r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6024
Expires: Fri, 03 Feb 2023 21:26:36 GMT
Date: Fri, 03 Feb 2023 19:46:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11396
Expires: Fri, 03 Feb 2023 22:56:08 GMT
Date: Fri, 03 Feb 2023 19:46:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 19:36:11 GMT
content-type: application/json
age: 601
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5211
Expires: Fri, 03 Feb 2023 21:13:03 GMT
Date: Fri, 03 Feb 2023 19:46:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YMFBHYBnUN/Z49PHil+rmfUaqTefEB7JhAVBYKiGW26qZ1kHy+0uC9LZ8KOda2GVgl0sGPtLza8=
x-amz-request-id: T5B2NQJ3NXGEEHT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 19:23:40 GMT
age: 1352
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.carlareeves.com/
141.193.213.20301 Moved Permanently 162 B IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.carlareeves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 19:46:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.carlareeves.com/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dabdab916b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e71184c0c0399cb9810c4bc898cdb201
90427a8e4ea20f054884b1c3d166f8c28168755c
6813fa71c57057474be819f492a56d57f99d21a2e3effedc87b53b0c93758194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6813FA71C57057474BE819F492A56D57F99D21A2E3EFFEDC87B53B0C93758194"
Last-Modified: Thu, 02 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 01:46:12 GMT
Date: Fri, 03 Feb 2023 19:46:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 19:07:19 GMT
age: 2333
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e71184c0c0399cb9810c4bc898cdb201
90427a8e4ea20f054884b1c3d166f8c28168755c
6813fa71c57057474be819f492a56d57f99d21a2e3effedc87b53b0c93758194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6813FA71C57057474BE819F492A56D57F99D21A2E3EFFEDC87B53B0C93758194"
Last-Modified: Thu, 02 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sat, 04 Feb 2023 01:46:12 GMT
Date: Fri, 03 Feb 2023 19:46:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4801
Expires: Fri, 03 Feb 2023 21:06:14 GMT
Date: Fri, 03 Feb 2023 19:46:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82cd72c5116ecc73f2f57e39319df577
6eb7ebaeb79936d29456f2a1ba19b0687338345f
86c8103cda558feffbf88525667b261c1824881d6d1823992fc3126060b5562e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86C8103CDA558FEFFBF88525667B261C1824881D6D1823992FC3126060B5562E"
Last-Modified: Wed, 01 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Sat, 04 Feb 2023 01:45:32 GMT
Date: Fri, 03 Feb 2023 19:46:13 GMT
Connection: keep-alive
push.services.mozilla.com/
35.81.123.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.123.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q5P5YXcaJZTzMP40HNwd4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ruYNcQivVjaBulow7RX1RWY7cro=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82cd72c5116ecc73f2f57e39319df577
6eb7ebaeb79936d29456f2a1ba19b0687338345f
86c8103cda558feffbf88525667b261c1824881d6d1823992fc3126060b5562e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86C8103CDA558FEFFBF88525667B261C1824881D6D1823992FC3126060B5562E"
Last-Modified: Wed, 01 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Sat, 04 Feb 2023 01:45:32 GMT
Date: Fri, 03 Feb 2023 19:46:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 538ab7edd3286d14c3ec339a9e0031e7
64c80a64b38bab404575f6e17795397477988b29
7066c59a6e6e00926e9bdaa2fa58b7a026f55a0936b1d5b882a71a112c86ad8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7066C59A6E6E00926E9BDAA2FA58B7A026F55A0936B1D5B882A71A112C86AD8B"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13211
Expires: Fri, 03 Feb 2023 23:26:24 GMT
Date: Fri, 03 Feb 2023 19:46:13 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.23200 OK 11 kB IP 192.124.249.23:0
Hash 0a20433ca383d7d95184fea319dd98d9
9e0b9dd4d732d8ef014172aa92dc72abe96547af
3a37202fc16680959c1ffa0dba77ca555ac007a0e537a55cd16853269d98c18d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 03 Feb 2023 19:46:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 02 Feb 2023 21:19:00 GMT
Expires: Fri, 03 Feb 2023 21:19:00 GMT
ETag: "df8c8088443fe575ebcedf8356dd197ef24a933e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 2.5 kB IP 142.250.74.163:0
Hash 1317d7e697c04183340f95bc1f562956
54e8592411ad4d65272b69da41a751fc92fecf60
c0840788f4ed6269f02a10d299584aebe957842eacfa91ada5e40388b31857d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 7.5 kB IP 142.250.74.163:0
Hash c065dbb3b91441902e323db396885b01
a6ef0cb93ffff8149a8472809dbfeddedffae3b7
105034e85aded1d70735739fd65ed1aff33fbe77e621db289e319db7830b3608
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 14 kB IP 142.250.74.163:0
Hash aee7f1147ed0dd3b5243ac71d1f10080
4cb56b78d95b622354c7fc4d1caa52b8bbf73f89
921859c623874b19f63a147cb8519712318443a2f56056957e59651e2ce5359a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10602
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 19:46:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10602
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 19:46:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 1.9 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fde4f456e3e061cd1f6f5bbac10c348
1d80eccfb1043a5898257d0be2ebf75451b24983
2c601f36648f59a7599e95b148135ab79bdd767a3dfa10e3c71ede0662803c74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10602
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 19:46:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
Hash 4eac0f9b470c2530e6c5aef9090374f1
9690f867c465f9258b9a59837dedc9a460e6f514
9eeb501e2cacac062d1f5643b2660045d3fd4ffdbdab263192e439f63dd091a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 79158
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bookme.name/js/booklikeaboss.embed.js?i=15348&h=llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA
159.223.188.136200 OK 41 kB URL HTTP/2 bookme.name/js/booklikeaboss.embed.js?i=15348&h=llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
Hash 76122e815eb08afcebddf9d04a6cf636
6cc12ac882e0fb519b4a39ee04f02463015e4536
3a1d522443f62198b578bc1afd3cc7211d43e0c31b41aee9f42d76fc70fd2643
GET /js/booklikeaboss.embed.js?i=15348&h=llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carlareeves.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-1bedb"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
Hash 1358f74b4398e20a73ad40cec1a09264
f54278ad7efcfa8a99249894444da8e8e17a58ae
2abe05b997c2380c9a348c852e96a7aecf5d92d27e214f5054a6d67c471714e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 79093
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 78505
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 24 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
Hash b23748cfb875ea5adb6028d3254db239
62334c941069e35b70cc1181830a869fbcb86696
0dd7f7a9ef56aa97941f6d159ad9df8a1f3396e4a6cc07d0a6c95a5ccca76378
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 78380
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10602
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 19:46:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
Hash fa3366f7114b6256e1922a055cf43abe
81948db4a229a4c9eb37f00f5a28690648b6e874
2e3be9ce71ef475a5e0bf017213af9ee1aadcaa8f33ff579ad07fc5c785abcfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 12 kB IP 142.250.74.163:0
Hash 5fd7a5f06203b48d1a3aee74003fbf27
2cfbfc4f17009582882868b18037f9cb5791b7db
f5a551dd4542ef5bde807954a5c8ff146fb63617b44cc68e203dfc63473d25f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:08:32 GMT
age: 59862
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/josefinslab/v20/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/josefinslab/v20/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2
IP 216.58.207.227:0
Hash e336913877ca2b2304c7afc240e2a2cf
0b013a69a3fdf5146f2010461de05fe9c5cb13c3
e35ed03fd1dea7000817405066f0c0f680aa7669d1f40913d4a848d1b0c9de2f
GET /s/josefinslab/v20/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:18:06 GMT
expires: Sat, 03 Feb 2024 10:18:06 GMT
cache-control: public, max-age=31536000
age: 34088
last-modified: Mon, 11 Jul 2022 20:59:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/kristi/v17/uK_y4ricdeU6zwdhDRcS.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/kristi/v17/uK_y4ricdeU6zwdhDRcS.woff2
IP 216.58.207.227:0
Hash 52314cc1c69dfab60a20c4436bf9af73
689486bbc75224e9b685944af887de3d865cfa39
4762998d467d2eb982a6493134c1a21f57cc3850e0a4077a1c6ecbe44ca2f712
GET /s/kristi/v17/uK_y4ricdeU6zwdhDRcS.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25624
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:15:48 GMT
expires: Fri, 02 Feb 2024 16:15:48 GMT
cache-control: public, max-age=31536000
age: 99026
last-modified: Tue, 26 Apr 2022 14:39:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:36 GMT
expires: Fri, 02 Feb 2024 21:48:36 GMT
cache-control: public, max-age=31536000
age: 79058
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmserifdisplay/v11/-nFhOHM81r4j6k0gjAW3mujVU2B2G_VB0PD2.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/dmserifdisplay/v11/-nFhOHM81r4j6k0gjAW3mujVU2B2G_VB0PD2.woff2
IP 216.58.207.227:0
Hash ef8966b1ca9830e927dec187fc45dbbd
5506412882e3e9f5f70aab63b733a5c3e5ecf6fb
5610a89a6ca8b0910dd7b0f8330cac2242fde4e5ffb8a18da9ede66a1b071860
GET /s/dmserifdisplay/v11/-nFhOHM81r4j6k0gjAW3mujVU2B2G_VB0PD2.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:40:09 GMT
expires: Sat, 03 Feb 2024 09:40:09 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 21:45:29 GMT
content-type: font/woff2
age: 36365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2
216.58.207.227200 OK 7.1 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2
IP 216.58.207.227:0
Hash 1f5c342f39452b0c1cf2475dee9e1382
c7988af19e4c71afcfefddb23756e62e980a30e1
a254f27a49aa035a3decad897aaf748e54882125ab734d8bca83d059032036f6
GET /s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5472
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:08 GMT
expires: Sat, 03 Feb 2024 02:06:08 GMT
cache-control: public, max-age=31536000
age: 63606
last-modified: Tue, 26 Apr 2022 15:50:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:08 GMT
expires: Wed, 31 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 314226
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 2.8 kB IP 142.250.74.163:0
Hash e0451f8d86f73f8d52c7fc455543d6a4
b2d0688bff6bbb75637e712685de4eddfeccd7f8
e80d5a547f8e46d6ec14adbb797224f780d9c50f63054d2c0940314cda55db26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
Hash 7720b2f510359cb9579af21e0466035d
5d4a2bae823e6e7f1585de513865b37d44a050d7
b4abb33b7b5709da48ae5bdd793340d2eb27cb9701dfe6b55f8266b21af1e705
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:25:03 GMT
expires: Mon, 29 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 465671
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmserifdisplay/v11/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
216.58.207.227200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/dmserifdisplay/v11/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
IP 216.58.207.227:0
Hash f0c36d09fb1d64e6884e65ffb6379340
943db94ed5bb97498bfbb4e6a08107fc9754e42b
5628db25d3e6260c6e4e692c32cd1803e27407970206be43b457c3cd1e2e1bc4
GET /s/dmserifdisplay/v11/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 13:11:06 GMT
expires: Fri, 02 Feb 2024 13:11:06 GMT
cache-control: public, max-age=31536000
age: 110108
last-modified: Thu, 15 Dec 2022 21:43:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/josefinslab/v20/lW-nwjwOK3Ps5GSJlNNkMalnrz6tDs8.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/josefinslab/v20/lW-nwjwOK3Ps5GSJlNNkMalnrz6tDs8.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20380, version 1.0\012- data
Hash 6cbda43b4969a123696dedf54fa124e6
1a1a6b17b6ecb1272fe0dec5e3241ad07311d5cb
bf7fc4763f75aa5a826846e1d5de6219a897585b537dd78d98de1c5b80bb3c79
GET /s/josefinslab/v20/lW-nwjwOK3Ps5GSJlNNkMalnrz6tDs8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carlareeves.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 06:42:09 GMT
expires: Fri, 02 Feb 2024 06:42:09 GMT
cache-control: public, max-age=31536000
age: 133445
last-modified: Mon, 11 Jul 2022 21:17:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0660265f3bb0d69f48d99f02a020f0b
dc00beec27bd28bd91d937f8ac4d328db1028636
a52ac9c067882d806685b4e474d204d2ce56ff7197078f0937f17f6a5233cf00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1673
Cache-Control: max-age=146908
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:15 GMT
Etag: "63dcf8da-1d7"
Expires: Sun, 05 Feb 2023 12:34:43 GMT
Last-Modified: Fri, 03 Feb 2023 12:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14ce1585885d0111913e10c5e4233619
0900480e0ed0800299b75ae5c375f786100c2017
b18f72471c58a32bbe1e67b247615e3bc6d583e70c7e47d88f7b84ecc318df4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2026
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:15 GMT
Last-Modified: Fri, 03 Feb 2023 19:12:29 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
js.stripe.com/v3/
151.101.64.176200 OK 118 kB IP 151.101.64.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (118417 bytes)
Hash 243b31387c6bcc9cf2b84c1091e98248
b083be6f60a0c8f378d55b44ccd1f19b9a5ec23b
d7ce361ed9d9488c22155229e01df042eff490320ec1fd8e6d7627854d57dd03
GET /v3/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 18:37:15 GMT
etag: "79444099502423308659831216e32d06"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:15 GMT
via: 1.1 varnish
age: 34
x-request-id: 905ce6dc-7318-4450-b5af-c900e1a5df5a
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 118417
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 7d90b45fbe595361965857c5ec67f8fa
d48591092c7cddf8f9e95eac9fa1b46f122954c0
966978dea565814397100cd45589a0210b87be30011af173e975dcdb3e7a1c45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 19:46:15 GMT
Last-Modified: Fri, 03 Feb 2023 19:42:19 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y5IVteytD0xr_3u3kPeT4qrbLpCHrZrc9eX4c0j4M07gCYRp62wRrA==
Age: 236
carlareeves.com/
141.193.213.20200 OK 53 kB IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9696)
Hash 2da4e60a41bf4ff7c7ba41d3add309fa
00e92e359e3184a4ce9f70e9236b2bef365275a7
0a2e383aeb4c4c110a3f2ca6b832eb1a3f83da1f6cf19de72128c94dca163d36
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: carlareeves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 19:46:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://carlareeves.com/wp-json/>; rel="https://api.w.org/", <https://carlareeves.com/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://carlareeves.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793dabe29a3bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
151.101.64.176200 OK 122 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 151.101.64.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 7083651
x-request-id: 28fb2294-15e4-45a1-87d4-221c99b7d34c
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 264001
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carlareeves.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 19:44:08 GMT
expires: Fri, 03 Feb 2023 21:44:08 GMT
cache-control: public, max-age=7200
age: 128
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
151.101.64.176200 OK 332 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 151.101.64.176:0
File type ASCII text, with very long lines (526)
Hash ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 7083652
x-request-id: d1c1c8dc-a193-4deb-a72b-6cf52ffd09d1
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 268280
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res.cloudinary.com/blab/image/upload/v1498715500/powered-by-dark-transparent_ajpleo.png
151.101.65.137200 OK 3.1 kB URL HTTP/2 res.cloudinary.com/blab/image/upload/v1498715500/powered-by-dark-transparent_ajpleo.png
IP 151.101.65.137:0
File type PNG image data, 183 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 084220237a93a4ae4ae59f931965e87a
a73415c57b2be858ac800b9b7d89d4c8ae30256c
a9349ba673ffd4649a933e179dc45d34cde7fc917a4def564bbc710a181e18a2
GET /blab/image/upload/v1498715500/powered-by-dark-transparent_ajpleo.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
etag: "084220237a93a4ae4ae59f931965e87a"
last-modified: Thu, 29 Jun 2017 05:51:41 GMT
date: Fri, 03 Feb 2023 19:46:16 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2023-02-03T19:46:16.136Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 3101
X-Firefox-Spdy: h2
m.stripe.network/inner.html
54.230.111.59200 OK 930 B URL HTTP/2 m.stripe.network/inner.html
IP 54.230.111.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Fri, 03 Feb 2023 19:42:10 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4yIjWCIRdERdmM9800fWHy65EAcfQbefwoOKB_yhi0IRaaCCxfZ2sA==
age: 247
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5bc91e2e88
172.64.168.22200 OK 3.2 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5bc91e2e88
IP 172.64.168.22:0
File type ASCII text, with very long lines (2774)
Hash b7dc2b777437ab30d3d6193ed2dbd8de
57b41abb01b571fc00194ffda7ca2aae3ceb8543
f99bf0cf73982035868a5714cb94fce6c23ccd696b10cacd07fcdb6daaef21e0
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=5bc91e2e88 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bookme.name/
Origin: https://bookme.name
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f4a10a427389f99f2e380b2534640430.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: jzn9FALIIyeE_rf7PzF0Gra_T8gPtofZdlcRakDi8mS2Po7s0H7x7A==
age: 5231216
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wamWill3Ghtoh9KfqhGnHemRGgaHF4A7%2BXtrdxoOLY%2FXwAAMWwzd%2F%2FvKbAVPldaZO79kq7qkfrSNUQguiH6IYQ0nyWUcqwKmPzKMIEcKxaEgQ0%2BU7RQ6nPLKLQIB2wxTFif2wj2iaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793dabf00bb224f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a378f7fd01af534842c9bff481f20581
070cdae7616f08ac37e14e49a8437bafb5d7fce4
f69ebfe5c1bb7b914fe04b81822ed455855dc28b3fa8778d56a4c25bd9c9937c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5161
Cache-Control: max-age=99289
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:46:16 GMT
Etag: "63dc3138-1d7"
Expires: Sat, 04 Feb 2023 23:21:05 GMT
Last-Modified: Thu, 02 Feb 2023 21:55:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
151.101.65.137200 OK 3.6 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
IP 151.101.65.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7506)
Hash 5c9437bb831ee50b1185129707b35fb7
1df127ee96e8e387fd909a9807e087d7d2077fe1
6c239ec3d47950c2f65b8d53e57520b1b5e6d0a9caba74a80ddae8ad8fcf3a60
GET /2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "27c294036b026bfc0a56e6fc6cba020e"
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675453576.423282,VS0,VE392
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 3569
X-Firefox-Spdy: h2
upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
151.101.65.137200 OK 3.6 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
IP 151.101.65.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7506)
Hash 5c9437bb831ee50b1185129707b35fb7
1df127ee96e8e387fd909a9807e087d7d2077fe1
6c239ec3d47950c2f65b8d53e57520b1b5e6d0a9caba74a80ddae8ad8fcf3a60
GET /2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "27c294036b026bfc0a56e6fc6cba020e"
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1675453577.831629,VS0,VE0
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 3569
X-Firefox-Spdy: h2
upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
151.101.65.137200 OK 3.6 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
IP 151.101.65.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7506)
Hash 5c9437bb831ee50b1185129707b35fb7
1df127ee96e8e387fd909a9807e087d7d2077fe1
6c239ec3d47950c2f65b8d53e57520b1b5e6d0a9caba74a80ddae8ad8fcf3a60
GET /2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "27c294036b026bfc0a56e6fc6cba020e"
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1675453577.831977,VS0,VE0
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 3569
X-Firefox-Spdy: h2
upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
151.101.65.137200 OK 3.6 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
IP 151.101.65.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7506)
Hash 5c9437bb831ee50b1185129707b35fb7
1df127ee96e8e387fd909a9807e087d7d2077fe1
6c239ec3d47950c2f65b8d53e57520b1b5e6d0a9caba74a80ddae8ad8fcf3a60
GET /2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "27c294036b026bfc0a56e6fc6cba020e"
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1675453577.831773,VS0,VE0
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 3569
X-Firefox-Spdy: h2
upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
151.101.65.137200 OK 3.6 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
IP 151.101.65.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7506)
Hash 5c9437bb831ee50b1185129707b35fb7
1df127ee96e8e387fd909a9807e087d7d2077fe1
6c239ec3d47950c2f65b8d53e57520b1b5e6d0a9caba74a80ddae8ad8fcf3a60
GET /2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "27c294036b026bfc0a56e6fc6cba020e"
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1675453577.832329,VS0,VE0
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 3569
X-Firefox-Spdy: h2
bookme.name/js/iframeResizer.contentWindow.min.js
159.223.188.136200 OK 23 kB URL HTTP/2 bookme.name/js/iframeResizer.contentWindow.min.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
Hash 119d67369a63aa607e75935472f7a4a6
1f8526718b7a0ddeff9f2ead3b9a8a035d32b7c1
32e8a40e93831b5ad94f0419e12c0569d6e15fdad6b8e8ae8f0fa6253a3fb918
GET /js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-3743"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5bc91e2e88
172.64.168.22200 OK 14 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5bc91e2e88
IP 172.64.168.22:0
File type ASCII text, with very long lines (60130)
Hash 97dfcf15f83f550001bbbaaec0f12ffd
cdfc64eabc5a0d5500c1feed52877f6227165d4a
95b32c7e913e5faf074d970a32e78cf3151dd7b7683ec2fd916503bccbbb2fc4
GET /releases/v5.15.4/css/free.min.css?token=5bc91e2e88 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bookme.name/
Origin: https://bookme.name
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7b4a490cbf8618afeab9ef9e754bca44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: xBV__7KCrc6B7jp5Eqz_RLdw0LaIp_IRP1_H-DkBy6dkW1HXDxNKzQ==
age: 5231216
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhOX%2BWGSpSb6AtKVYyzGBMe0zPYfG9yS96CVp18GsQq7qqR%2FA4iqOrIQ3lIOuRGHLgx8gV72dMI3yanYArSXUVH9WzDeZ9Reu31pJlX3k42Bx6RZY%2F88sqk5k%2FOLyq1VWmhQTXWNqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793dabeffba124f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upload-widget.cloudinary.com/2.1.0/widget/runtime.js
151.101.65.137200 OK 1.9 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/runtime.js
IP 151.101.65.137:0
File type ASCII text, with very long lines (3935)
Hash 8b537eebf7d84cb931b1b6e56ea13b2e
367113edb7bb716273704ecf4bd8b0f993e37674
5a2b69ce7c087a54e7b25ed7994f27f9fe7a6784fdf7d487421e1efdfad477d0
GET /2.1.0/widget/runtime.js HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "270964110754505c714d44dd703b5e8c"
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:17 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675453577.849415,VS0,VE387
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 1942
X-Firefox-Spdy: h2
bookme.name/js/moment-timezone-with-data.min.js
159.223.188.136200 OK 64 kB URL HTTP/2 bookme.name/js/moment-timezone-with-data.min.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
Hash 10f680e6c568157179eced433ba8bbf6
4b8d1355a1e1db9fadbd3d4f3210785a9febc671
ebf537cc028f90abae631d28d5504b7b8e32a54157a331b1ec461a9301b27964
GET /js/moment-timezone-with-data.min.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-2ccf4"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
upload-widget.cloudinary.com/2.1.0/widget/main.js
151.101.65.137200 OK 844 kB URL HTTP/2 upload-widget.cloudinary.com/2.1.0/widget/main.js
IP 151.101.65.137:0
File type ASCII text, with very long lines (65513)
Size 844 kB (844274 bytes)
Hash caaefb2aca0753ada7fc7ca01de7edc1
21662677caf84ff9e649d87f68e0bf93b8577265
589349f4ca9bb421eca28d23b5021113e07f065d39f32928a72f16ee99512352
GET /2.1.0/widget/main.js HTTP/1.1
Host: upload-widget.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upload-widget.cloudinary.com/2.1.0/widget/index.html?cloudName=blab&pmHost=https://bookme.name
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jan 2022 08:44:53 GMT
etag: "48f9b5fd1c67fbabf3aae500f99f4157"
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Feb 2023 19:46:17 GMT
via: 1.1 varnish
age: 1
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675453577.849849,VS0,VE1086
vary: Accept-Encoding
cache-control: public, s-maxage=365 days, max-age=60
content-length: 844274
X-Firefox-Spdy: h2
bookme.name/js/jquery.min.js
159.223.188.136200 OK 30 kB URL HTTP/2 bookme.name/js/jquery.min.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32184)
Hash c5604265db44f68122559fd551b06d94
0705fcdc78d63c7073221513409d74dd6cb02fb2
c93c7c0c3ad84db464b2df5f9f65c11b27015e975a15752adb7ff5ec7ae77716
GET /js/jquery.min.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-14968"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5bc91e2e88
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5bc91e2e88
IP 172.64.168.22:0
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=5bc91e2e88 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bookme.name/
Origin: https://bookme.name
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3cd199e40989bbc5f4b8f53d95abe094.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: XzPH80He9QenTSp9Md9CnyKc_V65ycKrESlnHrRMUTXrtFUStkGOtQ==
age: 5234629
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8ktK7vabsfNiONH%2B20VLjMek%2FjL3HAP%2Bkk6sRHbLWEMC8mrH1cnkXNQ%2FPjOryjq%2B%2Fhq8QdfGMcYPJPMInkce1hxxWVHyosS%2Bex%2BjoPg1Rqq1WfvSVkVCCKrmJrn56tX1or2EuSIGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793dabf00bb524f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100
IP 142.250.74.106:0
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carlareeves.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 19:46:14 GMT
date: Fri, 03 Feb 2023 19:46:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bookme.name/js/bootstrap.min.js
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/js/bootstrap.min.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /js/bootstrap.min.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-9004"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bookme.name/js/clndr.min.js
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/js/clndr.min.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /js/clndr.min.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-568a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bookme.name/js/cloudinary-widget/all.js
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/js/cloudinary-widget/all.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /js/cloudinary-widget/all.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-17765"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bookme.name/css/embed.css?id=ec0c2bbe3f273861f0991ed3f7ebe7a8
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/css/embed.css?id=ec0c2bbe3f273861f0991ed3f7ebe7a8
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /css/embed.css?id=ec0c2bbe3f273861f0991ed3f7ebe7a8 HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: text/css
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-530de"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Roboto%3A500%2Cregular%2C700%7CRubik%3A700&display=swap&ver=1.0
194.242.11.186200 OK 0 B URL HTTP/2 fonts.bunny.net/css?family=Roboto%3A500%2Cregular%2C700%7CRubik%3A700&display=swap&ver=1.0
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /css?family=Roboto%3A500%2Cregular%2C700%7CRubik%3A700&display=swap&ver=1.0 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carlareeves.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 19:46:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Mon, 09 Jan 2023 10:57:02 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:57:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 59195f683892e0f66edb609082f94db1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=DM+Serif+Display:ital@0;1&family=Josefin+Slab:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Kristi&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=DM+Serif+Display:ital@0;1&family=Josefin+Slab:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Kristi&display=swap
IP 142.250.74.106:0
GET /css2?family=DM+Serif+Display:ital@0;1&family=Josefin+Slab:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Kristi&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carlareeves.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 19:46:14 GMT
date: Fri, 03 Feb 2023 19:46:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bookme.name/js/moment-with-locales.min.js
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/js/moment-with-locales.min.js
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /js/moment-with-locales.min.js HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-3cfb2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carlareeves.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Fri, 03 Feb 2023 19:46:14 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ii84UnFRUEJNSERpUTE3NjNFSjRFNFE9PSIsInZhbHVlIjoiSnlSVlJlREZUN2luVjJMd25YK3hEQ1E2d2UzZlVxYVB6ZjV3MnJSV0c4dUo5NnBWNE4yUG9IOXljK3dyN1VkY2Z1eTI2YkhzTWtGT3hDdDJ4VllSYWtKTEU0YXk5RjZ4eGZRQmhXaGUzZmkyTmErWEt5bk5ndXdlK3FMV1Jxd08iLCJtYWMiOiIwMzcwNWNmMzVlNTM4YmJmYjBkOTIzMDE5YmM0NDk3ODRjZGUxN2MzMzUxNzY3YmZiNzg0NDgzZmFmZWNhNDlhIiwidGFnIjoiIn0%3D; expires=Sun, 05-Feb-2023 19:46:14 GMT; Max-Age=172800; path=/; samesite=lax
book_like_a_boss_session=eyJpdiI6InpDcGUzTjk3bXhqYjBHeHJZU0c2Nnc9PSIsInZhbHVlIjoicWhudU4vL2hGZm9FYlVMQWExaDNab1VsTzhNakFKYUZTUmtXUjIwbGlDcXRIMzFWRW80N3hXeWFFUzZLUzg5NllGYVpzclY5V1o5TlkvcmcvZTA5Sjh2NFNIQTVoS01QbTlWMG4xaUJqbVc2VnFSSWpKczBGUk1WdytJSW43VzIiLCJtYWMiOiIyNDRiOWQ1MjhlN2UxZWM5ZjZhZWZhOTJjMWRmY2RhOTM0ZmMyY2VmMzEyOTU4YmNjOTYxOTBkN2JmY2M4ZDFhIiwidGFnIjoiIn0%3D; expires=Sun, 05-Feb-2023 19:46:14 GMT; Max-Age=172800; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
web.squarecdn.com/v1/square.js
143.204.55.25200 OK 0 B URL HTTP/2 web.squarecdn.com/v1/square.js
IP 143.204.55.25:0
GET /v1/square.js HTTP/1.1
Host: web.squarecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 300
last-modified: Fri, 27 Jan 2023 17:36:42 GMT
x-amz-meta-websdk-version: 1.45.3
x-amz-meta-md5checksum: wMd6IBA0HtypcA4LKmeiFQ==
x-amz-version-id: Lsk4iM_X6HxlLh0dp4nOZjgAxEWTveG4
server: AmazonS3
content-encoding: gzip
date: Fri, 03 Feb 2023 04:45:03 GMT
cache-control: public, max-age=300
etag: W/"c0c77a2010341edca9700e0b2a67a215"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SriTnQi7nnXK5EqEzamKRSodX54Os5aRVS2bE_WRNCTs4lTD0ubeYQ==
age: 54683
X-Firefox-Spdy: h2
bookme.name/js/embed.js?id=531b7ee77d757ecaf660ab67fc8afea3
159.223.188.136200 OK 0 B URL HTTP/2 bookme.name/js/embed.js?id=531b7ee77d757ecaf660ab67fc8afea3
IP 159.223.188.136:0
ASN #14061 DIGITALOCEAN-ASN
GET /js/embed.js?id=531b7ee77d757ecaf660ab67fc8afea3 HTTP/1.1
Host: bookme.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookme.name/embed/15348/llJWDZ1htQLLYao68IgAMxZvJhJrAi2YV2rahYaYHGlkAMsutqXUwDULhutA?u=https%3A%2F%2Fcarlareeves.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:46:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Jan 2023 17:54:34 GMT
vary: Accept-Encoding
etag: W/"63c19ada-1a9421"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
54.230.111.59200 OK 0 B URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 54.230.111.59:0
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 03 Feb 2023 19:44:42 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HnWPJ3BZYDw7V2eqqOhGmSbgWvhpXUTFct0svbByXrVc852Qb1v2pg==
age: 95
X-Firefox-Spdy: h2
www.carlareeves.com/
141.193.213.20301 Moved Permanently 0 B IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.carlareeves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 19:46:13 GMT
content-type: text/html; charset=UTF-8
location: https://carlareeves.com/
x-redirect-by: WordPress
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793dabdedfd4b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2