forums.a-pink.net/hbb
200 OK 481 B IP
ASN #16125 UAB Cherry Servers
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (481), with no line terminators
Hash eef332f677f6081ce01b8b073f6905e1
3e50d4c58b3b0386a2f7759425048d51c93aeb27
022c47ba0ae2a0d435f4a42e90b8312061b3bec57aea064db91fb764c7bed996
Analyzer Verdict Alert fortinet Phishing
GET /hbb HTTP/1.1
Host: forums.a-pink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
Cache-Control: max-age=0, private, must-revalidate
Content-Length: 481
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Mar 2023 12:50:38 GMT
Server: nginx
Set-Cookie: sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f; path=/; domain=.a-pink.net; expires=Thu, 12 Apr 2091 16:04:45 GMT; max-age=2147483647; HttpOnly
X-Cache: MISS from shluota
X-Cache-Lookup: MISS from shluota:3128
Via: 1.1 shluota (squid)
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4076
Expires: Sat, 25 Mar 2023 13:58:34 GMT
Date: Sat, 25 Mar 2023 12:50:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 13f90146df1d559743af6df15c29b77b
6dd24f60629c39f857e3c996084f4d515cf3f8d0
ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7924
Expires: Sat, 25 Mar 2023 15:02:42 GMT
Date: Sat, 25 Mar 2023 12:50:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4473
Expires: Sat, 25 Mar 2023 14:05:11 GMT
Date: Sat, 25 Mar 2023 12:50:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 12:27:44 GMT
content-type: application/json
age: 1374
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zos3fttQ2kx4rWlpDyVNAYDjlZ5Vud764+1MhX+HFQDG6I2fcJPjcjFIOeL8iFBAUlIAdcY7+fs=
x-amz-request-id: HH3VSHAZYQXW9Y7C
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 12:00:46 GMT
age: 2992
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 12:50:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
forums.a-pink.net/favicon.ico
404 Not Found 9 B URL HTTP/1.1 forums.a-pink.net/favicon.ico
IP
ASN #16125 UAB Cherry Servers
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: forums.a-pink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://forums.a-pink.net/hbb
Cookie: sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f
HTTP/1.1 404 Not Found
Cache-Control: max-age=0, private, must-revalidate
Content-Length: 9
Date: Sat, 25 Mar 2023 12:50:38 GMT
Server: nginx
X-Cache: MISS from shluota
X-Cache-Lookup: MISS from shluota:3128
Via: 1.1 shluota (squid)
Connection: keep-alive
forums.a-pink.net/hbb?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc1NTgzOCwiaWF0IjoxNjc5NzQ4NjM4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxa3Y1cHFlZjVrOXY5dnMxOHUzZWEiLCJuYmYiOjE2Nzk3NDg2MzgsInRzIjoxNjc5NzQ4NjM4NzAyNzM2fQ.57bxmQgRr_Ws4X2sfpzNU3Q1gFxxl8H8RnJ-kRjqwKo&sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f
302 Found 11 B URL HTTP/1.1 forums.a-pink.net/hbb?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc1NTgzOCwiaWF0IjoxNjc5NzQ4NjM4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxa3Y1cHFlZjVrOXY5dnMxOHUzZWEiLCJuYmYiOjE2Nzk3NDg2MzgsInRzIjoxNjc5NzQ4NjM4NzAyNzM2fQ.57bxmQgRr_Ws4X2sfpzNU3Q1gFxxl8H8RnJ-kRjqwKo&sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f
IP
ASN #16125 UAB Cherry Servers
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /hbb?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc1NTgzOCwiaWF0IjoxNjc5NzQ4NjM4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxa3Y1cHFlZjVrOXY5dnMxOHUzZWEiLCJuYmYiOjE2Nzk3NDg2MzgsInRzIjoxNjc5NzQ4NjM4NzAyNzM2fQ.57bxmQgRr_Ws4X2sfpzNU3Q1gFxxl8H8RnJ-kRjqwKo&sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f HTTP/1.1
Host: forums.a-pink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://forums.a-pink.net/hbb
Cookie: sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: max-age=0, private, must-revalidate
Content-Length: 11
Date: Sat, 25 Mar 2023 12:50:38 GMT
Location: http://btpnative.com/click?data=cUFOUUNFeGx0cUZORklIQUFJRUdFMVpnSzQ2NnVMeU9oVFhGNFUtOU15RkRZTjlweVZaTG90YnQyZHN3QTV3akxta0ZJbTQ4TlBTb0tidEZnUGFlWUtqR3lTNkN4TjF3bmJkTWs3aGRUTmoxMWhvcnZ5bVZpRlFXeU93RHF3Nnkta3QtaHRvSlJGWDN3N21DcG5LMzBRMg2&id=53f9cbbb-4146-4793-b64a-b6cbef27c6dc
Server: nginx
Set-Cookie: sid=a4b89f74-cb0b-11ed-84e6-ed1eff05f18f; path=/; domain=.a-pink.net; expires=Thu, 12 Apr 2091 16:04:46 GMT; max-age=2147483647; HttpOnly
X-Cache: MISS from shluota
X-Cache-Lookup: MISS from shluota:3128
Via: 1.1 shluota (squid)
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 12:14:33 GMT
age: 2166
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
btpnative.com/click?data=cUFOUUNFeGx0cUZORklIQUFJRUdFMVpnSzQ2NnVMeU9oVFhGNFUtOU15RkRZTjlweVZaTG90YnQyZHN3QTV3akxta0ZJbTQ4TlBTb0tidEZnUGFlWUtqR3lTNkN4TjF3bmJkTWs3aGRUTmoxMWhvcnZ5bVZpRlFXeU93RHF3Nnkta3QtaHRvSlJGWDN3N21DcG5LMzBRMg2&id=53f9cbbb-4146-4793-b64a-b6cbef27c6dc
200 OK 5.4 kB URL HTTP/1.1 btpnative.com/click?data=cUFOUUNFeGx0cUZORklIQUFJRUdFMVpnSzQ2NnVMeU9oVFhGNFUtOU15RkRZTjlweVZaTG90YnQyZHN3QTV3akxta0ZJbTQ4TlBTb0tidEZnUGFlWUtqR3lTNkN4TjF3bmJkTWs3aGRUTmoxMWhvcnZ5bVZpRlFXeU93RHF3Nnkta3QtaHRvSlJGWDN3N21DcG5LMzBRMg2&id=53f9cbbb-4146-4793-b64a-b6cbef27c6dc
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (320), with CRLF line terminators
Hash 6b1b13da5ceafc9625c43b94e689a3d6
fdcb15c75433ab6c59f8c3e413ad3da06998ccf9
f52d492616754a7cd0e98eb66724c83bbcf11b1e9b66c5a177bc919aae7ba82d
GET /click?data=cUFOUUNFeGx0cUZORklIQUFJRUdFMVpnSzQ2NnVMeU9oVFhGNFUtOU15RkRZTjlweVZaTG90YnQyZHN3QTV3akxta0ZJbTQ4TlBTb0tidEZnUGFlWUtqR3lTNkN4TjF3bmJkTWs3aGRUTmoxMWhvcnZ5bVZpRlFXeU93RHF3Nnkta3QtaHRvSlJGWDN3N21DcG5LMzBRMg2&id=53f9cbbb-4146-4793-b64a-b6cbef27c6dc HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://forums.a-pink.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: JLjCOhDazoBNjfd=JLjCOhDazoBNjfd; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sat, 25 Mar 2023 12:50:39 GMT
Content-Length: 5412
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 25 Mar 2023 14:41:28 GMT
Date: Sat, 25 Mar 2023 12:50:39 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FviSS0ggIklfdUSu94vARQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HWoOW2V3mvTON7m6JMZ+LcqPp7o=
btpnative.com/Redirect/
302 Found 1.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1744), with CRLF line terminators
Hash dd961af77270cce4faf4673031437ea1
956cebfdc019305e562cf4f7a1cf9107c39027cd
603cc7debe78365f344a7983c001607bd2b3462c425c1fa57c41971478f07acb
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=cUFOUUNFeGx0cUZORklIQUFJRUdFMVpnSzQ2NnVMeU9oVFhGNFUtOU15RkRZTjlweVZaTG90YnQyZHN3QTV3akxta0ZJbTQ4TlBTb0tidEZnUGFlWUtqR3lTNkN4TjF3bmJkTWs3aGRUTmoxMWhvcnZ5bVZpRlFXeU93RHF3Nnkta3QtaHRvSlJGWDN3N21DcG5LMzBRMg2&id=53f9cbbb-4146-4793-b64a-b6cbef27c6dc
Cookie: JLjCOhDazoBNjfd=JLjCOhDazoBNjfd
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://myckdom.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_Yk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSfdMBTkWi0ejOPWtOxnWPIiDkQ1xwtWFdhA3w2oTb0SpNSpz4JJ4Xf6M6YwEUV5yZ_B_WrUcb758LGHytzqH8I_NovtHx-NxeHQEU5w3c5v2EfDR1eauKit7CwGwqYG44UmR8iMGumIYsysYp3_OsuqjuHDiiNWgzlNwOKBFAAiVKSAdBDh-RB0RXTo4SV5hXYBGAibzbP-E_KjnuYsHs7IHHhNAvaRv2ek0I-Pgji-1ld7fGPk238o_j59zDutLVLDCmzHiMOTwCIshs-pBcrXHseMg7ptxVl_wDn2vLcBwUV2Ku3VMAYWa7nP6L8pH7lvUkjVPqAiRXR0xjraOsxJuG1lD7lmNM3XTrxNtGKIrHcMUHQCRgZiXIn1JOXQc3Ol90Dpkyj1L-gJr2eOX7yXc0lrd4vxVNG1V46MCtONM_MFh0mA0JcgQbhHSIXMYY0BGLRANY3I1nswNK5YhUpeulv5JCxSPiJ7GhI2E8k35E7XqZPewdAEwIpKgqiQbtwRm5AstJH3X2SUjg5s4fGhFclte7v93f1fHiUbBRfoC4cJPczfHppRbxV0k8w-a8tdjr_ZruvJqTRYG1e6n9Bcth9GabMfLhUXJstCC4zCAlaoCm0QdCWdAYROvdvINI3yU1QZXmZVr3cAsvKUP1x0xDogT3P593OLvQqjtmGDf03axtODwZWe0BVXnYl9GsewdX7MlEvFdlh5ShcpasALK6MjGjHTiTs_Vb_Z31kmMuaOmdCRHzOuZEh0fMDLHlOSJpc54EYeSYVhbozP732w5qtStFntqs6nbeokS98U9qpm8VyjcchVE5dc5lvxSixQvg7POC8t_xp0pB-U5YPQS3rDhxEdKsyVwwM1EhWsVUKClzy1Vawm_jLn3mXg4KJEw3VJHgY2QIN9M2jx1UtbZes5sMWJmUS43XbTYL3bLxSsABYJaIqfmUOQHSIH6DhPCRfNIPBHDDC5blB6GQ5jIzzh0hp6ogHG6HdbghCSY1pakVX_qAQegsDPukCnpfbn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQXuW-A6veoE_EtW0ofBPb1fIb3rLfDWc3_b_Gpk1DjqcwuIa5K5WqE87ncelwQN_V1XDJke6PV-ziFE6hRXoHpc_lgZs9TkhIb_Wnra4EyI06J_PiFvmA1hJI-E5q91nuEV99_H0CTqa1fKcakikKw4NcJpJu990BLQ9wRz3bSYlmG_pg-Im2cIU-YixfzdtNK_Tx9FuDggti8DapCAIpAFHQ8QG7A7z_8W276R1FxCsY9D8FpX5xXs7kHdy13Mi-MABO8ZLM-7QEj975dZPgAXnkEZStNimXIXTObTMo1edDf9feIivAoV5Rd5o_S4YWugPPD6blD5OGErhhYlhO9MKlXdYRr3fKrna3QhlvY5pN2pxQYq9neVQklreyOAEenq3YN_0ZLzziFE6hRXoHqkhnmYCwV-vmWSQsQHXjql
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sat, 25 Mar 2023 12:50:39 GMT
Content-Length: 1816
ocsp.sectigo.com/
200 OK 471 B IP
Hash ab51ece7a88f517eeadb58b0b481d832
2d91ca690239cefd1596d35a52c2e15a3149d3e0
cdb3374cf42c7a1140043539809d8f703480693f3ba81d8bb2b04eca60832a2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 12:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 18:29:28 GMT
Expires: Wed, 29 Mar 2023 18:29:27 GMT
Etag: "2d91ca690239cefd1596d35a52c2e15a3149d3e0"
Cache-Control: max-age=365326,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad747ea2f0db515-OSL
myckdom.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_Yk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSfdMBTkWi0ejOPWtOxnWPIiDkQ1xwtWFdhA3w2oTb0SpNSpz4JJ4Xf6M6YwEUV5yZ_B_WrUcb758LGHytzqH8I_NovtHx-NxeHQEU5w3c5v2EfDR1eauKit7CwGwqYG44UmR8iMGumIYsysYp3_OsuqjuHDiiNWgzlNwOKBFAAiVKSAdBDh-RB0RXTo4SV5hXYBGAibzbP-E_KjnuYsHs7IHHhNAvaRv2ek0I-Pgji-1ld7fGPk238o_j59zDutLVLDCmzHiMOTwCIshs-pBcrXHseMg7ptxVl_wDn2vLcBwUV2Ku3VMAYWa7nP6L8pH7lvUkjVPqAiRXR0xjraOsxJuG1lD7lmNM3XTrxNtGKIrHcMUHQCRgZiXIn1JOXQc3Ol90Dpkyj1L-gJr2eOX7yXc0lrd4vxVNG1V46MCtONM_MFh0mA0JcgQbhHSIXMYY0BGLRANY3I1nswNK5YhUpeulv5JCxSPiJ7GhI2E8k35E7XqZPewdAEwIpKgqiQbtwRm5AstJH3X2SUjg5s4fGhFclte7v93f1fHiUbBRfoC4cJPczfHppRbxV0k8w-a8tdjr_ZruvJqTRYG1e6n9Bcth9GabMfLhUXJstCC4zCAlaoCm0QdCWdAYROvdvINI3yU1QZXmZVr3cAsvKUP1x0xDogT3P593OLvQqjtmGDf03axtODwZWe0BVXnYl9GsewdX7MlEvFdlh5ShcpasALK6MjGjHTiTs_Vb_Z31kmMuaOmdCRHzOuZEh0fMDLHlOSJpc54EYeSYVhbozP732w5qtStFntqs6nbeokS98U9qpm8VyjcchVE5dc5lvxSixQvg7POC8t_xp0pB-U5YPQS3rDhxEdKsyVwwM1EhWsVUKClzy1Vawm_jLn3mXg4KJEw3VJHgY2QIN9M2jx1UtbZes5sMWJmUS43XbTYL3bLxSsABYJaIqfmUOQHSIH6DhPCRfNIPBHDDC5blB6GQ5jIzzh0hp6ogHG6HdbghCSY1pakVX_qAQegsDPukCnpfbn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQXuW-A6veoE_EtW0ofBPb1fIb3rLfDWc3_b_Gpk1DjqcwuIa5K5WqE87ncelwQN_V1XDJke6PV-ziFE6hRXoHpc_lgZs9TkhIb_Wnra4EyI06J_PiFvmA1hJI-E5q91nuEV99_H0CTqa1fKcakikKw4NcJpJu990BLQ9wRz3bSYlmG_pg-Im2cIU-YixfzdtNK_Tx9FuDggti8DapCAIpAFHQ8QG7A7z_8W276R1FxCsY9D8FpX5xXs7kHdy13Mi-MABO8ZLM-7QEj975dZPgAXnkEZStNimXIXTObTMo1edDf9feIivAoV5Rd5o_S4YWugPPD6blD5OGErhhYlhO9MKlXdYRr3fKrna3QhlvY5pN2pxQYq9neVQklreyOAEenq3YN_0ZLzziFE6hRXoHqkhnmYCwV-vmWSQsQHXjql
302 Found 0 B URL HTTP/2 myckdom.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_Yk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSfdMBTkWi0ejOPWtOxnWPIiDkQ1xwtWFdhA3w2oTb0SpNSpz4JJ4Xf6M6YwEUV5yZ_B_WrUcb758LGHytzqH8I_NovtHx-NxeHQEU5w3c5v2EfDR1eauKit7CwGwqYG44UmR8iMGumIYsysYp3_OsuqjuHDiiNWgzlNwOKBFAAiVKSAdBDh-RB0RXTo4SV5hXYBGAibzbP-E_KjnuYsHs7IHHhNAvaRv2ek0I-Pgji-1ld7fGPk238o_j59zDutLVLDCmzHiMOTwCIshs-pBcrXHseMg7ptxVl_wDn2vLcBwUV2Ku3VMAYWa7nP6L8pH7lvUkjVPqAiRXR0xjraOsxJuG1lD7lmNM3XTrxNtGKIrHcMUHQCRgZiXIn1JOXQc3Ol90Dpkyj1L-gJr2eOX7yXc0lrd4vxVNG1V46MCtONM_MFh0mA0JcgQbhHSIXMYY0BGLRANY3I1nswNK5YhUpeulv5JCxSPiJ7GhI2E8k35E7XqZPewdAEwIpKgqiQbtwRm5AstJH3X2SUjg5s4fGhFclte7v93f1fHiUbBRfoC4cJPczfHppRbxV0k8w-a8tdjr_ZruvJqTRYG1e6n9Bcth9GabMfLhUXJstCC4zCAlaoCm0QdCWdAYROvdvINI3yU1QZXmZVr3cAsvKUP1x0xDogT3P593OLvQqjtmGDf03axtODwZWe0BVXnYl9GsewdX7MlEvFdlh5ShcpasALK6MjGjHTiTs_Vb_Z31kmMuaOmdCRHzOuZEh0fMDLHlOSJpc54EYeSYVhbozP732w5qtStFntqs6nbeokS98U9qpm8VyjcchVE5dc5lvxSixQvg7POC8t_xp0pB-U5YPQS3rDhxEdKsyVwwM1EhWsVUKClzy1Vawm_jLn3mXg4KJEw3VJHgY2QIN9M2jx1UtbZes5sMWJmUS43XbTYL3bLxSsABYJaIqfmUOQHSIH6DhPCRfNIPBHDDC5blB6GQ5jIzzh0hp6ogHG6HdbghCSY1pakVX_qAQegsDPukCnpfbn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQXuW-A6veoE_EtW0ofBPb1fIb3rLfDWc3_b_Gpk1DjqcwuIa5K5WqE87ncelwQN_V1XDJke6PV-ziFE6hRXoHpc_lgZs9TkhIb_Wnra4EyI06J_PiFvmA1hJI-E5q91nuEV99_H0CTqa1fKcakikKw4NcJpJu990BLQ9wRz3bSYlmG_pg-Im2cIU-YixfzdtNK_Tx9FuDggti8DapCAIpAFHQ8QG7A7z_8W276R1FxCsY9D8FpX5xXs7kHdy13Mi-MABO8ZLM-7QEj975dZPgAXnkEZStNimXIXTObTMo1edDf9feIivAoV5Rd5o_S4YWugPPD6blD5OGErhhYlhO9MKlXdYRr3fKrna3QhlvY5pN2pxQYq9neVQklreyOAEenq3YN_0ZLzziFE6hRXoHqkhnmYCwV-vmWSQsQHXjql
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_Yk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSfdMBTkWi0ejOPWtOxnWPIiDkQ1xwtWFdhA3w2oTb0SpNSpz4JJ4Xf6M6YwEUV5yZ_B_WrUcb758LGHytzqH8I_NovtHx-NxeHQEU5w3c5v2EfDR1eauKit7CwGwqYG44UmR8iMGumIYsysYp3_OsuqjuHDiiNWgzlNwOKBFAAiVKSAdBDh-RB0RXTo4SV5hXYBGAibzbP-E_KjnuYsHs7IHHhNAvaRv2ek0I-Pgji-1ld7fGPk238o_j59zDutLVLDCmzHiMOTwCIshs-pBcrXHseMg7ptxVl_wDn2vLcBwUV2Ku3VMAYWa7nP6L8pH7lvUkjVPqAiRXR0xjraOsxJuG1lD7lmNM3XTrxNtGKIrHcMUHQCRgZiXIn1JOXQc3Ol90Dpkyj1L-gJr2eOX7yXc0lrd4vxVNG1V46MCtONM_MFh0mA0JcgQbhHSIXMYY0BGLRANY3I1nswNK5YhUpeulv5JCxSPiJ7GhI2E8k35E7XqZPewdAEwIpKgqiQbtwRm5AstJH3X2SUjg5s4fGhFclte7v93f1fHiUbBRfoC4cJPczfHppRbxV0k8w-a8tdjr_ZruvJqTRYG1e6n9Bcth9GabMfLhUXJstCC4zCAlaoCm0QdCWdAYROvdvINI3yU1QZXmZVr3cAsvKUP1x0xDogT3P593OLvQqjtmGDf03axtODwZWe0BVXnYl9GsewdX7MlEvFdlh5ShcpasALK6MjGjHTiTs_Vb_Z31kmMuaOmdCRHzOuZEh0fMDLHlOSJpc54EYeSYVhbozP732w5qtStFntqs6nbeokS98U9qpm8VyjcchVE5dc5lvxSixQvg7POC8t_xp0pB-U5YPQS3rDhxEdKsyVwwM1EhWsVUKClzy1Vawm_jLn3mXg4KJEw3VJHgY2QIN9M2jx1UtbZes5sMWJmUS43XbTYL3bLxSsABYJaIqfmUOQHSIH6DhPCRfNIPBHDDC5blB6GQ5jIzzh0hp6ogHG6HdbghCSY1pakVX_qAQegsDPukCnpfbn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQXuW-A6veoE_EtW0ofBPb1fIb3rLfDWc3_b_Gpk1DjqcwuIa5K5WqE87ncelwQN_V1XDJke6PV-ziFE6hRXoHpc_lgZs9TkhIb_Wnra4EyI06J_PiFvmA1hJI-E5q91nuEV99_H0CTqa1fKcakikKw4NcJpJu990BLQ9wRz3bSYlmG_pg-Im2cIU-YixfzdtNK_Tx9FuDggti8DapCAIpAFHQ8QG7A7z_8W276R1FxCsY9D8FpX5xXs7kHdy13Mi-MABO8ZLM-7QEj975dZPgAXnkEZStNimXIXTObTMo1edDf9feIivAoV5Rd5o_S4YWugPPD6blD5OGErhhYlhO9MKlXdYRr3fKrna3QhlvY5pN2pxQYq9neVQklreyOAEenq3YN_0ZLzziFE6hRXoHqkhnmYCwV-vmWSQsQHXjql HTTP/1.1
Host: myckdom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 25 Mar 2023 12:50:40 GMT
content-length: 0
set-cookie: rhid=83016458870; Max-Age=15552000; Expires=Thu, 21-Sep-2023 12:50:40 GMT; Domain=myckdom.com; Path=/; SameSite=None; secure;
location: https://p274639.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChC5hDsybdwKSnp6eIXedEm_xLFHNcoylpRFSeAwOPlII0R1WWxcf3MF3hJYdHYfK5yLJiR6-4QdbqCuGOQw5xSEc-cbxrmXQ7BGkc7vik0RaEzPpTDrDKFQlMKlXdYRr3fP--aMmf-B-yXTbFgosQ8dORKpxkQO62n8jPOHSGnqiAcbod1uCEJJjWlqRVf-oBB5dyjQOXa3jI5DGbd_IM9PQCozyvMhv4-OkZB1EWdgzHUYhV1QiHNxae2-kMvWtZh04izcTTY_t9cOKGBhPByuIMEbij53VofwFIIXioy0OisAjKIsa6aWJfV7tdqQjCUiP7mk1bIMnLBZz1BpWIiT2uYVWZSLJCrAhT5iLF_N20XGEEi5m-gY--wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVUWNFyyPsNurVo64vPAXoOmaJ1nv1bZfR2IBu2n015Mg&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSg3WlHKlDfo0rmuk67xLYdhhcZwUB2EhWs3YpRDT5sBDEFMwM_e4G_sz5hnSmFaI-6CBT0V0oNkpkGYDDXk3Utg&si=1&oref=f59039a5be97191060d24594b8f4d8a6&optunit=S7Kv9zNgyHA8eMV2Wad0bQ&rb=ntzDoPN7Tjk&rr=0&abtg=0
X-Firefox-Spdy: h2
p274639.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChC5hDsybdwKSnp6eIXedEm_xLFHNcoylpRFSeAwOPlII0R1WWxcf3MF3hJYdHYfK5yLJiR6-4QdbqCuGOQw5xSEc-cbxrmXQ7BGkc7vik0RaEzPpTDrDKFQlMKlXdYRr3fP--aMmf-B-yXTbFgosQ8dORKpxkQO62n8jPOHSGnqiAcbod1uCEJJjWlqRVf-oBB5dyjQOXa3jI5DGbd_IM9PQCozyvMhv4-OkZB1EWdgzHUYhV1QiHNxae2-kMvWtZh04izcTTY_t9cOKGBhPByuIMEbij53VofwFIIXioy0OisAjKIsa6aWJfV7tdqQjCUiP7mk1bIMnLBZz1BpWIiT2uYVWZSLJCrAhT5iLF_N20XGEEi5m-gY--wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVUWNFyyPsNurVo64vPAXoOmaJ1nv1bZfR2IBu2n015Mg&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSg3WlHKlDfo0rmuk67xLYdhhcZwUB2EhWs3YpRDT5sBDEFMwM_e4G_sz5hnSmFaI-6CBT0V0oNkpkGYDDXk3Utg&si=1&oref=f59039a5be97191060d24594b8f4d8a6&optunit=S7Kv9zNgyHA8eMV2Wad0bQ&rb=ntzDoPN7Tjk&rr=0&abtg=0
302 Found 0 B URL HTTP/2 p274639.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChC5hDsybdwKSnp6eIXedEm_xLFHNcoylpRFSeAwOPlII0R1WWxcf3MF3hJYdHYfK5yLJiR6-4QdbqCuGOQw5xSEc-cbxrmXQ7BGkc7vik0RaEzPpTDrDKFQlMKlXdYRr3fP--aMmf-B-yXTbFgosQ8dORKpxkQO62n8jPOHSGnqiAcbod1uCEJJjWlqRVf-oBB5dyjQOXa3jI5DGbd_IM9PQCozyvMhv4-OkZB1EWdgzHUYhV1QiHNxae2-kMvWtZh04izcTTY_t9cOKGBhPByuIMEbij53VofwFIIXioy0OisAjKIsa6aWJfV7tdqQjCUiP7mk1bIMnLBZz1BpWIiT2uYVWZSLJCrAhT5iLF_N20XGEEi5m-gY--wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVUWNFyyPsNurVo64vPAXoOmaJ1nv1bZfR2IBu2n015Mg&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSg3WlHKlDfo0rmuk67xLYdhhcZwUB2EhWs3YpRDT5sBDEFMwM_e4G_sz5hnSmFaI-6CBT0V0oNkpkGYDDXk3Utg&si=1&oref=f59039a5be97191060d24594b8f4d8a6&optunit=S7Kv9zNgyHA8eMV2Wad0bQ&rb=ntzDoPN7Tjk&rr=0&abtg=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adServe/domainClick?ai=tMxzWfm12LrB73mbsvChC5hDsybdwKSnp6eIXedEm_xLFHNcoylpRFSeAwOPlII0R1WWxcf3MF3hJYdHYfK5yLJiR6-4QdbqCuGOQw5xSEc-cbxrmXQ7BGkc7vik0RaEzPpTDrDKFQlMKlXdYRr3fP--aMmf-B-yXTbFgosQ8dORKpxkQO62n8jPOHSGnqiAcbod1uCEJJjWlqRVf-oBB5dyjQOXa3jI5DGbd_IM9PQCozyvMhv4-OkZB1EWdgzHUYhV1QiHNxae2-kMvWtZh04izcTTY_t9cOKGBhPByuIMEbij53VofwFIIXioy0OisAjKIsa6aWJfV7tdqQjCUiP7mk1bIMnLBZz1BpWIiT2uYVWZSLJCrAhT5iLF_N20XGEEi5m-gY--wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVUWNFyyPsNurVo64vPAXoOmaJ1nv1bZfR2IBu2n015Mg&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSg3WlHKlDfo0rmuk67xLYdhhcZwUB2EhWs3YpRDT5sBDEFMwM_e4G_sz5hnSmFaI-6CBT0V0oNkpkGYDDXk3Utg&si=1&oref=f59039a5be97191060d24594b8f4d8a6&optunit=S7Kv9zNgyHA8eMV2Wad0bQ&rb=ntzDoPN7Tjk&rr=0&abtg=0 HTTP/1.1
Host: p274639.myckdom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=83016458870
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 25 Mar 2023 12:50:40 GMT
content-length: 0
set-cookie: rhid=83016458870; Max-Age=15552000; Expires=Thu, 21-Sep-2023 12:50:40 GMT; Domain=myckdom.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274639-526101030-A0PINK.NET_ts_1679748640; Max-Age=3600; Expires=Sat, 25-Mar-2023 13:50:40 GMT; Domain=myckdom.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2
myfood.ltd/?v=20171031&s1=0
200 OK 2.9 kB URL HTTP/2 myfood.ltd/?v=20171031&s1=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6859), with no line terminators
Hash 029ccb01ef612a9e6748494c60d24b69
d385f7671725be11701998c27571e94b1950f991
7ac429dc45b509b1bed9bdcdc5610868d510d979ce3cc06d48870511bf0425f5
GET /?v=20171031&s1=0 HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 2896
content-type: text/html
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb731-1ad4"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds236.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/css/style.css
200 OK 19 kB URL HTTP/2 myfood.ltd/main/css/style.css
IP
File type Unicode text, UTF-8 text, with very long lines (65134), with no line terminators
Hash a95a0c8bd1273406b8c8053fb3527d56
2a461dcfa2c4bf1d22727bfd7c3c2abc85d44343
55b46146d32f4ee365d4ca91d8b3b1c504a062b15bbc1ed60a22ac2d05be1db5
GET /main/css/style.css HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 18933
content-type: text/css
last-modified: Mon, 01 Mar 2021 09:43:15 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb733-1b1ac"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds261.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_1.jpg
200 OK 74 kB URL HTTP/2 myfood.ltd/images/Superfood_1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x420, components 3\012- data
Hash c2c3ec0e55e648c2a85d4499714a9c11
073f2990a52da59a7d3b73583b30be3c2cf45523
b66cf7365382753dc6340bfa2fba89c368ca3b930a0833d8f64c4c34525fc2ec
GET /images/Superfood_1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-length: 74204
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-121dc"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds247.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_2.jpg
200 OK 52 kB URL HTTP/2 myfood.ltd/images/Superfood_2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x341, components 3\012- data
Hash b87af7248a82f58fe2ea5d0c7b030886
1d5a5b9752d7978c68b0d4a1689b3d8e6d322f0a
14da8c39c357dad0441b26d575c0000a9529c76d785680306a3cf51abe4cae81
GET /images/Superfood_2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-length: 51830
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: "603cb731-ca76"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds220.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-1.jpg
200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash 62d0b6a649ac10e72bcb6ea3bbf57564
3e333889b0b66bfc6a32499f4c55878e2102b463
58dddc0a77632d920d096da6c6e2587c5859a4b4dd7af6dcd6eb8009ebc23ba6
GET /images/avatar-1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-length: 11304
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-2c28"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds218.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-2.jpg
200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash dd3881ed1b5b03b1d571edf89e12c466
61ca68c1c2d2ae7d286dfc0540f4ca8b357fdf3d
97b65e41dd547b310e1e860d2ae4717dba1d97bd36c0cd06c35749caa515e207
GET /images/avatar-2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-length: 10665
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-29a9"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds202.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/js/main.js
200 OK 39 kB URL HTTP/2 myfood.ltd/main/js/main.js
IP
File type Unicode text, UTF-8 text, with very long lines (60220)
Hash 181e3fa3b1de97ff4efd259bc2a2c8c7
52edf1dc36109cb57bea12689a48442e27f06ad1
ffa8984bea3bf0c0a0cb282e9a5a98b3435e63fb6a26dfe0351979fa9f827c40
GET /main/js/main.js HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:40 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 38656
content-type: application/javascript
last-modified: Mon, 01 Mar 2021 09:43:14 GMT
accept-ranges: bytes
server: nginx
etag: "603cb732-1d57b"
x-hw: 1679748640.cds238.sk1.hn,1679748640.cds228.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 12:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 12:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:27:12 GMT
expires: Sat, 23 Mar 2024 10:27:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
age: 95009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
GET /s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:27:12 GMT
expires: Sat, 23 Mar 2024 10:27:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
content-type: font/woff2
age: 95009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
myfood.ltd/favicon.ico
200 OK 1.2 kB IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b671b0407b8abf4ffb9946ee1596d992
79a116ffd13f1888451abd3cb8751cb2140f2fa4
1515616a51664df153b03397585ee45469cb936100992f870419514b17820649
GET /favicon.ico HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 12:50:41 GMT
cache-control: max-age=30
content-length: 1150
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 14:00:16 GMT
accept-ranges: bytes
server: nginx
etag: "5abb9ff0-47e"
x-hw: 1679748641.cds238.sk1.hn,1679748641.cds240.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 12:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 12:50:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 12:50:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 12:50:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 12:50:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 12:50:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 08:51:06 GMT
age: 14375
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70169fbc493bf12f91f072aa3a30ddde
4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d
8b5fc3c8421d5696522231c3490a0853709897f5c9b645bd5e84398cf84089aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12071
x-amzn-requestid: 02bb2a93-c0aa-4d43-aa99-759a0418bc20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfGHYoAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-2258162e1901b5cd6e7144d3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: JviLRALJFla17_jzjfSJ_krfBT1kOqoPPt03e8ymXPQGRlLXmrERsQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 54613
etag: "4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 54613
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:18 GMT
age: 54623
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tMnTFkK-AtSlEsQskvoxwwCjddndz5GBLHiV5RHi3QumyL6MVC9ovg==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 54613
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ogff88YPb_ia9BPyBI0afIy9cWym7eDnXHKykpTS3NVG4EY_SUENDA==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
age: 54613
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
93.115.28.104
142.250.74.131
95.101.11.115
192.99.158.241