4defa8 HTTP/1.1 
Host: fair.fairfaxfamilyhealthcare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         95.111.245.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 27 Sep 2022 18:02:13 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.33
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Request-Id: 8771075a945eb51be92ea7bfc5222d3c
Location: https://mwebnice.com/7480/14/2/?subid=XMbfgqq
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 5.581541
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.12
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   111
Md5:    2169c765295afce635430a4000a0ee16
Sha1:   7974714caad89eb521f85a7caa5c599f2c998faf
Sha256: bc6aef1323f8c185cc5b38fb80533f43bb602065dcd694856f81805b7f1f5908

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:14 GMT
Last-Modified: Tue, 27 Sep 2022 16:36:19 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7WyFtNYorYboLuQrbK8pKJHXjyjgrwL35w7CfKusCORo9V_DprMoEQ==
Age: 5155

                                        
                                            GET /?w=magcpa&tid=7480_sessid20220927180235765&subid=14 HTTP/1.1 
Host: 66f04c87p0by2q04mfqmvilokc.hop.clickbank.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: p=Rqv09oeSAr_fwNh8n-CIpX3BXJXAhSs5liLsZX0Ux0q2LoCuLErSh7vv2ZKzm_sIPzslR3KeSDFqjeEDtMLHPWkq7GH5zavT6VO8oHWSoK16FYd_c4DAUvAd1_9IMeysRvleDzixE2F-ZZEmZY2xTIJ0WVgNufWbwwa9R6uXGHHdaOR_5928ZrtgZVcKH9P-JB1C4dF2r-tjYben1DpvD3k5_P-Hx231TIHYK398HW1WxRGEeGCrsmQedsrdI3XAikV4uPyQYuEzsh9_EEMbchM_Lqq5Pw-PQZI30D7MIpko8NXHA2OAQBut8l_nRE_zw1p64LlqAAkXmlgbaTxhxtIs9Q0_ZTyDN1lMKh2RKp_MmUvZYs5eKe9420tHelY06njVkSJDzE_jAcKtt6MAlnB_FrzGbvgN83uiLvIOUULTTzHh8HW3hBDwLLwSQC-Po3Zivg%3D%3D; q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         44.240.181.170
HTTP/2 307 Temporary Redirect
                                        
date: Tue, 27 Sep 2022 18:02:14 GMT
content-length: 0
location: https://cb.bioptimizers.com/?hop=mweb1&w=magcpa&subid=14
set-cookie: p=9ZvJAlWCcwmj36zqvYvkJ0D6_P1bnLIaK7rYkwUlHbYMppL_nkWKZCLixlI6ziUrxCuSay0vRd6CnF4tcGc_Wq1AOVzqayrpRUqWN_bDFlKNuXvZQX_XJ2XbSQV2tblGjKdcia0qPM5bEscW62kiV-rN763qGszc8wXd-r__10YjhuZfhBNIi_2qFC7S0mRUHaw46VqZbAVTWTpm9o-fJ5NVMydlbDXr24T6Ph1RW5887MIb; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Sun, 26 Mar 2023 18:02:14 GMT
server-timing: traceparent;desc="00-56e1bedb0b35ab1142a211e5542cdea7-74d629205194c233-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2

                                        
                                            GET /82f04afb2a424e93b35ebe54703b00f4.min.js HTTP/1.1 
Host: js.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cb.bioptimizers.com
Connection: keep-alive
Referer: https://cb.bioptimizers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.130.217
HTTP/2 200 OK
content-type: text/javascript
                                        
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 11
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:02:15 GMT
age: 349
x-served-by: getsentry-web-default-production-5d8d66f595-4bx77, cache-bma1623-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1020
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (512)
Size:   1020
Md5:    c65e6b5bde64d38476edccfcbd2b157e
Sha1:   72f6d882ac56dc074bf9fc8d21e276181dd62234
Sha256: 2a61eb8f4aa7aeac9c9739c7714b540d06ca1aec59ee05a30f600de92ca502f1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:15 GMT
Server: ECS (amb/6BB8)
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:16 GMT
Last-Modified: Tue, 27 Sep 2022 18:02:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5580
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:16 GMT
Last-Modified: Tue, 27 Sep 2022 16:29:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 27 Sep 2022 18:02:16 GMT
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1108113
expires: Sun, 17 Sep 2023 18:02:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLFpQUlh4AlyxTJOaEMiI9uDaqItfoZW0mOOW9ioqPrJ%2BAU2uRegzfgW82C7CYjkTtakAD5rx%2Fb4%2FBNfij1nfuN4EvuVSDX%2ByNm4juqeOyA2oqrj1%2BDehWue0HowP6abnPo1r9tx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7516263d98d70b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   5631
Md5:    109d1ed85cd01f9cdab73a4cac5bf80d
Sha1:   d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
Sha256: 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
                                        
                                            GET /7e59457ec155440f86ff1b54343366e7.min.js HTTP/1.1 
Host: js.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magbreakthrough.com
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.2.217
HTTP/2 200 OK
content-type: text/javascript
                                        
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 16
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:02:16 GMT
age: 348
x-served-by: getsentry-web-default-production-5d8d66f595-m7qjz, cache-bma1624-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1024
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (512)
Size:   1024
Md5:    8387e6698ab2bbff1af0c5de014cc0be
Sha1:   b6672293a7c5b32419a99a044d624a2a321aa556
Sha256: 1133511009ce286f96c4b742a3c27d2dd078d3715fb9eceea871e8e45fcd516b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magbreakthrough.com
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 27 Sep 2022 18:02:16 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 08/20/2022 02:39:44
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a42f6dc5075f10760fe8482e1cb15430
cdn-cache: HIT
cf-cache-status: HIT
age: 91608
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7516263d9dfab50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65326)
Size:   25215
Md5:    6b1c7642d8a9f433efe6ace6a1b02938
Sha1:   5a7c9fced496ea0b1f36b64323d5885790a18024
Sha256: a9cbcaed19ee838789ff6c1be46092a680ad7c435a6059422cd9080790313240
                                        
                                            GET /js/10034455-10032981.js HTTP/1.1 
Host: cdn-3.convertexperiments.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.61.213.66
HTTP/2 200 OK
content-type: application/javascript
                                        
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/
vary: Accept-Encoding
content-encoding: gzip
content-length: 63005
cache-control: public, max-age=271
date: Tue, 27 Sep 2022 18:02:16 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32087), with CRLF, LF line terminators
Size:   63005
Md5:    9cbea0af6b2ebb07c08a457fa4540423
Sha1:   e065f8303a3ee1da4cca2cc9569345affbce9bca
Sha256: 984fd47d41806cb54f03825752f164e8141676d1c626687804b599aec56ceda4
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9A8D56CC05B2B2185805ADA2D646B8E0718E12E7B1815324744E42448E152ADB"
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20963
Expires: Tue, 27 Sep 2022 23:51:39 GMT
Date: Tue, 27 Sep 2022 18:02:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1232
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:16 GMT
Last-Modified: Tue, 27 Sep 2022 17:41:44 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /npm/vanilla-lazyload@17.1.2/dist/lazyload.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 17.1.2
x-jsd-version-type: version
etag: W/"1f26-5++oac2ELCvsyDN92cxEXND6UAA"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:02:16 GMT
age: 4735840
x-served-by: cache-fra19179-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2733
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7972), with CRLF line terminators
Size:   2733
Md5:    b59cc5e133f66001fee9a9edfd183777
Sha1:   c21c27004455233b9e04bf29748639eba150444a
Sha256: 6c761dd1a8147dbaa046f9582a5dcac4ae93cf2fb7e50ec9d1ab786a0a4a9843
                                        
                                            GET /ajax/libs/jquery/1.11.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33495
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 03:08:01 GMT
expires: Wed, 27 Sep 2023 03:08:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 53655
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32047)
Size:   33495
Md5:    7a83c39ee44cf30d4e6d9a8d5c74276e
Sha1:   175f5e717c0fd96485d4371234d4c54355753c2b
Sha256: ab02740b3bd7f47ad3a0ebc2571a67e1d00dfef34bb04e87adb08b0b61381d8e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /embed/medias/2pova13tec.jsonp HTTP/1.1 
Host: fast.wistia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.110
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
etag: W/"7f86cc628c8c82e8e2cb3876141ec60f"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 720bc64058fa1b7a6fa8db8a230ec9f6
x-runtime: 0.077062
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:02:16 GMT
age: 10618
x-served-by: cache-iad-kjyo7100073-IAD, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 28, 1
x-timer: S1664301737.781114,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1613
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5307)
Size:   1613
Md5:    868bdce19a0d5e5ac8ca3bfe9da90a10
Sha1:   25933ec8967099be36d2abb8a22354e6148e2515
Sha256: c8867e9fe33e49dd6ea2c7b8e203ab27aad5a57c464c467dc19af471f012bd00
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/external/E-v1.js HTTP/1.1 
Host: fast.wistia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.110
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
etag: "632da87d-1c6e1"
last-modified: Fri, 23 Sep 2022 12:37:17 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:02:16 GMT
age: 2351
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 34, 125
x-timer: S1664301737.781121,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 116449
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   116449
Md5:    29859c25251a09db0fbb53d16f113f00
Sha1:   92181e51740dc972f12c910bcfd1a0fe65f9c6f7
Sha256: 5f65a138a867ada83aa1e14b1fa47e89c49ece7134486220e5bb78c5ba4d9b38
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:02:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "456E6E4E1C80B1FDAF788BE256634D4CFD33B6A3"
Expires: Wed, 28 Sep 2022 05:00:00 GMT
Last-Modified: Tue, 27 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 180
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7516263f4c60b50c-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    a1f25e5cb13bb8f84edc6b71cb02f393
Sha1:   025c90eae95f549c80097adab84e1f8e675f31f6
Sha256: eb7aff72066168cb62bbb5a90a5b93c8445aa38fda36763589ad4f96a7bcd0f2
                                        
                                            GET /gtm.js?id=GTM-MJ5FMXK HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:02:16 GMT
expires: Tue, 27 Sep 2022 18:02:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98077
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37417)
Size:   98077
Md5:    9f5e22a537ff6b6b95692e9d383cb7e1
Sha1:   40229f6d5ffbd0cf2a8f28c890d20b7ccacc7dd9
Sha256: ada684c11e70b10caeae95420674567bf89d6b75078dc75d267e47f8f1bd814a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:02:16 GMT
Server: ECS (amb/6BA9)
Content-Length: 279

                                        
                                            GET /cpa/classic?part=mweb1&gl=62b38b533f5d60cb3f8b4567 HTTP/1.1 
Host: magbreakthrough.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cb.bioptimizers.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.175.160
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:02:16 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-bio-project: funnel-renderer-v2
x-bio-instance: funnel-renderer-01
x-bio-execution-time: 0.004581638
x-bio-data-source: cache
x-bio-renderer: funnel-renderer-01
x-bio-router: r02
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcFy4Z4dPYALXtbywVr5qsPeomYYfW4gQ3D2WlMafyitMEm%2B%2FQbSTYstS%2F9GPCvr9mRC3O%2FLpdC%2BzpRkITdD81Hd5Imo%2FvZVoCoADOBuW%2BMiA5eMxPqnLcyDLm%2F8bY9ANIoHy1%2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7516263baf2fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /a/assets/img/logo/bio-triangle-with-desc.svg HTTP/1.1 
Host: bioptimizers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.40.189
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Tue, 27 Sep 2022 18:02:16 GMT
location: https://assets-v0.cdn-bio.com/img/logo/bio-triangle-with-desc.svg
x-bio-router: r01
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7516263e1c60b4f4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Fira+Sans+Extra+Condensed:700,700i|Open+Sans:400,400i,700,700i|Lato:400,400i,700,700i,900|Anton:400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magbreakthrough.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 18:02:16 GMT
date: Tue, 27 Sep 2022 18:02:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /7480/14/2/?subid=XMbfgqq HTTP/1.1 
Host: mwebnice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.146.245
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:02:14 GMT
location: https://66f04c87p0by2q04mfqmvilokc.hop.clickbank.net/?w=magcpa&tid=7480_sessid20220927180235765&subid=14
cache-control: max-age=3600, private
pragma: no-cache
expires: Tue, 27 Sep 2022 19:02:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7516262c5e290b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?hop=mweb1&w=magcpa&subid=14 HTTP/1.1 
Host: cb.bioptimizers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.66.43.67
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:02:15 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-bio-project: funnel-renderer-v2
x-bio-instance: funnel-renderer-01
x-bio-execution-time: 0.000908335
x-bio-data-source: cache
x-bio-renderer: funnel-renderer-01
x-bio-router: r01
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75162633fa1d0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: cb.bioptimizers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cb.bioptimizers.com/?hop=mweb1&w=magcpa&subid=14
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.66.43.67
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:02:15 GMT
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
etag: W/"633188f8-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 75162637ee390afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 29 Sep 2022 18:02:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cpa/classic?part=mweb1 HTTP/1.1 
Host: magbreakthrough.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cb.bioptimizers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.175.160
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:02:16 GMT
location: https://magbreakthrough.com/cpa/classic?part=mweb1&gl=62b38b533f5d60cb3f8b4567
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-bio-project: funnel-renderer-v2
x-bio-instance: funnel-renderer-01
x-bio-execution-time: 0.003261247
x-bio-data-source: cache
x-bio-renderer: funnel-renderer-01
x-bio-router: r02
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdoEmPQRAOl4hXQUvlB02%2F2cLXkHVw0hhgn2q3Yq4W7BWuasbmhBcjZaPj5fomj9Kv4Rkhy1kipah1Mr8iVYix4a87Z2Idh%2BAThtQhYHShbZLSpYYIhMOSPCCP9LT0hza1o6Xx2R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7516263a6d04b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---