r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6028
Expires: Fri, 09 Dec 2022 06:20:04 GMT
Date: Fri, 09 Dec 2022 04:39:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2514
Expires: Fri, 09 Dec 2022 05:21:30 GMT
Date: Fri, 09 Dec 2022 04:39:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2165
Expires: Fri, 09 Dec 2022 05:15:41 GMT
Date: Fri, 09 Dec 2022 04:39:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 1879
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bo+ZCOLnYTqR+nXA99EvwsujI9k2NJ3TWPc+VTV6pUMsh46WNYnU3tEJ+XIFqrFV9ZuLvQ1XjAA=
x-amz-request-id: F9PA67H3V4XKGRFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:50:06 GMT
age: 2970
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
oldgmctruck.com/
192.99.158.243302 Found 396 B IP 192.99.158.243:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (324), with CRLF line terminators
Hash 7272b2a1a3da15b073c6f28e3f365176
6a9837573b98261685026648ffaf3e90c4fa1b19
c58f76e75abc86f99851c636937a4cdb5f008abc3d275e0512a78211a90cbd4d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: oldgmctruck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://btpnative.com/click?data=UVp5cS1La2xOUXA4TnlUZlZJaXVwUVNDNzNsSEVHbUJrM2FwQVFIVnR1ZGdWVGU0STBGall4YllmYzIySnhmU2V0MWhtQlN1eTBmM3BzbDlFUXJheDF1bm5fWFNrajRYN3RramtGV2lablZqZ0NyNjgzMkJNbVA3LWhqZ0hnbE5ROVRISmlKb3BGUmIxcUtjVzdOWXJBMg2&id=4a3b0cb0-569e-40c8-bfd6-7e2ac6a7793c
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 09 Dec 2022 04:39:36 GMT
Connection: close
Content-Length: 396
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:39:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
btpnative.com/click?data=UVp5cS1La2xOUXA4TnlUZlZJaXVwUVNDNzNsSEVHbUJrM2FwQVFIVnR1ZGdWVGU0STBGall4YllmYzIySnhmU2V0MWhtQlN1eTBmM3BzbDlFUXJheDF1bm5fWFNrajRYN3RramtGV2lablZqZ0NyNjgzMkJNbVA3LWhqZ0hnbE5ROVRISmlKb3BGUmIxcUtjVzdOWXJBMg2&id=4a3b0cb0-569e-40c8-bfd6-7e2ac6a7793c
192.99.158.241200 OK 5.5 kB URL HTTP/1.1 btpnative.com/click?data=UVp5cS1La2xOUXA4TnlUZlZJaXVwUVNDNzNsSEVHbUJrM2FwQVFIVnR1ZGdWVGU0STBGall4YllmYzIySnhmU2V0MWhtQlN1eTBmM3BzbDlFUXJheDF1bm5fWFNrajRYN3RramtGV2lablZqZ0NyNjgzMkJNbVA3LWhqZ0hnbE5ROVRISmlKb3BGUmIxcUtjVzdOWXJBMg2&id=4a3b0cb0-569e-40c8-bfd6-7e2ac6a7793c
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 3167d0dce7844a27e4a93b736511d854
4271b4a20a142fb51b6c96d45f4bab41aaad29e2
d8953f2de2565a1c1b8117cc55c8a6c15f5c1c73b444e18b708bc9cedc6bb0cc
GET /click?data=UVp5cS1La2xOUXA4TnlUZlZJaXVwUVNDNzNsSEVHbUJrM2FwQVFIVnR1ZGdWVGU0STBGall4YllmYzIySnhmU2V0MWhtQlN1eTBmM3BzbDlFUXJheDF1bm5fWFNrajRYN3RramtGV2lablZqZ0NyNjgzMkJNbVA3LWhqZ0hnbE5ROVRISmlKb3BGUmIxcUtjVzdOWXJBMg2&id=4a3b0cb0-569e-40c8-bfd6-7e2ac6a7793c HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: WRcLPmbGgWlrSjF=WRcLPmbGgWlrSjF; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Fri, 09 Dec 2022 04:39:36 GMT
Content-Length: 5470
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:55 GMT
age: 1902
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
btpnative.com/Redirect/
192.99.158.241302 Found 1.7 kB IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1673), with CRLF line terminators
Hash 59a63f82886baa85d63b4758889d1cb9
9d85ec2dcb6113b4196a76f78e0773f2ad939434
49dcdb37cd653d276a215a9a8410fe0547d17790983c46d837173a06ac5074a8
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 359
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=UVp5cS1La2xOUXA4TnlUZlZJaXVwUVNDNzNsSEVHbUJrM2FwQVFIVnR1ZGdWVGU0STBGall4YllmYzIySnhmU2V0MWhtQlN1eTBmM3BzbDlFUXJheDF1bm5fWFNrajRYN3RramtGV2lablZqZ0NyNjgzMkJNbVA3LWhqZ0hnbE5ROVRISmlKb3BGUmIxcUtjVzdOWXJBMg2&id=4a3b0cb0-569e-40c8-bfd6-7e2ac6a7793c
Cookie: WRcLPmbGgWlrSjF=WRcLPmbGgWlrSjF
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_yG1OBPa2Arupnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX7tbz86wY80LHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy_KjrzBLgOCzdi2TCO0dzmXnFRNx5Y2sqsOTy608Of0ybESFVWBYmu9SmHHQ3e0hJvASO9UhiTNOfRpLd8FkbXhcM0RXV9_4Vkb1K8CfEublLQunv3x_RbLk22RovLNIy3Nsbs9ZD57kzFroGctraO-FC7Dv8oVhJZS_F8Lbd4oGnEjzcPyDLDTmypAYMLPP0_KEh8WgOWdWDdw1auAcmMFL_5S4Ofb0YnxyEL9jiTVaj33nFVbBe7V1fVTIQpjSNVGpXdQj1oAoIqrdfDLrOCw2aUwr-i4Y7MHJQxWKi8BL7fqIyoHgeIht0A_j5Rl1Hf2WkDyOaR2zqMYlmLqD75jiyTNYn-4teJGUefzXwRIT2MSwhAdfu_OninklgiNuBSvKa3-4UgndDgUoXDyk-Z_53hRcDOfnQH-2TKjS0AtpgL3ELv0Cm8dg8X1bjQGXTTDfrjPmSvp1pS_LyI_4Z5twiEf_JdDJRtVBfBjb1aGyu9v65SSHdmY6lVH1j0hLQ-41HC4Fn0OhEwNCFvFcvvykwvFKuiETjxqUQH3p_yf3f1hHOFWedtZtkVS26G4qZAOSUIP6gaidOwiZpOdz9dNmWTbZKBipauQlALfK-h4DfwvPtUUpekOD3d-uWwcJwd04mUTzcbYjFDhJjiPVXajePDBwn6jq3y2D_6co7LkOkFcj1RgQ8caxusFjkJLyIJy6k4DFXF4wqyelipzNOErMb6mfVdxA-CZIKK10xN_W-lfgHlOVhBl4Wulk7S5T5q_d-1_BmN2Rh3QK7YuBdoBOh5B6gS1GrrKIMmc-ThuO5vPOw4ms26dZF4ixxVlgcINR6Tsd21MkqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOT0iGjmj9IExOu_b2w1tX5xp6vW2s2j9xG0NA-07ik22iN6XLgQ-hmmyHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR53XctUtRHPjDDdu_QAC7TmUxaZwk-L8L6nKGng7pBU5GGtLtTfjhIPO1YJsN5JKjvbAbtH3M1rjyI9wOEUk6UicQCB01FrsgRBQTtb1Vp_iwHpaX2XwhIoh3rpcDYrEqIcrd91_QprQfdHtTHmLvcova-47IKUxj7nzcU7DGT9L_fEt0Cb1mYt18WxbU9pQ3OVIq2eiDPbuN68-aDV1Pt3c_fWPbaVU-5OYwwqJPWDKxMhJsJz_SKWlpHrP3PWUwd08TF0ncxwYkuRcZOLOzxeVpHrP3PWUwdy091mxAwZLu-yTPvHKIaTr6y8m_62MdHMLTS1fbeYurYgG7afTXkyA
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Fri, 09 Dec 2022 04:39:37 GMT
Content-Length: 1745
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6436
Cache-Control: max-age=108871
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:39:37 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:54:08 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 05ca7bb5c72d0b027add77c4f39e6850
23b8627fc0768e1da94afedee9fc610c8150770c
cf3081d784cad56d974346030ea63930834f773b8c82c3181b00f68f0e71056d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:39:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 07:25:44 GMT
Expires: Thu, 15 Dec 2022 07:25:43 GMT
Etag: "23b8627fc0768e1da94afedee9fc610c8150770c"
Cache-Control: max-age=527765,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0edd8b9f0b39-OSL
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +gMRELOWADUk3wjl/UGzSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bFuVtX2NxzPlDppgDikKrTvKPlg=
mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_yG1OBPa2Arupnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX7tbz86wY80LHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy_KjrzBLgOCzdi2TCO0dzmXnFRNx5Y2sqsOTy608Of0ybESFVWBYmu9SmHHQ3e0hJvASO9UhiTNOfRpLd8FkbXhcM0RXV9_4Vkb1K8CfEublLQunv3x_RbLk22RovLNIy3Nsbs9ZD57kzFroGctraO-FC7Dv8oVhJZS_F8Lbd4oGnEjzcPyDLDTmypAYMLPP0_KEh8WgOWdWDdw1auAcmMFL_5S4Ofb0YnxyEL9jiTVaj33nFVbBe7V1fVTIQpjSNVGpXdQj1oAoIqrdfDLrOCw2aUwr-i4Y7MHJQxWKi8BL7fqIyoHgeIht0A_j5Rl1Hf2WkDyOaR2zqMYlmLqD75jiyTNYn-4teJGUefzXwRIT2MSwhAdfu_OninklgiNuBSvKa3-4UgndDgUoXDyk-Z_53hRcDOfnQH-2TKjS0AtpgL3ELv0Cm8dg8X1bjQGXTTDfrjPmSvp1pS_LyI_4Z5twiEf_JdDJRtVBfBjb1aGyu9v65SSHdmY6lVH1j0hLQ-41HC4Fn0OhEwNCFvFcvvykwvFKuiETjxqUQH3p_yf3f1hHOFWedtZtkVS26G4qZAOSUIP6gaidOwiZpOdz9dNmWTbZKBipauQlALfK-h4DfwvPtUUpekOD3d-uWwcJwd04mUTzcbYjFDhJjiPVXajePDBwn6jq3y2D_6co7LkOkFcj1RgQ8caxusFjkJLyIJy6k4DFXF4wqyelipzNOErMb6mfVdxA-CZIKK10xN_W-lfgHlOVhBl4Wulk7S5T5q_d-1_BmN2Rh3QK7YuBdoBOh5B6gS1GrrKIMmc-ThuO5vPOw4ms26dZF4ixxVlgcINR6Tsd21MkqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOT0iGjmj9IExOu_b2w1tX5xp6vW2s2j9xG0NA-07ik22iN6XLgQ-hmmyHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR53XctUtRHPjDDdu_QAC7TmUxaZwk-L8L6nKGng7pBU5GGtLtTfjhIPO1YJsN5JKjvbAbtH3M1rjyI9wOEUk6UicQCB01FrsgRBQTtb1Vp_iwHpaX2XwhIoh3rpcDYrEqIcrd91_QprQfdHtTHmLvcova-47IKUxj7nzcU7DGT9L_fEt0Cb1mYt18WxbU9pQ3OVIq2eiDPbuN68-aDV1Pt3c_fWPbaVU-5OYwwqJPWDKxMhJsJz_SKWlpHrP3PWUwd08TF0ncxwYkuRcZOLOzxeVpHrP3PWUwdy091mxAwZLu-yTPvHKIaTr6y8m_62MdHMLTS1fbeYurYgG7afTXkyA
108.168.193.189302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_yG1OBPa2Arupnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX7tbz86wY80LHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy_KjrzBLgOCzdi2TCO0dzmXnFRNx5Y2sqsOTy608Of0ybESFVWBYmu9SmHHQ3e0hJvASO9UhiTNOfRpLd8FkbXhcM0RXV9_4Vkb1K8CfEublLQunv3x_RbLk22RovLNIy3Nsbs9ZD57kzFroGctraO-FC7Dv8oVhJZS_F8Lbd4oGnEjzcPyDLDTmypAYMLPP0_KEh8WgOWdWDdw1auAcmMFL_5S4Ofb0YnxyEL9jiTVaj33nFVbBe7V1fVTIQpjSNVGpXdQj1oAoIqrdfDLrOCw2aUwr-i4Y7MHJQxWKi8BL7fqIyoHgeIht0A_j5Rl1Hf2WkDyOaR2zqMYlmLqD75jiyTNYn-4teJGUefzXwRIT2MSwhAdfu_OninklgiNuBSvKa3-4UgndDgUoXDyk-Z_53hRcDOfnQH-2TKjS0AtpgL3ELv0Cm8dg8X1bjQGXTTDfrjPmSvp1pS_LyI_4Z5twiEf_JdDJRtVBfBjb1aGyu9v65SSHdmY6lVH1j0hLQ-41HC4Fn0OhEwNCFvFcvvykwvFKuiETjxqUQH3p_yf3f1hHOFWedtZtkVS26G4qZAOSUIP6gaidOwiZpOdz9dNmWTbZKBipauQlALfK-h4DfwvPtUUpekOD3d-uWwcJwd04mUTzcbYjFDhJjiPVXajePDBwn6jq3y2D_6co7LkOkFcj1RgQ8caxusFjkJLyIJy6k4DFXF4wqyelipzNOErMb6mfVdxA-CZIKK10xN_W-lfgHlOVhBl4Wulk7S5T5q_d-1_BmN2Rh3QK7YuBdoBOh5B6gS1GrrKIMmc-ThuO5vPOw4ms26dZF4ixxVlgcINR6Tsd21MkqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOT0iGjmj9IExOu_b2w1tX5xp6vW2s2j9xG0NA-07ik22iN6XLgQ-hmmyHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR53XctUtRHPjDDdu_QAC7TmUxaZwk-L8L6nKGng7pBU5GGtLtTfjhIPO1YJsN5JKjvbAbtH3M1rjyI9wOEUk6UicQCB01FrsgRBQTtb1Vp_iwHpaX2XwhIoh3rpcDYrEqIcrd91_QprQfdHtTHmLvcova-47IKUxj7nzcU7DGT9L_fEt0Cb1mYt18WxbU9pQ3OVIq2eiDPbuN68-aDV1Pt3c_fWPbaVU-5OYwwqJPWDKxMhJsJz_SKWlpHrP3PWUwd08TF0ncxwYkuRcZOLOzxeVpHrP3PWUwdy091mxAwZLu-yTPvHKIaTr6y8m_62MdHMLTS1fbeYurYgG7afTXkyA
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_yG1OBPa2Arupnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX7tbz86wY80LHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy_KjrzBLgOCzdi2TCO0dzmXnFRNx5Y2sqsOTy608Of0ybESFVWBYmu9SmHHQ3e0hJvASO9UhiTNOfRpLd8FkbXhcM0RXV9_4Vkb1K8CfEublLQunv3x_RbLk22RovLNIy3Nsbs9ZD57kzFroGctraO-FC7Dv8oVhJZS_F8Lbd4oGnEjzcPyDLDTmypAYMLPP0_KEh8WgOWdWDdw1auAcmMFL_5S4Ofb0YnxyEL9jiTVaj33nFVbBe7V1fVTIQpjSNVGpXdQj1oAoIqrdfDLrOCw2aUwr-i4Y7MHJQxWKi8BL7fqIyoHgeIht0A_j5Rl1Hf2WkDyOaR2zqMYlmLqD75jiyTNYn-4teJGUefzXwRIT2MSwhAdfu_OninklgiNuBSvKa3-4UgndDgUoXDyk-Z_53hRcDOfnQH-2TKjS0AtpgL3ELv0Cm8dg8X1bjQGXTTDfrjPmSvp1pS_LyI_4Z5twiEf_JdDJRtVBfBjb1aGyu9v65SSHdmY6lVH1j0hLQ-41HC4Fn0OhEwNCFvFcvvykwvFKuiETjxqUQH3p_yf3f1hHOFWedtZtkVS26G4qZAOSUIP6gaidOwiZpOdz9dNmWTbZKBipauQlALfK-h4DfwvPtUUpekOD3d-uWwcJwd04mUTzcbYjFDhJjiPVXajePDBwn6jq3y2D_6co7LkOkFcj1RgQ8caxusFjkJLyIJy6k4DFXF4wqyelipzNOErMb6mfVdxA-CZIKK10xN_W-lfgHlOVhBl4Wulk7S5T5q_d-1_BmN2Rh3QK7YuBdoBOh5B6gS1GrrKIMmc-ThuO5vPOw4ms26dZF4ixxVlgcINR6Tsd21MkqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOT0iGjmj9IExOu_b2w1tX5xp6vW2s2j9xG0NA-07ik22iN6XLgQ-hmmyHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR53XctUtRHPjDDdu_QAC7TmUxaZwk-L8L6nKGng7pBU5GGtLtTfjhIPO1YJsN5JKjvbAbtH3M1rjyI9wOEUk6UicQCB01FrsgRBQTtb1Vp_iwHpaX2XwhIoh3rpcDYrEqIcrd91_QprQfdHtTHmLvcova-47IKUxj7nzcU7DGT9L_fEt0Cb1mYt18WxbU9pQ3OVIq2eiDPbuN68-aDV1Pt3c_fWPbaVU-5OYwwqJPWDKxMhJsJz_SKWlpHrP3PWUwd08TF0ncxwYkuRcZOLOzxeVpHrP3PWUwdy091mxAwZLu-yTPvHKIaTr6y8m_62MdHMLTS1fbeYurYgG7afTXkyA HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 04:39:38 GMT
content-length: 0
set-cookie: rhid=82514908883; Max-Age=15552000; Expires=Wed, 07-Jun-2023 04:39:38 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p274637.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDEyEmwnP9IpaWkes_c9ZTB2nExx9cuAR0ywbBYL3-pQwqORV9b2ao7lgiupj281mrfOqry2aYWM86-NbbzoB9aaTmxWLBX5GY8jPOHSGnqiApPUOivJUxUO60U2_fCPu8wafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2QgFq201y-WfEufUhnl3uyj6-J7z7Cr0DTmMMKiT1gysTISbCc_0ilpaR6z9z1lMHXaK7r8ZZZHXAhEC_kcOcdhTRmWdF7IVLXNol4suDM433fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJM2iodpNueZpVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSRkRDduRYuhWENm_WAT-L-qI3mRI-yWXfYtTWz05pLQjybHY729PWRDuVIeMBUdfOYQ2yfZ40KX7x6y-8I2OpJg&si=1&oref=6fa616592314d6886a99bfd348821364&optunit=3XctUtRHPjA_VElzxIUqCw&rb=4mwZSEUVHek&rr=4&abtg=0
X-Firefox-Spdy: h2
p274637.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDEyEmwnP9IpaWkes_c9ZTB2nExx9cuAR0ywbBYL3-pQwqORV9b2ao7lgiupj281mrfOqry2aYWM86-NbbzoB9aaTmxWLBX5GY8jPOHSGnqiApPUOivJUxUO60U2_fCPu8wafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2QgFq201y-WfEufUhnl3uyj6-J7z7Cr0DTmMMKiT1gysTISbCc_0ilpaR6z9z1lMHXaK7r8ZZZHXAhEC_kcOcdhTRmWdF7IVLXNol4suDM433fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJM2iodpNueZpVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSRkRDduRYuhWENm_WAT-L-qI3mRI-yWXfYtTWz05pLQjybHY729PWRDuVIeMBUdfOYQ2yfZ40KX7x6y-8I2OpJg&si=1&oref=6fa616592314d6886a99bfd348821364&optunit=3XctUtRHPjA_VElzxIUqCw&rb=4mwZSEUVHek&rr=4&abtg=0
108.168.193.189302 Found 0 B URL HTTP/2 p274637.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDEyEmwnP9IpaWkes_c9ZTB2nExx9cuAR0ywbBYL3-pQwqORV9b2ao7lgiupj281mrfOqry2aYWM86-NbbzoB9aaTmxWLBX5GY8jPOHSGnqiApPUOivJUxUO60U2_fCPu8wafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2QgFq201y-WfEufUhnl3uyj6-J7z7Cr0DTmMMKiT1gysTISbCc_0ilpaR6z9z1lMHXaK7r8ZZZHXAhEC_kcOcdhTRmWdF7IVLXNol4suDM433fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJM2iodpNueZpVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSRkRDduRYuhWENm_WAT-L-qI3mRI-yWXfYtTWz05pLQjybHY729PWRDuVIeMBUdfOYQ2yfZ40KX7x6y-8I2OpJg&si=1&oref=6fa616592314d6886a99bfd348821364&optunit=3XctUtRHPjA_VElzxIUqCw&rb=4mwZSEUVHek&rr=4&abtg=0
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDEyEmwnP9IpaWkes_c9ZTB2nExx9cuAR0ywbBYL3-pQwqORV9b2ao7lgiupj281mrfOqry2aYWM86-NbbzoB9aaTmxWLBX5GY8jPOHSGnqiApPUOivJUxUO60U2_fCPu8wafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2QgFq201y-WfEufUhnl3uyj6-J7z7Cr0DTmMMKiT1gysTISbCc_0ilpaR6z9z1lMHXaK7r8ZZZHXAhEC_kcOcdhTRmWdF7IVLXNol4suDM433fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJM2iodpNueZpVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSRkRDduRYuhWENm_WAT-L-qI3mRI-yWXfYtTWz05pLQjybHY729PWRDuVIeMBUdfOYQ2yfZ40KX7x6y-8I2OpJg&si=1&oref=6fa616592314d6886a99bfd348821364&optunit=3XctUtRHPjA_VElzxIUqCw&rb=4mwZSEUVHek&rr=4&abtg=0 HTTP/1.1
Host: p274637.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=82514908883
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 04:39:38 GMT
content-length: 0
set-cookie: rhid=82514908883; Max-Age=15552000; Expires=Wed, 07-Jun-2023 04:39:38 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274637-OLDGMCTRUCK.COM_ts_1670560778; Max-Age=3600; Expires=Fri, 09-Dec-2022 05:39:38 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2
myfood.ltd/?v=20171031&s1=0
151.139.128.10200 OK 2.9 kB URL HTTP/2 myfood.ltd/?v=20171031&s1=0
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6859), with no line terminators
Hash 029ccb01ef612a9e6748494c60d24b69
d385f7671725be11701998c27571e94b1950f991
7ac429dc45b509b1bed9bdcdc5610868d510d979ce3cc06d48870511bf0425f5
GET /?v=20171031&s1=0 HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=8
content-encoding: gzip
content-length: 2896
content-type: text/html
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb731-1ad4"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds236.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/css/style.css
151.139.128.10200 OK 19 kB URL HTTP/2 myfood.ltd/main/css/style.css
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65134), with no line terminators
Hash a95a0c8bd1273406b8c8053fb3527d56
2a461dcfa2c4bf1d22727bfd7c3c2abc85d44343
55b46146d32f4ee365d4ca91d8b3b1c504a062b15bbc1ed60a22ac2d05be1db5
GET /main/css/style.css HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 18933
content-type: text/css
last-modified: Mon, 01 Mar 2021 09:43:15 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb733-1b1ac"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds261.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_1.jpg
151.139.128.10200 OK 74 kB URL HTTP/2 myfood.ltd/images/Superfood_1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x420, components 3\012- data
Hash c2c3ec0e55e648c2a85d4499714a9c11
073f2990a52da59a7d3b73583b30be3c2cf45523
b66cf7365382753dc6340bfa2fba89c368ca3b930a0833d8f64c4c34525fc2ec
GET /images/Superfood_1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-length: 74204
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-121dc"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds247.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_2.jpg
151.139.128.10200 OK 52 kB URL HTTP/2 myfood.ltd/images/Superfood_2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x341, components 3\012- data
Hash b87af7248a82f58fe2ea5d0c7b030886
1d5a5b9752d7978c68b0d4a1689b3d8e6d322f0a
14da8c39c357dad0441b26d575c0000a9529c76d785680306a3cf51abe4cae81
GET /images/Superfood_2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-length: 51830
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: "603cb731-ca76"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds220.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-1.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash 62d0b6a649ac10e72bcb6ea3bbf57564
3e333889b0b66bfc6a32499f4c55878e2102b463
58dddc0a77632d920d096da6c6e2587c5859a4b4dd7af6dcd6eb8009ebc23ba6
GET /images/avatar-1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-length: 11304
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-2c28"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds218.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-2.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash dd3881ed1b5b03b1d571edf89e12c466
61ca68c1c2d2ae7d286dfc0540f4ca8b357fdf3d
97b65e41dd547b310e1e860d2ae4717dba1d97bd36c0cd06c35749caa515e207
GET /images/avatar-2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-length: 10665
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-29a9"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds217.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/js/main.js
151.139.128.10200 OK 39 kB URL HTTP/2 myfood.ltd/main/js/main.js
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (60220)
Hash 181e3fa3b1de97ff4efd259bc2a2c8c7
52edf1dc36109cb57bea12689a48442e27f06ad1
ffa8984bea3bf0c0a0cb282e9a5a98b3435e63fb6a26dfe0351979fa9f827c40
GET /main/js/main.js HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 38656
content-type: application/javascript
last-modified: Mon, 01 Mar 2021 09:43:14 GMT
accept-ranges: bytes
server: nginx
etag: "603cb732-1d57b"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds228.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 03:28:11 GMT
expires: Sat, 09 Dec 2023 03:28:11 GMT
cache-control: public, max-age=31536000
age: 4287
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
GET /s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:49:29 GMT
expires: Wed, 06 Dec 2023 15:49:29 GMT
cache-control: public, max-age=31536000
age: 219009
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
myfood.ltd/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b671b0407b8abf4ffb9946ee1596d992
79a116ffd13f1888451abd3cb8751cb2140f2fa4
1515616a51664df153b03397585ee45469cb936100992f870419514b17820649
GET /favicon.ico HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:39:38 GMT
cache-control: max-age=30
content-length: 1150
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 14:00:16 GMT
accept-ranges: bytes
server: nginx
etag: "5abb9ff0-47e"
x-hw: 1670560778.cds235.sk1.hn,1670560778.cds240.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6119
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6119
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6119
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6119
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:39:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6119
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:39:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 1851
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 14760
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: a1b14c0b-ceb5-4a3e-9dec-2503a0841bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPMEQJoAMF6uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2d-1aec46bb5d73f0c47c824174;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rft2LEct9jDCAiIawPp0pGAg7S-bDRqXWxzM4H28FFqN2bS6TYwV7A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 23984
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6_KiAcPwtB6XJyanlunX6qvT9jdlEgMPMdGHM10HmJwQ2Ue_pDsCXg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 57726
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 43851
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46275ec87d8221804dbb99f95b035131
c47af4e5770daad212f4290527b00321285105f8
2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8803
x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtK9GavoAMFjpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:36:28 GMT
age: 57791
etag: "c47af4e5770daad212f4290527b00321285105f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2