jeevottamahealth.com/dynamic_img/blog/case.zip
185.28.21.218301 Moved Permanently 707 B URL HTTP/1.1 jeevottamahealth.com/dynamic_img/blog/case.zip
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /dynamic_img/blog/case.zip HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 29 Jan 2023 11:35:32 GMT
server: LiteSpeed
location: https://jeevottamahealth.com/dynamic_img/blog/case.zip
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12882
Expires: Sun, 29 Jan 2023 15:10:14 GMT
Date: Sun, 29 Jan 2023 11:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Sun, 29 Jan 2023 15:10:26 GMT
Date: Sun, 29 Jan 2023 11:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14415
Expires: Sun, 29 Jan 2023 15:35:47 GMT
Date: Sun, 29 Jan 2023 11:35:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 10:43:08 GMT
content-type: application/json
age: 3144
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3SlVnfyjNXffkNcmfbhU1DfmkWgQ12jdndEXen/n0JempgzraesiAUd4sd/6zBGzYbAZ/+nRBHA=
x-amz-request-id: BBNZSNBCMFC0EWT5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 11:21:22 GMT
age: 850
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 11:35:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/case.zip
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/case.zip
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash 7aecea72876be19b8b8554891c4a322a
3edb392f700186d3fd69905271cf50934558c9e3
79785395a133a888bd11a72bb6a266081cefed50e256bf0ace769abd326fc542
Analyzer Verdict Alert fortinet Phishing
GET /dynamic_img/blog/case.zip HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10687
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6405
Cache-Control: max-age=147618
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Etag: "63d5dea2-118"
Expires: Tue, 31 Jan 2023 04:35:51 GMT
Last-Modified: Sun, 29 Jan 2023 02:49:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 10:49:04 GMT
age: 2789
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-186979376-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-186979376-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash bf999adfa0bf2cde14a19ab9ac1194a5
6cb0b865c26f725484db124f8a88f05315e0f104
391417b404935a4ae19c6a6cbd3a7e8af06e2d0f32f8ab3c9e0164fa8f448581
GET /gtag/js?id=UA-186979376-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
expires: Sun, 29 Jan 2023 11:35:33 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyAqoWGSQYygV-G1P5tVrj-dM2rVHR5wOGY
216.58.207.234200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyAqoWGSQYygV-G1P5tVrj-dM2rVHR5wOGY
IP 216.58.207.234:0
File type ASCII text, with very long lines (2453)
Hash 83b562c7ef16c33128825b9f42a53cc6
8934372f1a5e27a9e8def831e8cd877823d63ffa
d4d5e37baf349978d5ac7c8e12419851f35e6437bf5688f36b5f3a4d1cfa88c5
GET /maps/api/js?key=AIzaSyAqoWGSQYygV-G1P5tVrj-dM2rVHR5wOGY HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 11:35:33 GMT
expires: Sun, 29 Jan 2023 12:05:33 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 52799
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=39
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/1.png
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/1.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash 7aecea72876be19b8b8554891c4a322a
3edb392f700186d3fd69905271cf50934558c9e3
79785395a133a888bd11a72bb6a266081cefed50e256bf0ace769abd326fc542
GET /dynamic_img/blog/assets/img/feature-icon/1.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10687
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6405
Cache-Control: max-age=147618
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Etag: "63d5dea2-118"
Expires: Tue, 31 Jan 2023 04:35:51 GMT
Last-Modified: Sun, 29 Jan 2023 02:49:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
www.jeevottamahealth.com/assets/css/custom.css
185.28.21.218200 OK 3.1 kB URL HTTP/2 www.jeevottamahealth.com/assets/css/custom.css
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (416), with CRLF line terminators
Hash 26f8477792dea3a2ca845a46796d6fc5
a584ff17f5f59baa369952e477d34ac7861546be
37956fc313435c709175525d8cf422aed605f66dede47f6d8268c3006425ea05
GET /assets/css/custom.css HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 13:11:20 GMT
etag: "3d99-60f579f8-29d85539daad3bf0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3095
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/css/slid.css
185.28.21.218200 OK 154 B URL HTTP/2 www.jeevottamahealth.com/assets/css/slid.css
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash ae9d99dffa05c3363194071de3421531
cdf5867603b1cb95a6b475667ef0ceea0eb5059b
0bdeb72f3fc8f812877d8fd6de33097ad2da9de7f4cbcf2c29b65f858d41551a
GET /assets/css/slid.css HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 13:11:20 GMT
etag: "13a-60f579f8-d4d64da0fa890ea;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 154
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/css/style.css
185.28.21.218200 OK 10 kB URL HTTP/2 www.jeevottamahealth.com/assets/css/style.css
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type assembler source, ASCII text, with CRLF line terminators
Hash 7d321dc34dd621fe5611461db660cc68
0a31911860a85f60e6f7065a87dbb0d571de4ee1
f5bb4ff40fb3135f5c362a44c4756d484125e4ccde933eb907a249360b3dcdeb
GET /assets/css/style.css HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 13:11:20 GMT
etag: "12b9a-60f579f8-4b022feded100b86;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10013
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e336f1fa763a16945dde47cceb0f738a
607443b65106c5520972ef92d2a71f2f4609cea9
d242a4df759a5c48d09945c3f6634a1705db159aeb09cdb207150e23282c6bbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D242A4DF759A5C48D09945C3F6634A1705DB159AEB09CDB207150E23282C6BBD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8521
Expires: Sun, 29 Jan 2023 13:57:34 GMT
Date: Sun, 29 Jan 2023 11:35:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/3.png
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/3.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash 7aecea72876be19b8b8554891c4a322a
3edb392f700186d3fd69905271cf50934558c9e3
79785395a133a888bd11a72bb6a266081cefed50e256bf0ace769abd326fc542
GET /dynamic_img/blog/assets/img/feature-icon/3.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10687
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/prevention/
185.28.21.218403 Forbidden 699 B URL HTTP/2 www.jeevottamahealth.com/dynamic_img/prevention/
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 39d9528a539f73768073a9d8e4587324
f46f256935e8d61208b6f67d4d76c0987f9025cd
0c9bbfe175c1dc57fff572a1395af56b7942836d4c0c0708889ce35993d76c05
Analyzer Verdict Alert fortinet Phishing
GET /dynamic_img/prevention/ HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 699
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/cure/
185.28.21.218403 Forbidden 699 B URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 39d9528a539f73768073a9d8e4587324
f46f256935e8d61208b6f67d4d76c0987f9025cd
0c9bbfe175c1dc57fff572a1395af56b7942836d4c0c0708889ce35993d76c05
Analyzer Verdict Alert fortinet Phishing
GET /dynamic_img/cure/ HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 699
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/css/responsive.css
185.28.21.218200 OK 2.0 kB URL HTTP/2 www.jeevottamahealth.com/assets/css/responsive.css
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 153278c052d4e168f0ad2572f7b24088
f3601ae914902ec0d5461b342fdb1bf067591d08
142bd3b6e42b010bb5301c0b2680c3d01d6ce1a89bf4c2191dc9b1d0d09d86dc
GET /assets/css/responsive.css HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 13:11:20 GMT
etag: "354b-60f579f8-422df9b0327851a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2026
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/popper.min.js
185.28.21.218200 OK 6.6 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/popper.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (18860), with CRLF line terminators
Hash 40e2b12c7b2388a095934c884fa9dc09
f29fd87a49e9fe074e97a26ff1a233ce0fa01f4c
4965188db2791ca368b816a7112c7c6accc59cce40fb4c46641b5e1d6601ccaf
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/popper.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "4a5c-60f579fa-d8369556f5b67cfd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6556
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
cdn.rawgit.com/vinayakjadhav/jR3DCarousel/HEAD/dist/jR3DCarousel.min.js
194.242.11.186301 Moved Permanently 118 B URL HTTP/2 cdn.rawgit.com/vinayakjadhav/jR3DCarousel/HEAD/dist/jR3DCarousel.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 610b0a619aa3b2c56047f0c902a1156d
a1f72b122f24d7e23661dcc1b6cbd78911fab89f
0e4bd5930eccad5a019c5d20618a8022235448648c7049680b02601f98a69551
GET /vinayakjadhav/jR3DCarousel/HEAD/dist/jR3DCarousel.min.js HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 11:35:33 GMT
content-type: text/plain; charset=utf-8
content-length: 118
location: https://cdn.jsdelivr.net/gh/vinayakjadhav/jR3DCarousel@HEAD/dist/jR3DCarousel.min.js
server: BunnyCDN-NO1-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 53026
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 01/29/2023 11:35:33
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra-eddf8230102-FRA, cache-chi-kigq8000126-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: d6b22bc73f92dc855c93820edbbd0633
cdn-cache: MISS
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/bootstrap.min.js
185.28.21.218200 OK 12 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/bootstrap.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (50277)
Hash e61a234aab974ab5541c82fa1e7d7b53
00c328786df67f86291ce589a6b5cc93428e2b8c
4cd6f5890cca372839cd3fdc6a79c1de51d15ebe161a1818b576a5d1e91bd69d
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "c584-60f579fa-fb9034b1a6e1d022;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12382
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/jquery.sticky.js
185.28.21.218200 OK 2.0 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/jquery.sticky.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
Hash 0c037fce4322253c944956fa445dfe17
4f3908f27da4a5aae9c3c1f7c84203eb6e598a0b
c2b44b8ad6589d4c664a943dc0966d77eba0dcf274a62ecd1e72ac3e1316fe4c
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.sticky.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "1da8-60f579fa-422c25b343b8b3d0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1956
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/owl.carousel.min.js
185.28.21.218200 OK 10 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/owl.carousel.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (32000)
Hash ad0b8159ca66884f5f1f9f2ea999d98d
099bf370109e8b130f58ad01001b5629b2b706c2
882bc1c1545be4c806298d5f294931c9130afe49c2b6a3b852b1f4ca734489b9
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/owl.carousel.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "a70e-60f579fa-a800cca5ef00d5da;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10506
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/jquery-3.2.1.min.js
185.28.21.218200 OK 33 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/jquery-3.2.1.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (32077)
Hash 0f6a2b4a8c3ef7a157b61d8927124c81
f051d4f1d1bb69467fdc65a296812a01b67ae22d
c47d6178fd4ea6721ca52555e34b672459b8af9df85f4dc647afa972cc25eca8
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.2.1.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "17b8a-60f579fa-64acb8e778872ca3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32574
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/2.png
185.28.21.218200 OK 19 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/2.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
Hash 844783c6c6c64d9744b835f312bed692
bc70fd3b91f7f677af92dd9a39273f609c2af998
7f0cd1c28978848df77918ae4ef1bfca5e94e294d1d67c49349748f44bfb3036
GET /dynamic_img/blog/assets/img/feature-icon/2.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10687
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b788ebf7dc724cd71953ba0393e222b6
86d34caaec688c4cfd9e77e7920fe0e8d82c31de
86d19f0bee3a0a799d8a7c869367457e640789a0c60a6b492a74cbe4dfa55520
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106664
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Etag: "63d557ad-116"
Expires: Mon, 30 Jan 2023 17:13:17 GMT
Last-Modified: Sat, 28 Jan 2023 17:13:17 GMT
Server: nginx
Content-Length: 278
www.jeevottamahealth.com/assets/js/jquery.shuffle.min.js
185.28.21.218200 OK 7.3 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/jquery.shuffle.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document, ASCII text, with very long lines (14278)
Hash f9a8c7b5ef33c319596380b623058d27
8bb51b80113e47acab54528a8fc94d40cb4c144c
67325c8a4e18b9d22c884a9cd6ec2706535eab9f295836547fd1ac97ac2bb962
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.shuffle.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "63bc-60f579fa-4b3d1e85ed768dc9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7325
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/jquery.counterup.min.js
185.28.21.218200 OK 2.9 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/jquery.counterup.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 5ec693297e316c625826e70ace4ccb98
c5c3774633df4dfacaf955bb21b74d15497191ab
bde98c6b13224d6d84c7637a587897c746aedab8acc5c0fda7e56a20a7229f43
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.counterup.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "2402-60f579fa-edf7e3e5b34773c6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2949
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/wow.min.js
185.28.21.218200 OK 2.6 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/wow.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (8099)
Hash 5b626ccf4764150b5f96469d914edcea
e017e2a17d0db5c7e24e3a1b953946f719b1d5d6
0a2e03423ff90ca2cb7971c4b127565417b89baffb17678b21d3dd4e8334786b
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/wow.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "1ff6-60f579fa-4185874f5c5a9117;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2636
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/jquery.meanmenu.min.js
185.28.21.218200 OK 1.3 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/jquery.meanmenu.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document, ASCII text, with very long lines (4019), with no line terminators
Hash 862e78f940c167681c59321a0befb509
8659fbc45e6fb1011587802867511c0375a0c1b6
a662fadfea9297892842c8b6fdf05aa3348cf4c325d266dac5d05bd1a7b6bbf7
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.meanmenu.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "fb3-60f579fa-159f70770c878611;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1301
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/jquery.magnific-popup.min.js
185.28.21.218200 OK 7.1 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/jquery.magnific-popup.min.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (20087)
Hash 4f4934f43dd8c70fdfb2c05e612a851f
f5c241777dd3112a759feed4cc15e0f8ea3d89f9
0162ac9adfbc84dff21d0e0df39bd292ef7562af1b41616fd30950aa40799f8a
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "4f4a-60f579fa-e2d19927f3c9868b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7078
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/custom.js
185.28.21.218200 OK 1.5 kB URL HTTP/2 www.jeevottamahealth.com/assets/js/custom.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash dd3f69fc5a3c3d084306ab9f5183e717
c1fca3b2e129fcc0918301e96c8f154263685aee
30af4042a90eb3caf578d5d46af57d221696f5dc0c0c4a8e79183def38907126
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/custom.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "1ef5-60f579fa-ff84353373d210e6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1492
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/slid.js
185.28.21.218200 OK 536 B URL HTTP/2 www.jeevottamahealth.com/assets/js/slid.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 04423c18e43e66a7dccb97824a081c4c
42eb6caf815dae35dd623035d1c0f8697993ecb5
684e8d7c3bd5af83ff37309ef6ce555e726141b1bf0016f2ffac3bd78ed98edc
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/slid.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "4d5-60f579fa-43c5f8cc7322b669;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 536
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/map-script.js
185.28.21.218200 OK 797 B URL HTTP/2 www.jeevottamahealth.com/assets/js/map-script.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (825), with CRLF line terminators
Hash 61cdf5923a27acdcec85c3b0b5fcd493
5cb8f143c742a70ed9ed3131cd909fa5698bc261
21f797b06bc00135f69ed631cc1453eb6d3bc156a03b270a5dba0a6e2837a870
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/map-script.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "984-60f579fa-e50dfb80549baaa3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 797
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/js/form-wizard.js
185.28.21.218200 OK 255 B URL HTTP/2 www.jeevottamahealth.com/assets/js/form-wizard.js
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
Hash b003ae16d814d0fec0b48d2cc776f348
7c74f13198a160437708ea996a74a41efe9a7807
bd1caafbde0069ae60b758c01a99643277a5bc4bafaf8b83cac34f2ad604efdc
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/form-wizard.js HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "647-60f579fa-501887a614f7a4b3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 255
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.243.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.243.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3tgcO5BgJlXyot6rR7pUNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hRLmecIlJvDZ+PW61zSp/gtQF4Q=
www.jeevottamahealth.com/dynamic_img/cure/251921efe6ff5efe6ec4204640d93d89153664597730228.jpg
185.28.21.218200 OK 16 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/251921efe6ff5efe6ec4204640d93d89153664597730228.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 380x280, components 3\012- data
Hash cf1069b14e3de3c90940516437f161aa
b8ab5217a11cdc661e8d1e417c29cb32f2394d35
7d8e7ee09dba9cf9819445e09b9a985f4a7dc89ab715160fd2d07477c099ad09
GET /dynamic_img/cure/251921efe6ff5efe6ec4204640d93d89153664597730228.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "3db0-60f579fb-e9eaad2760cfcd9b;;;"
accept-ranges: bytes
content-length: 15792
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/cure/b4f98f58abe8d137b45638e8149e345415366511794819.jpg
185.28.21.218200 OK 14 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/b4f98f58abe8d137b45638e8149e345415366511794819.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 241x300, components 3\012- data
Hash 627ba65855e89831998410ab15b5d60e
3fd40d0f5587bbbbe9b412f98524f52c6a44c911
46b8deb2d815e8901d1d664bd5ffef46ec20442490cc04cc8bbaaf07951184c1
GET /dynamic_img/cure/b4f98f58abe8d137b45638e8149e345415366511794819.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "3756-60f579fb-8a02a3a74c5916b4;;;"
accept-ranges: bytes
content-length: 14166
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/img/section-icon1.png
185.28.21.218200 OK 15 kB URL HTTP/2 www.jeevottamahealth.com/assets/img/section-icon1.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 594f3265cf86ec3a720f35b5cd843512
106f7f0285e0bdd931cddb658a721a99321610aa
bddb853d9bd0263a051bbb675835fb91bd1e5e964267acde0c19a8af590a967e
GET /assets/img/section-icon1.png HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/png
last-modified: Mon, 19 Jul 2021 13:11:22 GMT
etag: "3c32-60f579fa-53a56059cd33d35b;;;"
accept-ranges: bytes
content-length: 15410
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/img/payment-icon/mastercard.png
185.28.21.218200 OK 4.2 kB URL HTTP/2 www.jeevottamahealth.com/assets/img/payment-icon/mastercard.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type PNG image data, 73 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f6cdc29ee2e22e06b1ac029cb52ef71
9b4ae27fb3289e940a44eae134a06f1da5732148
93da9e6de248ab67047f4d1af7c25a8dc683bc63503b02a00aa238ba31fa8508
GET /assets/img/payment-icon/mastercard.png HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/png
last-modified: Mon, 19 Jul 2021 13:11:21 GMT
etag: "103a-60f579f9-5ef8d90a0ff658b;;;"
accept-ranges: bytes
content-length: 4154
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/4.png
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/feature-icon/4.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash 7aecea72876be19b8b8554891c4a322a
3edb392f700186d3fd69905271cf50934558c9e3
79785395a133a888bd11a72bb6a266081cefed50e256bf0ace769abd326fc542
GET /dynamic_img/blog/assets/img/feature-icon/4.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10687
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/assets/img/counter/counter-icon02.png
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/counter/counter-icon02.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash 7aecea72876be19b8b8554891c4a322a
3edb392f700186d3fd69905271cf50934558c9e3
79785395a133a888bd11a72bb6a266081cefed50e256bf0ace769abd326fc542
GET /dynamic_img/blog/assets/img/counter/counter-icon02.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10687
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/vinayakjadhav/jR3DCarousel@HEAD/dist/jR3DCarousel.min.js
151.101.193.229200 OK 2.4 kB URL HTTP/2 cdn.jsdelivr.net/gh/vinayakjadhav/jR3DCarousel@HEAD/dist/jR3DCarousel.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (527)
Hash 0ed5b7516e0a86f4ca951644e469f5c3
040695320e894afc71318298583ad94c05dadfa4
8ea970f8a823a75480f6155f47ccc3897778f2fe91f4113a9419a6b3bb684e8e
GET /gh/vinayakjadhav/jR3DCarousel@HEAD/dist/jR3DCarousel.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: HEAD
x-jsd-version-type: branch
etag: W/"1d82-fCbLmGPwmgk8qhDKfGHu74uDw7Q"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:35:33 GMT
age: 10192
x-served-by: cache-fra-eddf8230109-FRA, cache-bma1628-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2440
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/prevention/587c5b83f70ff651700e3b75953fb9d7153664961519604.jpg
185.28.21.218200 OK 37 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/prevention/587c5b83f70ff651700e3b75953fb9d7153664961519604.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Hash fc02071c7bcfbe1b2fccc4c23add5d51
666bdebcea5f48747fd804ec591bb255104555c8
6ca8155c07f1bfd64c7c792cd7b737ea284231fd6096740b6cf99c72799791e0
GET /dynamic_img/prevention/587c5b83f70ff651700e3b75953fb9d7153664961519604.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "915f-60f579fb-ea9b06a5e147b6d1;;;"
accept-ranges: bytes
content-length: 37215
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jeevottamahealth.com/dynamic_img/prevention/b53ba37fd76d73cc4e4d31b348f6412315366494153250.jpg
185.28.21.218200 OK 31 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/prevention/b53ba37fd76d73cc4e4d31b348f6412315366494153250.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash b784586c836a9d5b5089da6dc2d5442b
fe82861809e73c91a5846c40bedac0ef7bad2bc0
50bf65f3825cff7b9fe2e6c7466875a48753ffea40aabb90d19a8526f0e06e4b
GET /dynamic_img/prevention/b53ba37fd76d73cc4e4d31b348f6412315366494153250.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "78b1-60f579fb-1bf8756287d8c891;;;"
accept-ranges: bytes
content-length: 30897
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/cure/2da647def2d91e95cfd1762c7d289971153665101715781.jpg
185.28.21.218200 OK 36 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/2da647def2d91e95cfd1762c7d289971153665101715781.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 500x360, components 3\012- data
Hash 4cdf5df3d13d9e97cc77986971cdec55
082858229e7e2e1a4be2704c93e9514ba18bed13
052d284ff7db44f3504df0d85cb017ec20b765ed7b5a6b8418c0def31f8501fa
GET /dynamic_img/cure/2da647def2d91e95cfd1762c7d289971153665101715781.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "8dcb-60f579fb-7580b1ee0148dff6;;;"
accept-ranges: bytes
content-length: 36299
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/cure/496b178966fd31a90acf9afe59767e93153665150011830.jpg
185.28.21.218200 OK 21 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/496b178966fd31a90acf9afe59767e93153665150011830.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 540x359, components 3\012- data
Hash 7697b7ff1214293624e38a9a8a2710ad
2648087598ab09897359193e16a9779fe7429000
dafc9da848422c39157cade08741b82286dfe2737445063275a5a464cab34f7d
GET /dynamic_img/cure/496b178966fd31a90acf9afe59767e93153665150011830.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "5276-60f579fb-db6445ba66a79664;;;"
accept-ranges: bytes
content-length: 21110
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/cure/1469ca5c8e336e2b26a135fe303f943c153665159215625.jpg
185.28.21.218200 OK 39 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/1469ca5c8e336e2b26a135fe303f943c153665159215625.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x578, components 3\012- data
Hash ae32f3f5a3fdd11fbd150abaa506c84f
2654f76d63b50cb56de31842ea6e29666447d2b4
a45c54853c73a4abf90b871e4c7ff35faade162512f47ea29bb618c59f2fe35d
GET /dynamic_img/cure/1469ca5c8e336e2b26a135fe303f943c153665159215625.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "9928-60f579fb-3c2fa17e5dc45f1;;;"
accept-ranges: bytes
content-length: 39208
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash b0901dff4cbdeda2bf98f33d3b404f99
a033639cf35c1871fb4be47143b6a3ec9a0cc698
3047e626e360ded18f9800ed6ce14d54727312147bdad902140446015f145e94
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:35:33 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "765CBC6AD5D4A241AE678487D4369D2AD466B880"
Expires: Sun, 29 Jan 2023 22:00:00 GMT
Last-Modified: Sun, 29 Jan 2023 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2903
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911aa444de31c16-OSL
www.jeevottamahealth.com/dynamic_img/prevention/80a7c19b5265f61ee68013a6a4fa543f153664974029612.jpg
185.28.21.218200 OK 63 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/prevention/80a7c19b5265f61ee68013a6a4fa543f153664974029612.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2018:08:06 12:15:43], baseline, precision 8, 480x360, components 3\012- data
Hash d4a7c4e26e26e2fdfc7b84cb4b0e8684
00df4c74d401f750203dd5693248fa0d11cac79c
45ec9632af28c22ba123857faaf308a7a4dda2436fbd4e38ca8e85f8867780d0
GET /dynamic_img/prevention/80a7c19b5265f61ee68013a6a4fa543f153664974029612.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "f52b-60f579fb-5c732082bfd59f73;;;"
accept-ranges: bytes
content-length: 62763
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/prevention/123b945fb142778d3e53c2ae806c0d4f1536649711110.jpg
185.28.21.218200 OK 76 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/prevention/123b945fb142778d3e53c2ae806c0d4f1536649711110.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=334, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=602], baseline, precision 8, 602x334, components 3\012- data
Hash a927a5860b17083d66e639db6c7fa1d5
242fd19dec35c051639972d9e0a78f48dd64aa8e
14a3923911f63374ce166d03ca19d6708eb04fdf49098684968b65ad5a005ad2
GET /dynamic_img/prevention/123b945fb142778d3e53c2ae806c0d4f1536649711110.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "12a66-60f579fb-959f680c0c9ece98;;;"
accept-ranges: bytes
content-length: 76390
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/assets/img/counter/counter-icon04.png
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/counter/counter-icon04.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash b9e55f29a8cf61c6eb8e8a56a56cc856
1a09c2269ef60cc91159fc7a7a080ff1331805fb
39aff66025e93a16dab92f2bf730366f162b418dafb29795011825a6167dd19e
GET /dynamic_img/blog/assets/img/counter/counter-icon04.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jeevottamahealth.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:35:33 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 72afca2a7ce3793e918592883e388115
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7911aa4479aeb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jeevottamahealth.com/dynamic_img/cure/83113646799a865a8257241177c3cb54153665082911062.jpg
185.28.21.218200 OK 138 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/cure/83113646799a865a8257241177c3cb54153665082911062.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=(c) Andreus | Dreamstime.com], baseline, precision 8, 800x600, components 3\012- data
Size 138 kB (137755 bytes)
Hash 87fdb601c98087d70a23654972f30131
86b54a47af934fb208452c4701adb93e2802639c
a92a4faff6aa6ab31ae601779908a14803b8b20e4164f1d2c5ded0f87831a1a9
GET /dynamic_img/cure/83113646799a865a8257241177c3cb54153665082911062.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "21a1b-60f579fb-62faaf99851b8101;;;"
accept-ranges: bytes
content-length: 137755
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data
Hash c21e7acd53a6d80fa451f1af92d9a492
4096e12b96fa2549e4f169044a49b6ec60214008
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jeevottamahealth.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:13:07 GMT
expires: Fri, 26 Jan 2024 00:13:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
content-type: font/woff2
age: 300146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.jeevottamahealth.com/assets/img/logo.png
185.28.21.218200 OK 289 kB URL HTTP/2 www.jeevottamahealth.com/assets/img/logo.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type PNG image data, 1628 x 467, 8-bit/color RGBA, non-interlaced\012- data
Size 289 kB (288930 bytes)
Hash f4b5f572189d5850f1d249cacc322604
2c8813bfadb2ce632d4f326b42116b0a755dd965
838d5e48a0484e5706ed0301dc8a4d01ddfdb14cc13ee26b938ca21e8b2471ae
GET /assets/img/logo.png HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/png
last-modified: Mon, 19 Jul 2021 13:11:21 GMT
etag: "468a2-60f579f9-d40975f3dd74afb4;;;"
accept-ranges: bytes
content-length: 288930
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
jeevottamahealth.com/dynamic_img/blog/assets/img/counter/counter-icon03.png
185.28.21.218200 OK 11 kB URL HTTP/2 jeevottamahealth.com/dynamic_img/blog/assets/img/counter/counter-icon03.png
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537), with CRLF, LF line terminators
Hash b9e55f29a8cf61c6eb8e8a56a56cc856
1a09c2269ef60cc91159fc7a7a080ff1331805fb
39aff66025e93a16dab92f2bf730366f162b418dafb29795011825a6167dd19e
GET /dynamic_img/blog/assets/img/counter/counter-icon03.png HTTP/1.1
Host: jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/dynamic_img/blog/case.zip
Cookie: PHPSESSID=62akqp0gm88m6ujuoqver8ab70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jeevottamahealth.com/dynamic_img/slider/9eb3212dcf0a8b33237fee85581b1df4153620975129848.jpg
185.28.21.218200 OK 592 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/slider/9eb3212dcf0a8b33237fee85581b1df4153620975129848.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=667, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], baseline, precision 8, 1600x500, components 3\012- data
Size 592 kB (591676 bytes)
Hash 8b3d0212676b4636d2f0085732f8daf4
587d13e6a552dac9a5e73017cb9715bd476d527b
2ddd42670d8c52d5622dc16e90bc5b4c0748acb36c2304c5ee1140fe85b1d605
GET /dynamic_img/slider/9eb3212dcf0a8b33237fee85581b1df4153620975129848.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "9073c-60f579fb-57aa106ffda011bf;;;"
accept-ranges: bytes
content-length: 591676
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 222451
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/slider/19ad3dbd43e23d9e23641998549b2b2a153632100915779.jpg
185.28.21.218200 OK 731 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/slider/19ad3dbd43e23d9e23641998549b2b2a153632100915779.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=685, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1600x500, components 3\012- data
Size 731 kB (731176 bytes)
Hash 90e130c96b192b4105327c85b92713ed
9eb3f5e89b3da53e48fc5421c5065615edd4c8d2
638db9288577a0435b299ba1ed922ff6c86ca593867fa620d19ad367c1371fb0
GET /dynamic_img/slider/19ad3dbd43e23d9e23641998549b2b2a153632100915779.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "b2828-60f579fb-d5428e749752673;;;"
accept-ranges: bytes
content-length: 731176
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/slider/7c9a778d594c025dc99213019cdf6bcf153620967213653.jpg
185.28.21.218200 OK 598 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/slider/7c9a778d594c025dc99213019cdf6bcf153620967213653.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2018:08:23 18:36:58], baseline, precision 8, 1600x500, components 3\012- data
Size 598 kB (598331 bytes)
Hash 6b7afdcb16d3ccea8c6838f1e43206ec
02c5affb509f6e5fdcc08bdf62ba38851d8629a6
9915f165a23203bf0c622818f591f4dbe2e512cf88f45914b139425024dcc677
GET /dynamic_img/slider/7c9a778d594c025dc99213019cdf6bcf153620967213653.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "9213b-60f579fb-c1a1acf305339d4b;;;"
accept-ranges: bytes
content-length: 598331
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.jeevottamahealth.com/dynamic_img/slider/8c5b413b64b97d1f5c875881bd4c6a2f15362097352518.jpg
185.28.21.218200 OK 837 kB URL HTTP/2 www.jeevottamahealth.com/dynamic_img/slider/8c5b413b64b97d1f5c875881bd4c6a2f15362097352518.jpg
IP 185.28.21.218:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=685, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1600x500, components 3\012- data
Size 837 kB (837275 bytes)
Hash 4d3902432d003db3357d43b714025e02
35c5e25d243072fa48427ad9a55a2c870bcec37b
3731448d353d1ac03888d91545a49e377e415b8f5e6a965afe8f7e4632f57c64
GET /dynamic_img/slider/8c5b413b64b97d1f5c875881bd4c6a2f15362097352518.jpg HTTP/1.1
Host: www.jeevottamahealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 11:35:33 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jul 2021 13:11:23 GMT
etag: "cc69b-60f579fb-71a39d78f460e152;;;"
accept-ranges: bytes
content-length: 837275
date: Sun, 29 Jan 2023 11:35:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.youtube.com/embed/CxrKvyg0d8c
142.250.74.78200 OK 77 kB URL HTTP/2 www.youtube.com/embed/CxrKvyg0d8c
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash e32e68ab8855ae58e00d9c77a4f2262b
a1036a9fab84f563caf002fda308b8f86277b5d8
66e02591d27ab8f0862493f9104ff5bdf1e29706aea367c6546b6db9d7b20277
GET /embed/CxrKvyg0d8c HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 11:35:33 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=KOYwpwLAcY8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=bSaptePlrEY; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 11:35:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRBek5qUXpNekEzTWpjeE9UTTNOZz09EIW02Z4GGIW02Z4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 11:35:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+955; expires=Tue, 28-Jan-2025 11:35:33 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 240891
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae47dab02e56810012de0955909e30e2
5b7305b19e5162949a7d64660f3faa046dad0613
f85ae6f436f18dfd5a6997cf6043e2f0ffa8c07cd09deba181f83dff20f67f7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F85AE6F436F18DFD5A6997CF6043E2F0FFA8C07CD09DEBA181F83DFF20F67F7F"
Last-Modified: Fri, 27 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16838
Expires: Sun, 29 Jan 2023 16:16:12 GMT
Date: Sun, 29 Jan 2023 11:35:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae47dab02e56810012de0955909e30e2
5b7305b19e5162949a7d64660f3faa046dad0613
f85ae6f436f18dfd5a6997cf6043e2f0ffa8c07cd09deba181f83dff20f67f7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F85AE6F436F18DFD5A6997CF6043E2F0FFA8C07CD09DEBA181F83DFF20F67F7F"
Last-Modified: Fri, 27 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16838
Expires: Sun, 29 Jan 2023 16:16:12 GMT
Date: Sun, 29 Jan 2023 11:35:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae47dab02e56810012de0955909e30e2
5b7305b19e5162949a7d64660f3faa046dad0613
f85ae6f436f18dfd5a6997cf6043e2f0ffa8c07cd09deba181f83dff20f67f7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F85AE6F436F18DFD5A6997CF6043E2F0FFA8C07CD09DEBA181F83DFF20F67F7F"
Last-Modified: Fri, 27 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16838
Expires: Sun, 29 Jan 2023 16:16:12 GMT
Date: Sun, 29 Jan 2023 11:35:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae47dab02e56810012de0955909e30e2
5b7305b19e5162949a7d64660f3faa046dad0613
f85ae6f436f18dfd5a6997cf6043e2f0ffa8c07cd09deba181f83dff20f67f7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F85AE6F436F18DFD5A6997CF6043E2F0FFA8C07CD09DEBA181F83DFF20F67F7F"
Last-Modified: Fri, 27 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16838
Expires: Sun, 29 Jan 2023 16:16:12 GMT
Date: Sun, 29 Jan 2023 11:35:34 GMT
Connection: keep-alive
unsplash.it/1369/771
178.128.139.170302 Found 138 B IP 178.128.139.170:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /1369/771 HTTP/1.1
Host: unsplash.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-type: text/html
content-length: 138
location: https://picsum.photos/1369/771
access-control-allow-origin: *
X-Firefox-Spdy: h2
unsplash.it/1366/768
178.128.139.170302 Found 138 B IP 178.128.139.170:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /1366/768 HTTP/1.1
Host: unsplash.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-type: text/html
content-length: 138
location: https://picsum.photos/1366/768
access-control-allow-origin: *
X-Firefox-Spdy: h2
unsplash.it/1368/770
178.128.139.170302 Found 138 B IP 178.128.139.170:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /1368/770 HTTP/1.1
Host: unsplash.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-type: text/html
content-length: 138
location: https://picsum.photos/1368/770
access-control-allow-origin: *
X-Firefox-Spdy: h2
picsum.photos/1370/772
172.67.74.163302 Found 0 B IP 172.67.74.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1370/772 HTTP/1.1
Host: picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-length: 0
location: https://fastly.picsum.photos/id/580/1370/772.jpg?hmac=71Nlkb4zdcR0tcc8BRYwp5wQTQDBIfxsk1ZCqjbOdYg
cache-control: private, no-cache, no-store, must-revalidate
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRRP8RbbNJYS0D9G%2BemxSbJFxuG8AVW1mbTmjwo%2FCqHg2VkKBPcpCq13vU5rhDzwKa2wIdHQV2G3WD%2Bc7%2FRSYVMxqEknxbtK6iZ2xkmpj61DWNM9cZr4xwIlCDpecsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7911aa490bc6b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
picsum.photos/1369/771
172.67.74.163302 Found 0 B IP 172.67.74.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1369/771 HTTP/1.1
Host: picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-length: 0
location: https://fastly.picsum.photos/id/269/1369/771.jpg?hmac=GMlZ3o_pTSsAnfV47HlrF6VGjWy7ydFF8pvPGPrgWaY
cache-control: private, no-cache, no-store, must-revalidate
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YC81JJ9VjZp6GHRPYvt1rhPtqyBHy2n6kE5EUf%2BbsBmcTeOag4aeS58uvSKxzXjJZ694q0sZB9KC%2Fez01uwsMdlGOWtBGythDxn8gGW3ayp7zsy3D3y%2FrPlCF319izA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7911aa490bc2b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
picsum.photos/1367/769
172.67.74.163302 Found 0 B IP 172.67.74.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1367/769 HTTP/1.1
Host: picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-length: 0
location: https://fastly.picsum.photos/id/943/1367/769.jpg?hmac=d9Sn4yqBXTf9yOA7AKBsjHm3wR7Ock89kRXgTUGmSY8
cache-control: private, no-cache, no-store, must-revalidate
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKjmpYglsnVsQVLxVUMJTQFkCDPhVOAHsFYfKa%2FH6EkVCwZpYNteDpRC4SUA2DjxM1Pzp1hWKIOUpv7dzOkyy7pQsP%2Flz2USV4xslLu9da%2FQCV3Boio%2Bl32Dv1Z1XMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7911aa490bbcb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
picsum.photos/1366/768
172.67.74.163302 Found 0 B IP 172.67.74.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1366/768 HTTP/1.1
Host: picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-length: 0
location: https://fastly.picsum.photos/id/737/1366/768.jpg?hmac=xxVpDl4R5Yb8nKs99rtzQCBK7nij1ysPS6lTfhPn3mo
cache-control: private, no-cache, no-store, must-revalidate
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLKYup%2BMtHUUdyvF5EMFQYyEm5nPTs7y6%2FKmyYuiEXRzzqWBzAW65i2wAX8tzY%2BS1DOU6Z8OCWpgn4vopzVZ77j6WJXPFcVGpDVHiGBrn8bv2GW4hpOyAYKW0Deh2%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7911aa491bceb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
picsum.photos/1368/770
172.67.74.163302 Found 0 B IP 172.67.74.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1368/770 HTTP/1.1
Host: picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 11:35:34 GMT
content-length: 0
location: https://fastly.picsum.photos/id/486/1368/770.jpg?hmac=0ko0OPaZjd-gmE8caKSEWmprZsphjLNyYwINojjLC7s
cache-control: private, no-cache, no-store, must-revalidate
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPTnr6vXLV9yJyEbemcSavgrzOlINLzWrgHNAKfUgPS9LIVI1jYwf6wCxqZYwMHivgBCSBFUsD2zn41MWfKwJoZlNHfX18B2Bht06XsHLKvMyzaKwdzbsqtAvcdEav0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7911aa491bd5b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fastly.picsum.photos/id/943/1367/769.jpg?hmac=d9Sn4yqBXTf9yOA7AKBsjHm3wR7Ock89kRXgTUGmSY8
151.101.1.91200 OK 32 kB URL HTTP/2 fastly.picsum.photos/id/943/1367/769.jpg?hmac=d9Sn4yqBXTf9yOA7AKBsjHm3wR7Ock89kRXgTUGmSY8
IP 151.101.1.91:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1367x769, components 3\012- data
Hash 0cfe8e3625a3bbe05fe3e0e8bcd0a415
f70059b6982a53c61d1c223e9beb047577e4be4b
6de4affb54f67dbefb9f33d0cc0e6ebab54e85c3e5a471e506715d0a6fd0934c
GET /id/943/1367/769.jpg?hmac=d9Sn4yqBXTf9yOA7AKBsjHm3wR7Ock89kRXgTUGmSY8 HTTP/1.1
Host: fastly.picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="943-1367x769.jpg"
picsum-id: 943
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:35:34 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674992135.717689,VS0,VE192
vary: Origin
content-length: 32503
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 16 kB URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
File type Web Open Font Format, TrueType, length 63712, version 1.0\012- data
Hash 6b195d4703c8ef99ef44c772058adcd5
47567901fd2338d91ba3c50520af10a0ea7d9e43
edcb438eccae14fa2de052fcf58499c2a330608a7f1084b86e295de7527cc222
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 11:27:52 GMT
expires: Sun, 29 Jan 2023 11:42:52 GMT
cache-control: public, max-age=900
age: 462
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 27 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash e9932f60308096c985c3d285d738c690
42ca1193ef22899e6bce830d0d86d167fc5e850b
5f40b1e43202742bed69e45f0760555fd55de7b1c43afb9f32cef10286e21393
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 29 Jan 2023 11:35:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fastly.picsum.photos/id/737/1366/768.jpg?hmac=xxVpDl4R5Yb8nKs99rtzQCBK7nij1ysPS6lTfhPn3mo
151.101.1.91200 OK 160 kB URL HTTP/2 fastly.picsum.photos/id/737/1366/768.jpg?hmac=xxVpDl4R5Yb8nKs99rtzQCBK7nij1ysPS6lTfhPn3mo
IP 151.101.1.91:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1366x768, components 3\012- data
Size 160 kB (159615 bytes)
Hash 0b0e24f3016205431116fd6adffdb0d9
e10d039b76120b5cb43732850c7fe4f3a1888566
7a9b3a943de767b1eff70b73bd0633af00e6b6e93aa8666c6855b3a0f042ac7d
GET /id/737/1366/768.jpg?hmac=xxVpDl4R5Yb8nKs99rtzQCBK7nij1ysPS6lTfhPn3mo HTTP/1.1
Host: fastly.picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="737-1366x768.jpg"
picsum-id: 737
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:35:34 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674992135.701203,VS0,VE288
vary: Origin
content-length: 159615
X-Firefox-Spdy: h2
fastly.picsum.photos/id/486/1368/770.jpg?hmac=0ko0OPaZjd-gmE8caKSEWmprZsphjLNyYwINojjLC7s
151.101.1.91200 OK 70 kB URL HTTP/2 fastly.picsum.photos/id/486/1368/770.jpg?hmac=0ko0OPaZjd-gmE8caKSEWmprZsphjLNyYwINojjLC7s
IP 151.101.1.91:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1368x770, components 3\012- data
Hash 15aeae00a00ee08277472b9d3919df7b
ada622abae2883ab86d7d987de0fda72ecc4f544
e49f80908e2321a3085ec80e421b899f94d4e5e8e1c5b62cfdf8d7f249697060
GET /id/486/1368/770.jpg?hmac=0ko0OPaZjd-gmE8caKSEWmprZsphjLNyYwINojjLC7s HTTP/1.1
Host: fastly.picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="486-1368x770.jpg"
picsum-id: 486
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:35:35 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674992135.710089,VS0,VE313
vary: Origin
content-length: 69833
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Dancing+Script:400,700|Rubik:300,400,500,700,900
216.58.207.234200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Dancing+Script:400,700|Rubik:300,400,500,700,900
IP 216.58.207.234:0
Hash 0740b10f03db7ab215bd2cbf5f6895dd
01f6bf266df99f4bed14a20f112905637b1cf5a5
0146d6c130217544aae9d3105975febb9f2dc5e2668912ec800da7bcb6fadafe
GET /css?family=Dancing+Script:400,700|Rubik:300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeevottamahealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 11:35:33 GMT
date: Sun, 29 Jan 2023 11:35:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fastly.picsum.photos/id/580/1370/772.jpg?hmac=71Nlkb4zdcR0tcc8BRYwp5wQTQDBIfxsk1ZCqjbOdYg
151.101.1.91200 OK 78 kB URL HTTP/2 fastly.picsum.photos/id/580/1370/772.jpg?hmac=71Nlkb4zdcR0tcc8BRYwp5wQTQDBIfxsk1ZCqjbOdYg
IP 151.101.1.91:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1370x772, components 3\012- data
Hash 6d1c8bd6a20eca3a7aa3a4512cc53002
96637006262db16e25b246e6cbd09c52c8f51bfe
ec35b5f30da702b8c084fd4ef4c9df7c01e2405455b4426ac10401d430dfc92a
GET /id/580/1370/772.jpg?hmac=71Nlkb4zdcR0tcc8BRYwp5wQTQDBIfxsk1ZCqjbOdYg HTTP/1.1
Host: fastly.picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="580-1370x772.jpg"
picsum-id: 580
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:35:35 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674992135.716638,VS0,VE323
vary: Origin
content-length: 77765
X-Firefox-Spdy: h2
fastly.picsum.photos/id/269/1369/771.jpg?hmac=GMlZ3o_pTSsAnfV47HlrF6VGjWy7ydFF8pvPGPrgWaY
151.101.1.91200 OK 80 kB URL HTTP/2 fastly.picsum.photos/id/269/1369/771.jpg?hmac=GMlZ3o_pTSsAnfV47HlrF6VGjWy7ydFF8pvPGPrgWaY
IP 151.101.1.91:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1369x771, components 3\012- data
Hash 3eb7f19bdaec3a33c10d7f6d8fedc6bd
bd6262060390b0301f3abad1bfef16365509a6e7
b2f03b8a6b67e2734bbbf8d076fade1da50aec9143eaf2474bd1f7a262cd3ce2
GET /id/269/1369/771.jpg?hmac=GMlZ3o_pTSsAnfV47HlrF6VGjWy7ydFF8pvPGPrgWaY HTTP/1.1
Host: fastly.picsum.photos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jeevottamahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="269-1369x771.jpg"
picsum-id: 269
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:35:35 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674992135.712948,VS0,VE349
vary: Origin
content-length: 80086
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 29 Jan 2023 11:35:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f3f6a41fbfa275d943d4dab495a54732
8d3e26efce31737ce9cb235f1413e8fe7406ab05
a2f0d560bbdf959d89a966352fc2fa25aac4b9f5727711fadc7da4cbe7eb10e2
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 11:35:35 GMT
server: ESF
cache-control: private
content-length: 30666
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:35:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: f6073f30-9a9c-4674-8ca9-a43e1982ab44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzV7FHtoAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328c-08806a615c478d443f76119f;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:09:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5AeWdtII3LLgHysTJsa4Kn5-SSmF0rkM0uYXZwtpBC0p60eJ_VSjBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:00:59 GMT
age: 74076
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 49129
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47514f1386d4e6962ac2c931647f60f4
c8da685b6a5aee80c98d4173ffe226b672f054c3
474d462b5d4dbd15b7f759457fe1ed084819cea563ef7c1285028dad9a4a404c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7201
x-amzn-requestid: ba830369-3a5f-45bc-9af9-5ad9ee58f43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRREJqIAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4926e-6983a44e506dcd4d203c2688;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k8zu8NNW1XfVlVQuIh495I2sE9YzQQXRooJmVFb2Yqav_D5UCehhLw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:53:26 GMT
age: 66533
etag: "c8da685b6a5aee80c98d4173ffe226b672f054c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 53359
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 74387
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 27260
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36008)
Hash 8a1e64e80c9189aaa07733ae98ea030b
de788d5e003c05a2b43c8f16557e6a4f27eb00ff
cdfd098bd8fb947a53ebeaf0e8e0bdd0d6a31eb6a7c0e1403331403cc48a5a1e
GET /js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 264577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d2ade408af91f717110cf07d8d89c02a
997134ef254ea49d8aa40d48e55a715e06f9c315
81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/CxrKvyg0d8c/sddefault.webp
216.58.207.246200 OK 17 kB URL HTTP/2 i.ytimg.com/vi_webp/CxrKvyg0d8c/sddefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6611e6513a20ad43e5ad458f671bb38
e4e464a34f361f97d2e93508becdb9e72a06dd0b
07ad4bad950a18a43de02b1523b96cca3965c72af8f03a29303c1468a50f2f21
GET /vi_webp/CxrKvyg0d8c/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17088
date: Sun, 29 Jan 2023 11:35:35 GMT
expires: Sun, 29 Jan 2023 13:35:35 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeevottamahealth.com
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 11:35:35 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://jeevottamahealth.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d2ade408af91f717110cf07d8d89c02a
997134ef254ea49d8aa40d48e55a715e06f9c315
81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJVpurFSaVSMkL0lJTTwOYvrJwrr2lVmhpubdFYR=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVpurFSaVSMkL0lJTTwOYvrJwrr2lVmhpubdFYR=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 74ab2f95418c4ffc09ab55d0e8e6b35e
61d5f59379303150e92709657237f5d847498996
7d314b5a1dc5d8852a7c09f967c57c482be872adab568654f7fa617c1b521c52
GET /ytc/AL5GRJVpurFSaVSMkL0lJTTwOYvrJwrr2lVmhpubdFYR=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v14"
expires: Mon, 30 Jan 2023 11:35:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 11:35:35 GMT
server: fife
content-length: 2247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b788ebf7dc724cd71953ba0393e222b6
86d34caaec688c4cfd9e77e7920fe0e8d82c31de
86d19f0bee3a0a799d8a7c869367457e640789a0c60a6b492a74cbe4dfa55520
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: max-age=106664
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:35:36 GMT
Etag: "63d557ad-116"
Expires: Mon, 30 Jan 2023 17:13:20 GMT
Last-Modified: Sat, 28 Jan 2023 17:13:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
www.nourishdoc.com/images/buttons/nourishdoc_5.png
172.67.145.2404 Not Found 0 B URL HTTP/2 www.nourishdoc.com/images/buttons/nourishdoc_5.png
IP 172.67.145.2:0
GET /images/buttons/nourishdoc_5.png HTTP/1.1
Host: www.nourishdoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 29 Jan 2023 11:35:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://www.nourishdoc.com/wp-json/>; rel="https://api.w.org/"
x-cache: MISS
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHbEYPU5utV8l7rB6NL2Afv1CyHfEI%2BmZPA3udcA4fgPmsXr0hS951pFSlp52p67VaCSAKPdsti%2BTG7RmOsr60V2xIV83gHf4Rcy2%2F2J6a23eJJjWkD5w6AMoZusyP%2B7SE40JmY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7911aa438fb3b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jeevottamahealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:35:33 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 20438887
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7911aa406c0a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2